www.zdnet.com Open in urlscan Pro
2a04:4e42:4c::666  Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request / Show response www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/	349 KB 83 KB	919ms 604ms	Document text/html	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d199ab84f10ee3a27bdb9790942a0aa053d621aadb2c725caf96063ac0bfb514 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ranges bytes cache-control max-age=7200, private content-encoding gzip content-length 84040 content-security-policy frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:; content-type text/html; charset=utf-8 date Sun, 11 Aug 2024 16:08:17 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding, User-Agent x-frame-options SAMEORIGIN
GET H2	200	bidbarrel-zdnet-rv.min.js Show response at.adtech.redventures.io/lib/dist/prod/	680 KB 202 KB	97ms 31ms	Script text/javascript	151.101.194.154 FASTLY
General Check archive.org Show headers Download Go to Full URL https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-zdnet-rv.min.js?adaptive=true Requested by Host: www.zdnet.com URL: https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.194.154 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a130b10288b76099db9cefc5c0caeb89b3bb6e4209b140125129305ac1e1137c Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:17 GMT via 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront), 1.1 varnish content-encoding gzip x-amz-cf-pop FRA60-P10 age 306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront, HIT content-length 206645 x-served-by cache-fra-etou8220142-FRA last-modified Fri, 12 Jul 2024 15:57:19 GMT server AmazonS3 x-timer S1723392498.928197,VS0,VE4 etag "9737d585f68b8a60dd228d0390ecea4e" vary Accept-Encoding, Origin content-type text/javascript cache-control max-age=900, public, must-revalidate accept-ranges bytes x-amz-cf-id hmO3eXfqIZciyqcxbIeaOL77uyaND614aPhLeAYIo62HGwc2sPLenA== x-cache-hits 1
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 7 KB	84ms 32ms	Script application/javascript	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 11 Aug 2024 16:08:17 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 Wbr2pAeg61Hfi+2FuD0cYA== age 30330 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 6882 x-ms-lease-status unlocked last-modified Thu, 08 Aug 2024 20:27:00 GMT server cloudflare etag 0x8DCB7E874D2EB3B vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id fc958ea1-c01e-0099-508c-ea1c48000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8b197bc7ec053685-FRA
GET H2	200	Semibold.woff2 www.zdnet.com/a/neutron/fonts/SuisseIntl/	17 KB 18 KB	22ms 21ms	Font font/woff2	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/fonts/SuisseIntl/Semibold.woff2 Requested by Host: www.zdnet.com URL: https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 332a0f26bdc13ba2837984cf024040019c97ddaec5501356ce3970ec4e124d0d Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Origin https://www.zdnet.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:17 GMT content-security-policy default-src https://*.zdnet.com:* strict-transport-security max-age=63072000; includeSubDomains; preload content-length 17640 x-xss-protection 1; mode=block last-modified Mon, 12 Feb 2024 18:43:06 GMT etag "e75409685dfbca349be2efde7007d56b" x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type font/woff2 access-control-allow-origin * access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control max-age=604800 accept-ranges bytes timing-allow-origin * expires Thu, 22 Feb 2024 02:28:41 GMT
GET H2	200	Regular.woff2 www.zdnet.com/a/neutron/fonts/SuisseIntl/	17 KB 17 KB	34ms 34ms	Font font/woff2	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/fonts/SuisseIntl/Regular.woff2 Requested by Host: www.zdnet.com URL: https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash bfa8da72e8d895c5fbe216a4182390481510ef1a15e2e5e0099931882918b9f5 Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Origin https://www.zdnet.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:17 GMT content-security-policy default-src https://*.zdnet.com:* strict-transport-security max-age=63072000; includeSubDomains; preload content-length 17228 x-xss-protection 1; mode=block last-modified Wed, 20 Sep 2023 13:34:15 GMT etag "5ff578be98a31a99629e8169b3c904de" x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type font/woff2 access-control-allow-origin * access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control max-age=604800 accept-ranges bytes timing-allow-origin * expires Tue, 03 Oct 2023 06:09:25 GMT
GET H2	200	cohesion-latest.min.js Show response cdn.cohesionapps.com/cohesion/	122 KB 33 KB	97ms 28ms	Script text/javascript	18.173.154.114 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.154.114 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-154-114.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 7408764ecd2e36022ee69f407d2da559c5efe25c9ee79a6625391ee35e8750a6 Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-amz-version-id null content-encoding gzip via 1.1 67b5b59d34e71a36a3955bf957ea9ed2.cloudfront.net (CloudFront) date Sun, 11 Aug 2024 02:41:07 GMT last-modified Tue, 16 Jul 2024 12:29:21 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 age 48800 x-amz-server-side-encryption AES256 etag W/"d0e8dea2165ba25ec6900439d2ff6384" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript x-amz-cf-id UGrW19zuRy5ld8s2VA1mJCXAd0qMk2E9Fd-DQgucTqhUj_M38ewrCw==
GET H2	200	general.jpg www.zdnet.com/a/neutron/images/error/	186 KB 187 KB	23ms 22ms	Image image/jpeg	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.zdnet.com/a/neutron/images/error/general.jpg Requested by Host: www.zdnet.com URL: https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d60df2e1cb2c2b76384af3512519948ac3503089cc80c0f37edf6790757fb52e Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:17 GMT content-security-policy default-src https://*.zdnet.com:* strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Mon, 05 Aug 2024 16:18:00 GMT x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 190807 x-xss-protection 1; mode=block expires Fri, 16 Aug 2024 08:31:55 GMT
GET H2	200	51f449b.modern.js Show response www.zdnet.com/a/neutron/	4 KB 2 KB	38ms 34ms	Script application/javascript	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/51f449b.modern.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 8ca4263befbc4372015567607c714d02a849d5764e18d26ee4348db07e03129b Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Origin https://www.zdnet.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:17 GMT content-encoding gzip content-security-policy default-src https://*.zdnet.com:* strict-transport-security max-age=63072000; includeSubDomains; preload content-length 2298 x-xss-protection 1; mode=block last-modified Mon, 05 Aug 2024 16:17:54 GMT etag "f35ae7e73e86f42f87d400b97bc41803" x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control max-age=604800,no-transform accept-ranges bytes expires Mon, 12 Aug 2024 16:20:06 GMT
GET H2	200	11a45a0.modern.js Show response www.zdnet.com/a/neutron/	2 KB 1 KB	39ms 35ms	Script application/javascript	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/11a45a0.modern.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4562aa437a96d705f2f76953ca1be2afbf5795668110b5ccca360afd05d2455c Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Origin https://www.zdnet.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:17 GMT content-encoding gzip content-security-policy default-src https://*.zdnet.com:* strict-transport-security max-age=63072000; includeSubDomains; preload content-length 1147 x-xss-protection 1; mode=block last-modified Mon, 05 Aug 2024 16:17:54 GMT etag "5f662d5507c0d71647951560b9edd159" x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control max-age=604800,no-transform accept-ranges bytes expires Wed, 14 Aug 2024 04:26:37 GMT
GET H2	200	a5fd67d.modern.js Show response www.zdnet.com/a/neutron/	303 KB 100 KB	38ms 34ms	Script application/javascript	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/a5fd67d.modern.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cd415701c446cbe7a5b0dfc2c8483ce0dfda74636df20626f5f3130bb502b265 Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Origin https://www.zdnet.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:17 GMT content-encoding gzip content-security-policy default-src https://*.zdnet.com:* last-modified Mon, 05 Aug 2024 16:17:55 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control max-age=604800,no-transform accept-ranges bytes content-length 102609 x-xss-protection 1; mode=block expires Tue, 13 Aug 2024 23:30:46 GMT
GET H2	200	097809b.modern.js Show response www.zdnet.com/a/neutron/	1 MB 349 KB	46ms 42ms	Script application/javascript	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/097809b.modern.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0270a862c80b73c4d26a99af40fc2498bc64abf929b15383a9e6e3929c96f6e1 Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Origin https://www.zdnet.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:17 GMT content-encoding gzip content-security-policy default-src https://*.zdnet.com:* strict-transport-security max-age=63072000; includeSubDomains; preload content-length 357229 x-xss-protection 1; mode=block last-modified Mon, 05 Aug 2024 16:17:56 GMT etag "8577e84f1498b781e5b9b7177fe4454c" x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control max-age=604800,no-transform accept-ranges bytes expires Wed, 14 Aug 2024 04:55:27 GMT
GET H2	200	d526003.modern.js Show response www.zdnet.com/a/neutron/	865 KB 223 KB	44ms 40ms	Script application/javascript	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/d526003.modern.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash a27757cfecb2db2a9df41783eb3f7e245016f125ff7b1bf42e9db262d23158db Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Origin https://www.zdnet.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:17 GMT content-encoding gzip content-security-policy default-src https://*.zdnet.com:* strict-transport-security max-age=63072000; includeSubDomains; preload content-length 228215 x-xss-protection 1; mode=block last-modified Mon, 05 Aug 2024 16:17:56 GMT etag "d32850870b0adb9cdf9275991a9409f3" x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control max-age=604800,no-transform accept-ranges bytes expires Mon, 12 Aug 2024 16:19:24 GMT
GET DATA	200 OK	truncated /	173 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3ed13e9582f312714efb0283d27b17cb4c533dcf186278231d91d932299f1e6e Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	e70f246a-fd9b-4805-9fd4-fcd89020aca5.json Show response cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/	5 KB 2 KB	117ms 71ms	XHR application/x-javascript	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/e70f246a-fd9b-4805-9fd4-fcd89020aca5.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 748fb858c1f23d101aed466eb5fddb53c29a92bdeb9d614155ff20824e192f69 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 47849 content-md5 mgbGW/dOAjzcfA1qxIumxA== content-length 1875 x-ms-lease-status unlocked last-modified Tue, 18 Jun 2024 18:58:10 GMT server cloudflare etag 0x8DC8FC8994BF9C3 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id e1f10892-401e-0000-13b1-c1938a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8b197bc87f1c3a88-FRA expires Mon, 12 Aug 2024 16:08:18 GMT
OPTIONS H2	200	diff at.adtech.redventures.io/lib/api/v1/zdnet-rv/prod/config/ Frame	0 0	207ms 151ms	Preflight text/html	151.101.194.154 FASTLY
General Check archive.org Show headers Download Go to Full URL https://at.adtech.redventures.io/lib/api/v1/zdnet-rv/prod/config/diff?variant=core Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.194.154 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers cat,content-type,variant,version Access-Control-Request-Method GET Origin https://www.zdnet.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers * access-control-allow-origin https://www.zdnet.com allow GET,HEAD content-length 8 content-security-policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin date Sun, 11 Aug 2024 16:08:18 GMT etag W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg" origin-agent-cluster ?1 referrer-policy no-referrer server Google Frontend strict-transport-security max-age=15552000; includeSubDomains vary Accept-Encoding, Origin via 1.1 varnish x-cache MISS x-cache-hits 0 x-cloud-trace-context a434ee7afe288fc90e53c04494516dba x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-frame-options SAMEORIGIN x-permitted-cross-domain-policies none x-served-by cache-fra-etou8220077-FRA x-timer S1723392498.142460,VS0,VE123 x-xss-protection 0
GET H2	200	config.js Show response cdn.confiant-integrations.net/J3UXFee1xclY-bfFlWh1mIZ_phU/gpt_and_prebid/	140 KB 33 KB	104ms 42ms	Script text/javascript	2606:4700::6812:1561 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.confiant-integrations.net/J3UXFee1xclY-bfFlWh1mIZ_phU/gpt_and_prebid/config.js Requested by Host: at.adtech.redventures.io URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-zdnet-rv.min.js?adaptive=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1561 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4da22eef3bf10b589bf5a834063c1c5a00c8762886a426f908f357bd567d329e Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip cf-cache-status HIT x-amz-request-id XBGBMPY00VNTXQJV age 44 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 33612 x-amz-id-2 krEy8IDWreuAJGrO6fFDPyr6TG5GMNGjiWN0Win3msd3AaACERiqwAn+89KtCjBNQ9VYW1sczEc= last-modified Sun, 11 Aug 2024 16:06:24 GMT server cloudflare etag "914346d79c5b3d77799547f68dac0365" vary Accept-Encoding content-type text/javascript cache-control public, max-age=900, stale-while-revalidate=3600 accept-ranges bytes cf-ray 8b197bc949712bd1-FRA
GET H2	200	diff Show response at.adtech.redventures.io/lib/api/v1/zdnet-rv/prod/config/	7 KB 3 KB	30ms 28ms	Fetch application/json	151.101.194.154 FASTLY
General Check archive.org Show headers Download Go to Full URL https://at.adtech.redventures.io/lib/api/v1/zdnet-rv/prod/config/diff?variant=core Requested by Host: at.adtech.redventures.io URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-zdnet-rv.min.js?adaptive=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.194.154 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Resource Hash baa9522bf7dcf0d6c848caf2bdf08c2bd7fb1957dc5c4d203debd56dbc04b2ff Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers version rv5.8.1 Accept application/json cat Me0q6GWbA Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ variant core User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/json Response headers content-security-policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip x-permitted-cross-domain-policies none via 1.1 varnish cross-origin-embedder-policy require-corp age 160 x-dns-prefetch-control off x-cache HIT ttl 900s content-length 2996 x-xss-protection 0 x-served-by cache-fra-etou8220077-FRA referrer-policy no-referrer server Google Frontend cross-origin-opener-policy same-origin x-timer S1723392498.296973,VS0,VE0 etag W/f6bf60e0e0a6a9e911624c575ea56bc600fb675f x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding, Origin content-type application/json; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?1 x-cloud-trace-context 3420cac88930b03d19d6fab7eafbddb0 cache-control max-age=900 accept-ranges bytes access-control-allow-headers * x-cache-hits 3
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	59 B 295 B	99ms 43ms	XHR application/json	2606:4700::6812:1c7f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1c7f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept application/json Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * cf-ray 8b197bc96cdd9bf2-FRA access-control-allow-headers Content-Type
GET H2	200	c0c9d02.modern.js Show response www.zdnet.com/a/neutron/	155 KB 60 KB	23ms 22ms	Script application/javascript	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/c0c9d02.modern.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/51f449b.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 35ac2233a7f93fb7ee7dc3bcc5457d95e02c18b27af8a08fc22795264010ab33 Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip content-security-policy default-src https://*.zdnet.com:* last-modified Mon, 05 Aug 2024 16:17:55 GMT strict-transport-security max-age=63072000; includeSubDomains; preload etag "b06b269409daaeeca8c8fef325273b9f" x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type application/javascript access-control-allow-origin * cache-control max-age=604800,no-transform accept-ranges bytes content-length 61563 x-xss-protection 1; mode=block expires Tue, 13 Aug 2024 14:25:45 GMT
GET H2	200	7177b37.modern.js Show response www.zdnet.com/a/neutron/	9 KB 4 KB	24ms 23ms	Script application/javascript	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/7177b37.modern.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/51f449b.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0cf428f0d4969a37b9a7eeae2d133f251f65393c12ad77a7bd29de8a59e4d60f Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip content-security-policy default-src https://*.zdnet.com:* last-modified Mon, 05 Aug 2024 16:17:54 GMT strict-transport-security max-age=63072000; includeSubDomains; preload etag "b21d276c71108c6297fcaaf7cf13bc02" x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type application/javascript access-control-allow-origin * cache-control max-age=604800,no-transform accept-ranges bytes content-length 3857 x-xss-protection 1; mode=block expires Wed, 14 Aug 2024 22:53:44 GMT
GET H2	200	dd9afe4.modern.js Show response www.zdnet.com/a/neutron/	20 KB 5 KB	24ms 24ms	Script application/javascript	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/dd9afe4.modern.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/51f449b.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 04baca4587793749b0e81c4403e60198604a8f290b99d6e628b604d7e03315f5 Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip content-security-policy default-src https://*.zdnet.com:* last-modified Mon, 05 Aug 2024 16:17:55 GMT strict-transport-security max-age=63072000; includeSubDomains; preload etag "dd7e4edb5fc7eac61e22e1d8a64d57ca" x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type application/javascript access-control-allow-origin * cache-control max-age=604800,no-transform accept-ranges bytes content-length 5059 x-xss-protection 1; mode=block expires Tue, 13 Aug 2024 14:25:46 GMT
GET H2	200	3215873.modern.js Show response www.zdnet.com/a/neutron/	15 KB 5 KB	23ms 23ms	Script application/javascript	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/3215873.modern.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/51f449b.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash fb29e821e1256e64974c67b95e4f0306da20e2abc9b28b09ea88dbdb9a959c6e Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip content-security-policy default-src https://*.zdnet.com:* last-modified Mon, 05 Aug 2024 16:17:53 GMT strict-transport-security max-age=63072000; includeSubDomains; preload etag "04f28139a784cecb9bfcbc6217d7891d" x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type application/javascript access-control-allow-origin * cache-control max-age=604800,no-transform accept-ranges bytes content-length 4784 x-xss-protection 1; mode=block expires Tue, 13 Aug 2024 03:31:33 GMT
GET H2	200	ee4b76b.modern.js Show response www.zdnet.com/a/neutron/	205 KB 49 KB	27ms 26ms	Script application/javascript	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/ee4b76b.modern.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/51f449b.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash aa53ae5feeafc1b89245784f076e31cc7ca66c7e8a3b3f6fa8d2be8c04614b80 Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip content-security-policy default-src https://*.zdnet.com:* last-modified Mon, 05 Aug 2024 16:17:56 GMT strict-transport-security max-age=63072000; includeSubDomains; preload etag "da65ab176ab3142f7f06f40ce550a627" x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type application/javascript access-control-allow-origin * cache-control max-age=604800,no-transform accept-ranges bytes content-length 49582 x-xss-protection 1; mode=block expires Mon, 12 Aug 2024 16:20:30 GMT
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/202405.2.0/	451 KB 110 KB	64ms 63ms	Script application/javascript	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 402dda334f81814b077c20d0d093636239c027f3e82996fd7c12cb91aa57540a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 Ryx3T13YxV6i1yEKSnAPIA== age 64134 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 112015 x-ms-lease-status unlocked last-modified Tue, 16 Jul 2024 22:10:45 GMT server cloudflare etag 0x8DCA5E423ECD5E2 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 96934d7a-301e-0069-12ce-d7cc26000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8b197bc9fdb43685-FRA
GET H2	200	wrap.js Show response cdn.confiant-integrations.net/gptprebidnative/202407090940/	284 KB 101 KB	57ms 57ms	Script application/javascript	2606:4700::6812:1561 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.confiant-integrations.net/gptprebidnative/202407090940/wrap.js Requested by Host: cdn.confiant-integrations.net URL: https://cdn.confiant-integrations.net/J3UXFee1xclY-bfFlWh1mIZ_phU/gpt_and_prebid/config.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1561 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d3ec73884fd2e63fb637af556b4725f116702bab37326dbf7ce0e876d7b1587 Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip cf-cache-status HIT x-amz-request-id C1ANERD5PQ8BAS3Y age 2848236 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 103346 x-amz-id-2 9z1fo743YDscJSg2yapDtmDQXNS49uEuyVGsEooWWXCq89AMKM+PYVRrTMLxje9QKt+YnfuXs2A= last-modified Tue, 09 Jul 2024 14:20:21 GMT server cloudflare etag "76074361c87e7c8d3af88302818b71f9" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 accept-ranges bytes cf-ray 8b197bca0a492bd1-FRA
GET H2	200	pub-8038936283815017 Show response fundingchoicesmessages.google.com/i/	203 KB 67 KB	109ms 56ms	Script application/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/pub-8038936283815017?ers=1 Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/d526003.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 68d513e72803369ffe24d8b3dadf990f7b657645554bf06b2678d662868cb333 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-cb8lhYo5a7s-Cm1LNIFEOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:18 GMT content-security-policy script-src 'report-sample' 'nonce-cb8lhYo5a7s-Cm1LNIFEOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII0JBiOHHrNtMFID7vdIfpOhBLfH3JpAXETukzWEOA2Kd-BmscELfePMc6HYiT_p1nLQFid62LrP5AvCTiIuuRxIushgqXWJ2BeHr9Jdb5QLz34yXWo0DsyHGZ1ROIhXg4Ph1-vJVNoOHA_I2MShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiYGFgYWegYm8QUGANofRS0" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	04bc79fd5f2951beba7a20d2.js Show response frugalfiestas.com/public/de27c0d40747/	67 KB 24 KB	114ms 62ms	Script text/javascript	2606:4700::6812:186f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://frugalfiestas.com/public/de27c0d40747/04bc79fd5f2951beba7a20d2.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 647dcabab0ef5639c74c037c4cc2c72fe5bf3d1ca3868e13663ce3fc27384083 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:18 GMT content-encoding br via 1.1 google strict-transport-security max-age=15724800; preload cf-cache-status MISS x-buildnumber 1389703183 alt-svc h3=":443"; ma=86400 server cloudflare x-datacenter gce-europe-west1 etag W/"1e4635b62f670604b921fe751323cc151f06945534b80819f4b2a1e5cd889373" x-buildname hoothoot vary Accept-Encoding, Accept-Language x-hostname fen-hoothoot-europe-west1-4lzd content-type text/javascript; charset=utf-8 cache-control private, must-revalidate, max-age=21600 timing-allow-origin * cf-ray 8b197bcaace6993f-FRA
GET H2	200	5ab6148.modern.js Show response www.zdnet.com/a/neutron/	1 MB 281 KB	25ms 22ms	Script application/javascript	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/5ab6148.modern.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/51f449b.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 56f120354d7d9734db34a7118e9f8d846157c8c54fd94bc04dbeb2ceba10efe7 Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip content-security-policy default-src https://*.zdnet.com:* last-modified Mon, 05 Aug 2024 16:17:54 GMT strict-transport-security max-age=63072000; includeSubDomains; preload etag "e44165a127d476bf20f170427f03e5c8" x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type application/javascript access-control-allow-origin * cache-control max-age=604800,no-transform accept-ranges bytes content-length 287151 x-xss-protection 1; mode=block expires Tue, 13 Aug 2024 14:24:47 GMT
GET H2	200	a07b3ab.modern.js Show response www.zdnet.com/a/neutron/	583 B 405 B	24ms 22ms	Script application/javascript	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/a07b3ab.modern.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/51f449b.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash afb5f6407935048614a4d2ce20b32ccb677feb87394a4b94234720afc7d76257 Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip content-security-policy default-src https://*.zdnet.com:* last-modified Mon, 05 Aug 2024 16:17:55 GMT strict-transport-security max-age=63072000; includeSubDomains; preload etag "dbb51abc6db0e2eb459a03545f5a1022" x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type application/javascript access-control-allow-origin * cache-control max-age=604800,no-transform accept-ranges bytes content-length 317 x-xss-protection 1; mode=block expires Wed, 14 Aug 2024 00:13:55 GMT
GET H2	200	0a08178.modern.js Show response www.zdnet.com/a/neutron/	156 KB 49 KB	23ms 22ms	Script application/javascript	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/0a08178.modern.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/51f449b.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d8205c70bdac9c9529c14844dde6b43ebca982d7a024b944485311a53da30eb1 Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip content-security-policy default-src https://*.zdnet.com:* last-modified Mon, 05 Aug 2024 16:17:56 GMT strict-transport-security max-age=63072000; includeSubDomains; preload etag "11672f692f5e8e9b1277f1de07f8523d" x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type application/javascript access-control-allow-origin * cache-control max-age=604800,no-transform accept-ranges bytes content-length 49664 x-xss-protection 1; mode=block expires Tue, 13 Aug 2024 14:24:47 GMT
GET H2	200	eb1d261.modern.js Show response www.zdnet.com/a/neutron/	3 KB 1 KB	23ms 23ms	Script application/javascript	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/eb1d261.modern.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/51f449b.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 57a28848392c8c2bdfdc31b49fe89bb315285e2dfb87ad1dbd0def64d1c51fbb Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip content-security-policy default-src https://*.zdnet.com:* last-modified Mon, 05 Aug 2024 16:17:56 GMT strict-transport-security max-age=63072000; includeSubDomains; preload etag "dbcfa653bf586e6641769d9413cd4114" x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type application/javascript access-control-allow-origin * cache-control max-age=604800,no-transform accept-ranges bytes content-length 1251 x-xss-protection 1; mode=block expires Mon, 12 Aug 2024 16:20:07 GMT
GET H2	200	errorResponsePublish us-central1-i-cnet-dev.cloudfunctions.net/	0 189 B	311ms 226ms	Image text/html	2001:4860:4802:36::36 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-central1-i-cnet-dev.cloudfunctions.net/errorResponsePublish?xref=&srcurl=https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/&pagetype=error_page&pguid=daad344e-1f1f-4ea3-8279-b3dc736cf0fd&devicetype=desktop&sid=zdnet&env=prod Requested by Host: www.zdnet.com URL: https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-cloud-trace-context d689ba3b4dc89abe4b7893b88cbc7f3b;o=1 date Sun, 11 Aug 2024 16:08:18 GMT function-execution-id 6p83uruh8rwz server Google Frontend alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html
GET H2	200	chartbeat.js Show response static.chartbeat.com/js/	38 KB 15 KB	102ms 22ms	Script application/x-javascript	2600:9000:2646:e00:18:1fcd:354:4b41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/d526003.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2646:e00:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9 Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 16:20:54 GMT content-encoding gzip via 1.1 9bd86598a7f45cc948aa2f9674ece0b2.cloudfront.net (CloudFront) last-modified Wed, 05 Jun 2024 00:13:00 GMT server nginx x-amz-cf-pop FRA60-P5 age 85644 etag W/"665fad8c-9895" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript cache-control max-age=86400 cross-origin-resource-policy cross-origin x-amz-cf-id nysOj0-il9xVojmRTkpW1JK_9rGIJWsED2lBgbOfiozHSytBwfNaJA== expires Sun, 11 Aug 2024 16:20:54 GMT
GET H2	200	pageview_candidate.comscore.json Show response www.zdnet.com/	39 B 146 B	144ms 144ms	XHR application/json	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/pageview_candidate.comscore.json Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/a5fd67d.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 28979e59533e99167ace1395df3df8beedd7598409577b697d7ae25b31458657 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept application/json, text/plain, */* Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Mon, 05 Aug 2024 16:07:13 GMT etag "66b0f8b1-27" vary Accept-Encoding, User-Agent content-type application/json cache-control private, max-age=0, s-maxage=0 accept-ranges bytes content-length 59
GET H2	200	pageview_candidate.comscore.json Show response www.zdnet.com/	39 B 15 B	286ms 138ms	XHR application/json	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/pageview_candidate.comscore.json Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/a5fd67d.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 28979e59533e99167ace1395df3df8beedd7598409577b697d7ae25b31458657 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept application/json, text/plain, */* Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip last-modified Mon, 05 Aug 2024 16:07:13 GMT etag "66b0f8b1-27" vary Accept-Encoding, User-Agent content-type application/json cache-control private, max-age=0, s-maxage=0 accept-ranges bytes content-length 59
GET H2	200	tag.aspx Show response ml314.com/	38 KB 39 KB	98ms 20ms	Script application/javascript	34.117.77.79 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ml314.com/tag.aspx?1172024 Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/d526003.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 79.77.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash d0e12af8c4e560fe89643639e0c3ed4dc76125c62adeb2879b761d73dbaecf50 Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 15:27:04 GMT via 1.1 google age 2474 x-guploader-uploadid AHxI1nMTn00v2DtIzooOv-2LLE9WiytqK1oqls8bmjVbi-8dhAjaI9IZXE8OmhIHleDKe-6dwn8CRUneQA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39162 last-modified Wed, 24 Jul 2024 19:30:50 GMT server UploadServer etag "632616ff15825f030aab3391a58ef042" x-goog-generation 1721849450340665 x-goog-hash crc32c=6sDw2Q==, md5=YyYW/xWCXwMKqzORpY7wQg== content-type application/javascript cache-id FRA cache-control public,max-age=3600 x-cache-hit hit x-goog-stored-content-length 39162 accept-ranges bytes
GET H2	200	zdnet-footer-background-2022-desktop.png www.zdnet.com/a/img/resize/63dc52c26fbff291c9b466bdd31bee7baf9312dc/2022/09/07/c9a7d0bb-7734-41d6-806a-00548beeff3a/	92 KB 92 KB	24ms 23ms	Image image/webp	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.zdnet.com/a/img/resize/63dc52c26fbff291c9b466bdd31bee7baf9312dc/2022/09/07/c9a7d0bb-7734-41d6-806a-00548beeff3a/zdnet-footer-background-2022-desktop.png?auto=webp&fit=cover&frame=1&height=1322&width=3200 Requested by Host: www.zdnet.com URL: https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c0c4253ef3253ffede5c9ce6073c2ad5516c2da7d6915930c5a542fb5bef818c Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:18 GMT content-security-policy default-src https://*.zdnet.com:* strict-transport-security max-age=63072000; includeSubDomains; preload fastly-io-served-by vpop-etou8240194 etag "zfNB8lFEvDiT2SEekCCzD2ReyuDVnw2AudO53eLtMMM" x-frame-options SAMEORIGIN vary Accept-Encoding, Accept fastly-io-info ifsz=3377623 idim=3200x1322 ifmt=png ofsz=94010 odim=3200x1322 ofmt=webp content-type image/webp cache-control max-age=31536000 fastly-stats io=1 accept-ranges bytes content-length 94010 x-xss-protection 1; mode=block expires Thu, 11 Jul 2024 02:27:41 GMT
GET H2	200	client-info Show response at.adtech.redventures.io/lib/api/	99 B 159 B	28ms 27ms	Fetch application/json	151.101.194.154 FASTLY
General Check archive.org Show headers Download Go to Full URL https://at.adtech.redventures.io/lib/api/client-info Requested by Host: at.adtech.redventures.io URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-zdnet-rv.min.js?adaptive=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.194.154 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash 647290f1a78109014439515926e4a3b4e08562c4c6babb3da69d081c42d25c0c Request headers version rv5.8.1 Accept application/json cat Me0q6GWbA Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ variant core User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/json Response headers x-cache-hits 0 date Sun, 11 Aug 2024 16:08:18 GMT via 1.1 varnish server Varnish x-timer S1723392498.496954,VS0,VE0 x-cache HIT content-type application/json access-control-allow-origin * access-control-allow-methods OPTIONS, POST, GET cache-control max-age=604800 accept-ranges bytes access-control-allow-headers * content-length 99 retry-after 0 x-served-by cache-fra-etou8220077-FRA
GET H3	200	pub.js Show response pub.doubleverify.com/dvtag/33509408/DV1307377/	42 KB 14 KB	92ms 50ms	Script text/javascript	2606:4700::6812:a7e0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pub.doubleverify.com/dvtag/33509408/DV1307377/pub.js Requested by Host: at.adtech.redventures.io URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-zdnet-rv.min.js?adaptive=true Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fbc90d01e83cc8c314f2e6bb34a900b0216566a0b9709fcb9cd17ad38407b568 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:18 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding br content-security-policy frame-ancestors 'self' server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript;charset=UTF-8 access-control-allow-origin * access-control-expose-headers Server-Timing, Cf-Ray cache-control public, max-age=900, stale-while-revalidate=3600 access-control-allow-credentials true timing-allow-origin * cf-ray 8b197bcba9dc9070-FRA alt-svc h3=":443"; ma=86400
OPTIONS H2	200	client-info at.adtech.redventures.io/lib/api/ Frame	0 0	27ms 27ms	Preflight application/json	151.101.194.154 FASTLY
General Check archive.org Show headers Download Go to Full URL https://at.adtech.redventures.io/lib/api/client-info Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.194.154 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash Request headers Accept */* Access-Control-Request-Headers cat,content-type,variant,version Access-Control-Request-Method GET Origin https://www.zdnet.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers * access-control-allow-methods OPTIONS, POST, GET access-control-allow-origin * cache-control max-age=604800 content-length 99 content-type application/json date Sun, 11 Aug 2024 16:08:18 GMT retry-after 0 server Varnish via 1.1 varnish x-cache HIT x-cache-hits 0 x-served-by cache-fra-etou8220077-FRA x-timer S1723392498.468131,VS0,VE0
GET H2	200	en.json Show response cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/01902cb5-f7ea-7eb7-aeaa-ab8dc1076ffa/	312 KB 48 KB	66ms 65ms	Fetch application/x-javascript	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/01902cb5-f7ea-7eb7-aeaa-ab8dc1076ffa/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad07267bfbd96d936f60c08abd3a5cda18ac8a9e1ae268ba88c712491c120fc4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 75470 content-md5 C3WaeD0EDnfn6Cq7IUZR4A== content-length 48996 x-ms-lease-status unlocked last-modified Tue, 18 Jun 2024 18:58:14 GMT server cloudflare etag 0x8DC8FC89B8D1F84 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id ee17fc86-401e-0083-3fb1-c13327000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8b197bcbac623a88-FRA expires Mon, 12 Aug 2024 16:08:18 GMT
GET H2	200	iab2V2Data.json Show response cdn.cookielaw.org/vendorlist/	588 KB 76 KB	43ms 42ms	Fetch application/x-javascript	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/vendorlist/iab2V2Data.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f832c764b6f453323743c976586ce9443740a911b12eca61cfa34fbff05c1262 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 Drk6+4OEd5LcP5xXHZgIQw== age 1381 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 77602 x-ms-lease-status unlocked last-modified Sun, 11 Aug 2024 14:42:57 GMT server cloudflare etag 0x8DCBA13E42E54B5 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 706bcadb-d01e-00c9-2504-ec0340000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8b197bcbac643a88-FRA expires Mon, 12 Aug 2024 16:08:18 GMT
GET H2	200	googleData.json Show response cdn.cookielaw.org/vendorlist/	56 KB 16 KB	64ms 63ms	Fetch application/x-javascript	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/vendorlist/googleData.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ca92f70382757aa4b7575f044d329f94398d105c11491e310ba56d38973425d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 6OYgKpI2Egrm7++jvfteYw== age 9038 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 16245 x-ms-lease-status unlocked last-modified Sat, 10 Aug 2024 18:04:25 GMT server cloudflare etag 0x8DCB966DEEB5CAE vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 7a5c8761-701e-002a-2c5c-ebe6cf000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8b197bcbac663a88-FRA expires Mon, 12 Aug 2024 16:08:18 GMT
GET H2	200	otTCF.js Show response cdn.cookielaw.org/scripttemplates/202405.2.0/	60 KB 17 KB	37ms 36ms	Script application/javascript	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202405.2.0/otTCF.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e40e7b46b99c06e47841ff53e4417b6c887631d383aac28114e4ab83ccddc6f7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 YSEvGd3GE+eZKJLbiPRlZw== age 34418 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 17104 x-ms-lease-status unlocked last-modified Tue, 16 Jul 2024 22:10:43 GMT server cloudflare etag 0x8DCA5E422E4308F vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 31809254-601e-0071-0832-d8e1b3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8b197bcbaf1d3685-FRA
POST H2	200	/ Show response o348491.ingest.sentry.io/api/5821895/envelope/	2 B 299 B	143ms 23ms	Fetch application/json	34.120.195.249 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://o348491.ingest.sentry.io/api/5821895/envelope/?sentry_key=f27e6d5c38f14598858e5908bd9df0c6&sentry_version=7&sentry_client=sentry.javascript.vue%2F8.20.0 Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/0a08178.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.zdnet.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 11 Aug 2024 16:08:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google server nginx vary origin,access-control-request-method,access-control-request-headers content-type application/json access-control-allow-origin * access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2
GET H2	200	skeleton.gif static.adsafeprotected.com/	43 B 480 B	141ms 27ms	Image image/gif	2600:9000:2165:1800:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.adsafeprotected.com/skeleton.gif?adspot_id=ad_300x250_6922349 Requested by Host: www.zdnet.com URL: https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2165:1800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2 Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 10 Aug 2024 15:20:51 GMT x-amz-version-id iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja via 1.1 a71884ac07401af155dc18a13375cfb2.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P6 age 89248 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 43 last-modified Mon, 17 Aug 2020 23:55:15 GMT server AmazonS3 etag "45cf913e5d9d3c9b2058033056d3dd23" content-type image/gif cache-control max-age=315360000 accept-ranges bytes x-amz-cf-id O9O48DbgWRTHcPrTeVrjJfmtBa2VEY7bxobaZVVt0DskTJLuad2GJQ==
GET H2	200	19f0050.modern.js Show response www.zdnet.com/a/neutron/	43 KB 13 KB	22ms 22ms	Script application/javascript	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/19f0050.modern.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/51f449b.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0aac30b9dd7cd926c51b719b8b63563cf6799de879c0f48add92fec659a18e3e Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip content-security-policy default-src https://*.zdnet.com:* last-modified Mon, 05 Aug 2024 16:17:53 GMT strict-transport-security max-age=63072000; includeSubDomains; preload etag "d05b016cf2096c80a2cebefc297d6c20" x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type application/javascript access-control-allow-origin * cache-control max-age=604800,no-transform accept-ranges bytes content-length 13630 x-xss-protection 1; mode=block expires Tue, 13 Aug 2024 14:24:49 GMT
GET H2	200	ping ping.chartbeat.net/	43 B 201 B	373ms 122ms	Image image/gif	44.193.116.81 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ping.chartbeat.net/ping?h=zdnet.com&p=%2Farticle%2Fthis-ransomware-is-now-one-of-the-three-most-common-malwarethreats%2F&u=FAdD9Cad1ykDy66uu&d=zdnet.com&g=66142&g0=error&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1284&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fthis-ransomware-is-now-one-of-the-three-most-common-malwarethreats%2F&b=1714&t=BkpUbrCQMlQKCHD5CpBAI3emN8RM8&V=147&i=Page%20Not%20Found%20%7C%20ZDNET&tz=-120&sn=1&sv=CUuOvwWrSmuC3ealJB2KYECZ-312&sr=external&sd=1&im=06430c4f&_ Requested by Host: www.zdnet.com URL: https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.193.116.81 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-193-116-81.compute-1.amazonaws.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers expires 0 pragma no-cache date Sun, 11 Aug 2024 16:08:18 GMT cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-length 43 content-type image/gif
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/202405.2.0/assets/	13 KB 3 KB	40ms 38ms	Fetch application/json	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/otFlat.json Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/0a08178.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc11897bd686817da4d462b4fc503101091e6df96894ef4f58a7546285013a84 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 4TCnvX7DV08Uu9DR6YJNHQ== age 66196 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 3010 x-ms-lease-status unlocked last-modified Tue, 16 Jul 2024 22:10:38 GMT server cloudflare etag 0x8DCA5E41F905E9D vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 7de821dd-d01e-0101-2b8f-d8d422000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8b197bcd4ecb3a88-FRA
GET H2	200	otCookieSettingsButton.json Show response cdn.cookielaw.org/scripttemplates/202405.2.0/assets/	5 KB 2 KB	50ms 48ms	Fetch application/json	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/otCookieSettingsButton.json Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/0a08178.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 11 Aug 2024 16:08:18 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 +BxwAmz732dCCQR+FDw04A== age 64712 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 1738 x-ms-lease-status unlocked last-modified Tue, 16 Jul 2024 22:10:39 GMT server cloudflare etag 0x8DCA5E4209DB9A8 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id d153a99e-f01e-009a-418f-d81f4f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8b197bcd4ecf3a88-FRA
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/202405.2.0/assets/	24 KB 4 KB	40ms 39ms	Fetch text/css	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/otCommonStyles.css Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/0a08178.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 11 Aug 2024 16:08:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 9eusssrwoAzVOVsIadvhfQ== age 66696 x-ms-lease-status unlocked last-modified Tue, 16 Jul 2024 22:10:51 GMT server cloudflare vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id ce9bf627-a01e-00ef-198f-d898f4000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 8b197bcd4ed13a88-FRA
GET H3	200	pub.json Show response pub.doubleverify.com/dvtag/signals/ids/	13 B 306 B	69ms 44ms	Fetch application/json	2606:4700::6812:a7e0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pub.doubleverify.com/dvtag/signals/ids/pub.json?ctx=33509408&cmp=DV1307377&url=https%3A%2F%2Fzdnet.com&ids=1&token=MSOP5VORDvi46O9aeyrTffHYPGG2evAtLbLEj1Mp7PdoH6B2aK4E8rvGk1hONFhBNUNuDVcnPnIbaKKGBrVbytLi9ZZlz5xmMd2ra4U0bv8D4AD0G5JfYWNMg%2F5KinB2BqnkkJUnUGw5UeHAfYxhiCYf4esL7vA%3D Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/0a08178.modern.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2a9c1dec1a24dd650f7b3b74a5c8ab1f6b68b653deef124accbde1c8a24abf0 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:18 GMT strict-transport-security max-age=31536000; includeSubDomains content-security-policy frame-ancestors 'self' server cloudflare vary origin, x-forwarded-for, user-agent, Accept-Encoding x-frame-options SAMEORIGIN content-type application/json access-control-allow-origin https://www.zdnet.com access-control-expose-headers Server-Timing, Cf-Ray cache-control private, max-age=699 access-control-allow-credentials true timing-allow-origin * cf-ray 8b197bcd7af05b80-FRA content-length 13 alt-svc h3=":443"; ma=86400
GET H3	200	pub.json Show response pub.doubleverify.com/dvtag/signals/bsc/	40 B 276 B	92ms 68ms	Fetch application/json	2606:4700::6812:a7e0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pub.doubleverify.com/dvtag/signals/bsc/pub.json?ctx=33509408&cmp=DV1307377&url=https%3A%2F%2Fzdnet.com%2Farticle%2Fthis-ransomware-is-now-one-of-the-three-most-common-malwarethreats&bsc=1&abs=1&token=MSOP5VORDvi46O9aeyrTffHYPGG2evAtLbLEj1Mp7PdoH6B2aK4E8rvGk1hONFhBNUNuDVcnPnIbaKKGBrVbytLi9ZZlz5xmMd2ra4U0bv8D4AD0G5JfYWNMg%2F5KinB2BqnkkJUnUGw5UeHAfYxhiCYf4esL7vA%3D Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/0a08178.modern.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c3a82f9a518f4325b2839649a0dd7007e9963e6703ab5720da893893d2ed158 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:18 GMT strict-transport-security max-age=31536000; includeSubDomains content-security-policy frame-ancestors 'self' server cloudflare vary origin, Accept-Encoding x-frame-options SAMEORIGIN content-type application/json access-control-allow-origin https://www.zdnet.com access-control-expose-headers Server-Timing, Cf-Ray cache-control public, max-age=3598 access-control-allow-credentials true timing-allow-origin * cf-ray 8b197bcd7af35b80-FRA content-length 40 alt-svc h3=":443"; ma=86400
POST H2	200	decisions Show response cdn.cohesionapps.com/preamp/api/v1/	671 B 1 KB	323ms 322ms	XHR application/json	18.173.154.114 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.cohesionapps.com/preamp/api/v1/decisions Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/0a08178.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.154.114 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-154-114.muc50.r.cloudfront.net Software / Resource Hash 5e6a5eb532a5cf89cc2336e013729f4764358d32cc4dab184456e0e2fa64d8dd Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain Response headers date Sun, 11 Aug 2024 16:08:19 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff via 1.1 67b5b59d34e71a36a3955bf957ea9ed2.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P3 x-dns-prefetch-control off x-cache Miss from cloudfront p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC" content-length 671 x-xss-protection 1; mode=block etag W/"29f-fUi0LuqmFJ0RScEFgJFizFhoIo8" x-download-options noopen x-frame-options SAMEORIGIN x-ratelimit-remaining 199 content-type application/json; charset=utf-8 access-control-allow-origin https://www.zdnet.com vary Origin access-control-allow-credentials true x-ratelimit-reset 1723392560 x-ratelimit-limit 200 x-amz-cf-id 88NVC1_Q7QbcpvMhCDOwjHTPkT5SkmULO4PT8bYqCKcq5zeYKPRWnQ==
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	103 KB 32 KB	143ms 37ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6eb43aecdad7dfc2e7635f9772c983267eff6e8fe3cec60d2cc11d75d3ce7bf9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:18 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32269 x-xss-protection 0 server cafe etag 858 / 19946 / m202408060101 / config-hash: 9072019561209455628 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 11 Aug 2024 16:08:18 GMT
GET H2	200	cookietest.html at.adtech.redventures.io/lib/dist/main/ Frame B203	0 0	83ms 28ms	Document text/html	151.101.130.154 FASTLY
General Check archive.org Show headers Download Go to Full URL https://at.adtech.redventures.io/lib/dist/main/cookietest.html Requested by Host: at.adtech.redventures.io URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-zdnet-rv.min.js?adaptive=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.154 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 3537 content-encoding gzip content-length 566 content-type text/html date Sun, 11 Aug 2024 16:08:19 GMT etag "834b07f29a6fcfd64bc539927c9f40ff" last-modified Tue, 25 Jun 2024 16:09:41 GMT server AmazonS3 vary Accept-Encoding, Origin via 1.1 d228f99969ceea21b1f33dfdfc1ce406.cloudfront.net (CloudFront), 1.1 varnish x-amz-cf-id b8X-NK4OiG2xo_P8KutxpKFgBEJsOm3h-jkL2Zim3uOP74kcZBkvrg== x-amz-cf-pop MXP53-P3 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront, HIT x-cache-hits 18 x-served-by cache-fra-etou8220137-FRA x-timer S1723392499.161070,VS0,VE0
POST H2	200	confirmation Show response cdn.cohesionapps.com/preamp/api/v1/	3 B 577 B	381ms 328ms	XHR application/json	18.173.154.114 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.cohesionapps.com/preamp/api/v1/confirmation Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/0a08178.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.154.114 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-154-114.muc50.r.cloudfront.net Software / Resource Hash 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain Response headers date Sun, 11 Aug 2024 16:08:19 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff via 1.1 595547cdc2fce94aba8498c84797701a.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P3 x-dns-prefetch-control off x-cache Miss from cloudfront p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC" content-length 3 x-xss-protection 1; mode=block etag W/"3-n5rwKVhboBTgfNORDKl2z1YWBhY" x-download-options noopen x-frame-options SAMEORIGIN x-ratelimit-remaining 198 content-type application/json; charset=utf-8 access-control-allow-origin * x-ratelimit-reset 1723392560 x-ratelimit-limit 200 x-amz-cf-id 0dThM0jg6WgPlnwkMaJw_35g3mfMrqmPrJtXl-WeNnBGOLm-KIXcQw==
GET H2	200	AGSKWxUrg5KHBMi2FBrmbSyye3tIUPtR4A-2U4TKmPqD-lO_qatYUixIgQ7Nav16F6f02AGHqdCAgU_fiXCli5zJZPSr5s9r3XARUZRRHy45VVPSEO_dMkuz-tvlVUOSxD0cBL2YG-xxtg== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	60ms 59ms	Script application/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxUrg5KHBMi2FBrmbSyye3tIUPtR4A-2U4TKmPqD-lO_qatYUixIgQ7Nav16F6f02AGHqdCAgU_fiXCli5zJZPSr5s9r3XARUZRRHy45VVPSEO_dMkuz-tvlVUOSxD0cBL2YG-xxtg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzMzkyNDk5LDEzMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuemRuZXQuY29tL2FydGljbGUvdGhpcy1yYW5zb213YXJlLWlzLW5vdy1vbmUtb2YtdGhlLXRocmVlLW1vc3QtY29tbW9uLW1hbHdhcmV0aHJlYXRzLyIsbnVsbCxbWzgsIlZvN3Nmc1pUSWpjIl0sWzksImRlIl0sWzE2LCJbMCwwLDBdIl0sWzIyLCJ0cnVlIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Vo7sfsZTIjc.es5.O/am=XDA/d=1/rs=AJlcJMxzxCGEtkqjJQYjaHR4oQCiKqudFQ/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6496a5727bf686385b36d056637f72e0525854e92599a359593a3c01f2fe6868 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yPQauBuCWDNMaTRYmi5jyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:19 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yPQauBuCWDNMaTRYmi5jyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw0JBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYF4ev0l1vlAvPfjJdajQOzIcZnVE4iFuDk-H368lU1gx9QbQUoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBhYGFnoGJvEFBgB2UD_1" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/	473 KB 148 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ccee77f4b5d83cb6e274010848ee8baeefbb7d99199d78b22d798676591d36d5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 12:25:47 GMT content-encoding br x-content-type-options nosniff age 13352 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 151286 x-xss-protection 0 server cafe etag 16318545838041958494 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Mon, 11 Aug 2025 12:25:47 GMT
GET H2	200	4f8d804.modern.js Show response www.zdnet.com/a/neutron/	41 KB 9 KB	24ms 23ms	Script application/javascript	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/4f8d804.modern.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/51f449b.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash beb187f1d6a873a5dd1ed4d7e67a12c448c5b4e6bb0cb5b93b68ac6b663bfcb3 Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:19 GMT content-encoding gzip content-security-policy default-src https://*.zdnet.com:* last-modified Mon, 05 Aug 2024 16:17:54 GMT strict-transport-security max-age=63072000; includeSubDomains; preload etag "46179c4cd2b8bcaf9ae9ef39fa4f4209" x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type application/javascript access-control-allow-origin * cache-control max-age=604800,no-transform accept-ranges bytes content-length 8688 x-xss-protection 1; mode=block expires Tue, 13 Aug 2024 14:25:10 GMT
GET H2	200	d036ceb.modern.js Show response www.zdnet.com/a/neutron/	30 KB 7 KB	25ms 25ms	Script application/javascript	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/d036ceb.modern.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/51f449b.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash fc776fd6949d6934b79fcea2a75a2936e4403946fa714a80aa81e43a309564e1 Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:19 GMT content-encoding gzip content-security-policy default-src https://*.zdnet.com:* last-modified Mon, 05 Aug 2024 16:17:55 GMT strict-transport-security max-age=63072000; includeSubDomains; preload etag "1fa9b6b25ee30fee3c43e1463994abf3" x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type application/javascript access-control-allow-origin * cache-control max-age=604800,no-transform accept-ranges bytes content-length 7197 x-xss-protection 1; mode=block expires Wed, 14 Aug 2024 03:32:03 GMT
GET H2	200	5796fd0.modern.js Show response www.zdnet.com/a/neutron/	11 KB 4 KB	23ms 22ms	Script application/javascript	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/5796fd0.modern.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/51f449b.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0cacc10fbd8eeb0fcf400d292a8304f53da9e86379970823904ece9a3d2f2d55 Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:19 GMT content-encoding gzip content-security-policy default-src https://*.zdnet.com:* last-modified Mon, 05 Aug 2024 16:17:54 GMT strict-transport-security max-age=63072000; includeSubDomains; preload etag "e91416ef284a52064fe4eacaae13eae2" x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type application/javascript access-control-allow-origin * cache-control max-age=604800,no-transform accept-ranges bytes content-length 3659 x-xss-protection 1; mode=block expires Tue, 13 Aug 2024 14:25:46 GMT
GET H2	200	175e122.modern.js Show response www.zdnet.com/a/neutron/	4 KB 2 KB	29ms 29ms	Script application/javascript	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/175e122.modern.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/51f449b.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 32981c9b909e0580de9350b21a85727cf3f9092ce0b096e6f1cec7d2da233676 Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:19 GMT content-encoding gzip content-security-policy default-src https://*.zdnet.com:* last-modified Mon, 05 Aug 2024 16:17:54 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type application/javascript access-control-allow-origin * cache-control max-age=604800,no-transform accept-ranges bytes content-length 1912 x-xss-protection 1; mode=block expires Tue, 13 Aug 2024 14:28:08 GMT
GET H2	200	deb3990.modern.js Show response www.zdnet.com/a/neutron/	15 KB 5 KB	23ms 23ms	Script application/javascript	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/neutron/deb3990.modern.js Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/51f449b.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 9d5bdf2318b7b37ffec62e5c641184a910941d9fa58a6b85890a47c20a4b979e Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:19 GMT content-encoding gzip content-security-policy default-src https://*.zdnet.com:* last-modified Mon, 05 Aug 2024 16:17:55 GMT strict-transport-security max-age=63072000; includeSubDomains; preload etag "15103c67b3c2a5beea7522698c13aaa3" x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type application/javascript access-control-allow-origin * cache-control max-age=604800,no-transform accept-ranges bytes content-length 4576 x-xss-protection 1; mode=block expires Tue, 13 Aug 2024 14:25:46 GMT
GET H2	200	zdnet-logo-yellow.png www.zdnet.com/a/fly/bundles/zdnetcore/images/logos/	12 KB 12 KB	27ms 22ms	Other image/png	2a04:4e42:4c::666 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.zdnet.com/a/fly/bundles/zdnetcore/images/logos/zdnet-logo-yellow.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 9a14119101406fcac24f1df6d52319c0ff3fbe57b421cfcda2ac40792da2c39d Security Headers Name Value Content-Security-Policy default-src https://*.zdnet.com:* Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:08:19 GMT content-security-policy default-src https://*.zdnet.com:* strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Tue, 02 Jul 2024 14:31:51 GMT x-frame-options SAMEORIGIN vary Accept-Encoding, Accept content-type image/png access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * content-length 12130 x-xss-protection 1; mode=block expires Tue, 16 Jul 2024 07:07:01 GMT
POST H3	200	ae35b4c39218133d080d6a1c9e0137de83b666a26c7 Show response frugalfiestas.com/0/3b7a751cd/	303 B 716 B	97ms 68ms	Fetch application/json	2606:4700::6812:186f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://frugalfiestas.com/0/3b7a751cd/ae35b4c39218133d080d6a1c9e0137de83b666a26c7 Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/0a08178.modern.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cbfbf165f1b813a1a481bc0ba5fda99abca87cbb3a60210a8a837ae8ecb145b4 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 11 Aug 2024 16:08:19 GMT strict-transport-security max-age=15724800; preload via 1.1 google cf-cache-status DYNAMIC content-encoding br x-buildnumber 1389703183 alt-svc h3=":443"; ma=86400 server cloudflare x-datacenter gce-europe-west1 x-buildname hoothoot vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://www.zdnet.com x-hostname fen-hoothoot-europe-west1-4lzd cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie cf-ray 8b197bd09c8c975d-FRA expires Sun, 11 Aug 2024 16:08:18 GMT
POST H3	200	ae35b4c39218133d080d6a1c9e0137de83b666a26c7 Show response frugalfiestas.com/3a7a751cd/	3 B 453 B	48ms 47ms	Fetch application/json	2606:4700::6812:186f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://frugalfiestas.com/3a7a751cd/ae35b4c39218133d080d6a1c9e0137de83b666a26c7 Requested by Host: www.zdnet.com URL: https://www.zdnet.com/a/neutron/0a08178.modern.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 11 Aug 2024 16:08:19 GMT strict-transport-security max-age=15724800; preload via 1.1 google cf-cache-status DYNAMIC x-buildnumber 1389703183 alt-svc h3=":443"; ma=86400 content-length 3 server cloudflare x-datacenter gce-europe-west1 x-buildname hoothoot vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://www.zdnet.com x-hostname fen-hoothoot-europe-west1-4lzd cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie cf-ray 8b197bd10d38975d-FRA expires Sun, 11 Aug 2024 16:08:18 GMT
POST H3	200	ae35b4c39218133d080d6a1c9e0137de83b666a26c7 frugalfiestas.com/3f7a751cd/	2 B 452 B	47ms 46ms	Ping application/json	2606:4700::6812:186f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://frugalfiestas.com/3f7a751cd/ae35b4c39218133d080d6a1c9e0137de83b666a26c7 Requested by Host: frugalfiestas.com URL: https://frugalfiestas.com/public/de27c0d40747/04bc79fd5f2951beba7a20d2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers Referer https://www.zdnet.com/article/this-ransomware-is-now-one-of-the-three-most-common-malwarethreats/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 11 Aug 2024 16:08:20 GMT strict-transport-security max-age=15724800; preload via 1.1 google cf-cache-status DYNAMIC x-buildnumber 1389703183 alt-svc h3=":443"; ma=86400 content-length 2 server cloudflare x-datacenter gce-europe-west1 x-buildname hoothoot vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://www.zdnet.com x-hostname fen-hoothoot-europe-west1-4lzd cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie cf-ray 8b197bd7cf74993f-FRA expires Sun, 11 Aug 2024 16:08:19 GMT