urlscan.io logo urlscan.io
SecurityTrails logo

www.scmagazine.com Open in urlscan Pro
2606:4700:20::681a:3d7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cra.omeclk.com/portal/wts/ugmcnr-gB6ehm6%7CQ6qq70yvL88hs3FjjGlGla
Effective URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-por...
Submission: On April 17 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 37 IPs in 5 countries across 26 domains to perform 121 HTTP transactions. The main IP is 2606:4700:20::681a:3d7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.scmagazine.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on September 5th 2019. Valid for: a year.
This is the only time www.scmagazine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 205.162.42.171 53866 (QTS-AS)
27 2606:4700:20:... 13335 (CLOUDFLAR...)
4 204.180.130.159 53866 (QTS-AS)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
3 52.217.41.14 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13 172.217.21.194 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 54.88.207.174 14618 (AMAZON-AES)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.94.29 16509 (AMAZON-02)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 2600:1f14:e96... 16509 (AMAZON-02)
1 143.204.97.40 16509 (AMAZON-02)
2 204.180.130.165 53866 (QTS-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2a05:f500:11:... 14413 (LINKEDIN)
4 34.231.179.184 14618 (AMAZON-AES)
1 13.225.73.111 16509 (AMAZON-02)
1 3 2600:1f14:e96... 16509 (AMAZON-02)
2 3 37.252.172.37 29990 (ASN-APPNEX)
3 52.0.233.94 14618 (AMAZON-AES)
12 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 216.58.207.70 15169 (GOOGLE)
1 1 172.217.16.162 15169 (GOOGLE)
1 35.190.72.21 15169 (GOOGLE)
2 2 63.32.144.14 16509 (AMAZON-02)
1 52.22.20.103 14618 (AMAZON-AES)
1 52.25.229.25 16509 (AMAZON-02)
1 46.51.196.250 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
121 37
1    205.162.42.171 (United States)

ASN53866 (QTS-AS, US)
PTR: omeclk.com
cra.omeclk.com
27    2606:4700:20::681a:3d7 (United States)

ASN13335 (CLOUDFLARENET, US)
www.scmagazine.com
4    204.180.130.159 (Chicago, United States)

ASN53866 (QTS-AS, US)
PTR: my.omedastaging.com
olytics.omeda.com
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.com
pagead2.googlesyndication.com
1    2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2156:dc00:a:1779:3180:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.maropost.com
3    52.217.41.14 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
3    2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
13    172.217.21.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f194.1e100.net
securepubads.g.doubleclick.net
1    2606:4700:20::681a:316 (United States)

ASN13335 (CLOUDFLARENET, US)
c.lytics.io
1    54.88.207.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-207-174.compute-1.amazonaws.com
accounts.haymarketmedia.com
1    2606:4700:3035::681c:70b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.feathr.co
5    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
1    143.204.94.29 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-29.fra50.r.cloudfront.net
js.adsrvr.org
1    2a02:26f0:3100:2b0::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
snap.licdn.com
1    2600:1f14:e96:5802:59c3:73bd:6861:39b1 (Boardman, United States)

ASN16509 (AMAZON-02, US)
api.b2c.com
1    143.204.97.40 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-40.fra50.r.cloudfront.net
s.dpmsrv.com
2    204.180.130.165 (Chicago, United States)

ASN53866 (QTS-AS, US)
oqs.omeda.com
1    2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a05:f500:11:101::b93f:9005 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2a05:f500:11:101::b93f:9001 (Ireland)

ASN14413 (LINKEDIN, US)
www.linkedin.com
4    34.231.179.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-179-184.compute-1.amazonaws.com
polo.feathr.co
1    13.225.73.111 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-111.fra2.r.cloudfront.net
marco.feathr.co
3    2600:1f14:e96:5802:b4cf:edc:9d0a:a87c (Boardman, United States)

ASN16509 (AMAZON-02, US)
api-52-25-229-25.b2c.com
3    37.252.172.37 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    52.0.233.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-233-94.compute-1.amazonaws.com
a.dpmsrv.com
12    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    216.58.207.70 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f6.1e100.net
ad.doubleclick.net
1    172.217.16.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s11-in-f2.1e100.net
cm.g.doubleclick.net
1    35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 21.72.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    63.32.144.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-144-14.eu-west-1.compute.amazonaws.com
match.adsrvr.org
1    52.22.20.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-20-103.compute-1.amazonaws.com
polo-v1.feathr.co
1    52.25.229.25 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-229-25.us-west-2.compute.amazonaws.com
api-52-25-229-25.b2c.com
1    46.51.196.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-196-250.eu-west-1.compute.amazonaws.com
insight.adsrvr.org
13    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
Domain Requested by
27 www.scmagazine.com www.scmagazine.com
13 cdn.ampproject.org securepubads.g.doubleclick.net
13 securepubads.g.doubleclick.net 1 redirects www.googletagservices.com
securepubads.g.doubleclick.net
www.scmagazine.com
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.scmagazine.com
tpc.googlesyndication.com
cdn.ampproject.org
5 pagead2.googlesyndication.com olytics.omeda.com
securepubads.g.doubleclick.net
5 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
4 api-52-25-229-25.b2c.com 1 redirects www.scmagazine.com
4 polo.feathr.co cdn.feathr.co
www.scmagazine.com
4 olytics.omeda.com www.scmagazine.com
olytics.omeda.com
3 a.dpmsrv.com www.scmagazine.com
s.dpmsrv.com
3 ib.adnxs.com 2 redirects
3 fonts.gstatic.com www.scmagazine.com
3 s3.amazonaws.com www.scmagazine.com
3 www.googletagservices.com www.scmagazine.com
olytics.omeda.com
securepubads.g.doubleclick.net
2 match.adsrvr.org 2 redirects
2 ad.doubleclick.net 1 redirects www.scmagazine.com
2 www.google.com 1 redirects www.scmagazine.com
2 px.ads.linkedin.com 1 redirects www.scmagazine.com
2 oqs.omeda.com olytics.omeda.com
2 fonts.googleapis.com www.scmagazine.com
1 insight.adsrvr.org js.adsrvr.org
1 polo-v1.feathr.co www.scmagazine.com
1 idsync.rlcdn.com www.scmagazine.com
1 cm.g.doubleclick.net 1 redirects
1 www.google.de www.scmagazine.com
1 stats.g.doubleclick.net 1 redirects
1 marco.feathr.co www.scmagazine.com
1 www.linkedin.com 1 redirects
1 s.dpmsrv.com www.scmagazine.com
1 api.b2c.com www.googletagmanager.com
1 snap.licdn.com www.scmagazine.com
1 js.adsrvr.org www.googletagmanager.com
1 script.crazyegg.com www.googletagmanager.com
1 cdn.feathr.co www.scmagazine.com
1 accounts.haymarketmedia.com www.scmagazine.com
1 c.lytics.io www.scmagazine.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 content.maropost.com www.scmagazine.com
1 www.googletagmanager.com www.scmagazine.com
1 cra.omeclk.com 1 redirects
121 41
Subject Issuer Validity Valid
*.scmagazine.com
RapidSSL RSA CA 2018		 2019-09-05 -
2020-09-04		 a year crt.sh
*.omeda.com
SSL.com RSA SSL subCA		 2020-03-18 -
2020-08-28		 5 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.maropost.com
Go Daddy Secure Certificate Authority - G2		 2019-06-10 -
2021-08-09		 2 years crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2020-12-02		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-11-10 -
2020-10-09		 a year crt.sh
accounts.haymarketmedia.com
Amazon		 2019-09-28 -
2020-10-28		 a year crt.sh
ssl945600.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-01-28 -
2020-08-05		 6 months crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
*.b2c.com
Amazon		 2020-02-25 -
2021-03-25		 a year crt.sh
*.dpmsrv.com
Amazon		 2019-05-14 -
2020-06-14		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-03-04 -
2020-09-04		 6 months crt.sh
polo.feathr.co
Let's Encrypt Authority X3		 2020-04-13 -
2020-07-12		 3 months crt.sh
marco.feathr.co
Amazon		 2019-09-20 -
2020-10-20		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-24 -
2020-04-23		 a year crt.sh
polo-v1.feathr.co
Let's Encrypt Authority X3		 2020-04-13 -
2020-07-12		 3 months crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
misc-sni.google.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Frame ID: 98798B4E047E914559BF2A9C7738D273
Requests: 92 HTTP requests in this frame

Frame: data://truncated
Frame ID: F40156DEC8E501E062AACBB02B909BED
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=znpsh7f&ref=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7910I6591389B9B&upid=e4qkh98&upv=1.1.0
Frame ID: DBCBF60416EE5BFF35A0C43C99C45158
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 2DB5A8DC83EBDAE46EC4F2D8650F8086
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Frame ID: 22464E76E90241F52D6F0A4E486A827F
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Frame ID: F1B6F8A5E175BB9A0A9E20C83C68B542
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Frame ID: FE56EFA513B64396FC157CF219ABFE48
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Frame ID: C5C88F58B8F32DD23DAECDA9ADD16815
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://cra.omeclk.com/portal/wts/ugmcnr-gB6ehm6%7CQ6qq70yvL88hs3FjjGlGla HTTP 302
    https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attac... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

121
Requests

100 %
HTTPS

54 %
IPv6

26
Domains

41
Subdomains

37
IPs

5
Countries

3574 kB
Transfer

6516 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cra.omeclk.com/portal/wts/ugmcnr-gB6ehm6%7CQ6qq70yvL88hs3FjjGlGla HTTP 302
    https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7910I6591389B9B&time=1587136632763 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D68780%26url%3Dhttps%253A%252F%252Fwww.scmagazine.com%252Fhome%252Fsecurity-news%252Fransomware%252Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%252F%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DSCUS_Newswire_%257B%257B%252527now%252527%257Cdate%253A%252527%2525Y%2525m%2525d%252527%257D%257D%2526hmSubId%253D%257B%257Bcontact.cms_id_encrypted%257D%257D%2526email_hash%253D%257B%257Bcontact.email%257Cmd5%257D%257D%2526oly_enc_id%253D7910I6591389B9B%26time%3D1587136632763%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7910I6591389B9B&time=1587136632763&liSync=true
Request Chain 60
  • https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D1122%26pixelIndex%3D0%26r%3D964095%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.scmagazine.com%252Fhome%252Fsecurity-news%252Fransomware%252Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%252F%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DSCUS_Newswire_%257B%257B%252527now%252527%257Cdate%253A%252527%2525Y%2525m%2525d%252527%257D%257D%2526hmSubId%253D%257B%257Bcontact.cms_id_encrypted%257D%257D%2526email_hash%253D%257B%257Bcontact.email%257Cmd5%257D%257D%2526oly_enc_id%253D7910I6591389B9B&_=1587136632895 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D1122%2526pixelIndex%253D0%2526r%253D964095%2526tzOffset%253D-120%2526url%253Dhttps%25253A%25252F%25252Fwww.scmagazine.com%25252Fhome%25252Fsecurity-news%25252Fransomware%25252Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%25252F%25253Futm_source%25253Dnewsletter%252526utm_medium%25253Demail%252526utm_campaign%25253DSCUS_Newswire_%25257B%25257B%25252527now%25252527%25257Cdate%25253A%25252527%252525Y%252525m%252525d%25252527%25257D%25257D%252526hmSubId%25253D%25257B%25257Bcontact.cms_id_encrypted%25257D%25257D%252526email_hash%25253D%25257B%25257Bcontact.email%25257Cmd5%25257D%25257D%252526oly_enc_id%25253D7910I6591389B9B%26_%3D1587136632895 HTTP 302
  • https://a.dpmsrv.com/dpmpxl/index.php?id=3624064320840062521&q=xImp&v=1.x&cl=1122&pixelIndex=0&r=964095&tzOffset=-120&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7910I6591389B9B&_=1587136632895
Request Chain 65
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1028458963&t=pageview&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7910I6591389B9B&ul=en-us&de=UTF-8&dt=Ragnar%20Locker%E2%80%99s%20well-conceived%20ransomware%20attack%20on%20Energias%20de%20Portugal%20%7C%20SC%20Media&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAAADQ~&jid=206465093&gjid=1569698514&cid=1731019722.1587136633&tid=UA-1290429-10&_gid=857728441.1587136633&_r=1&gtm=2wg480MHZ6C39&cd1=104767%3A0&cd2=critical%20infrastructure%2Ccybercrime%2Cransomware&cd3=Doug%20Olenick&cd4=&cd5=post&cd6=News&cd7=&cd9=2020-04-16&cd10=437&cd12=&cd14=&cd15=&z=66344922 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1290429-10&cid=1731019722.1587136633&jid=206465093&_gid=857728441.1587136633&gjid=1569698514&_v=j81&z=66344922 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=1731019722.1587136633&jid=206465093&_v=j81&z=66344922 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=1731019722.1587136633&jid=206465093&_v=j81&z=66344922&slf_rd=1&random=2208995829
Request Chain 68
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupzAwQilJPKPsglu3VomMnV68uo0QAP0RuEBEwZF8YjZwOqH4TPb62RxcZPN_sGdr9eme5izZ3F63t1pWk1F1w6yY-sWarLFUrmvy_muyOnpvVKQ-V9MNJQ4-x3Vpe_j0oN0_dzmnjzzlbx-QRbsM5wtb6QU6dIKS-V_l9I4PLxD31D9WvR7epyWdSDWlC_VCkkGdBtzWiNaksidD-YJQZss8RYLlskrbG0i5c6Y1cWjb0lXrnD1HIRFxM0DZ7lq4TC26aQgCaA-4agNw&sai=AMfl-YQXdYvGShkkjFP1hegGt_zO_iUISJrhYm4jkm6d6BpNLh795i2Z8TN6XyFryGYIZ1H2i_e9pEo9liFB835s6Waf_IFg1x7WWVpS4dgt4w&sig=Cg0ArKJSzKRIZJA6nGvBEAE&urlfix=1&adurl=https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDn5vzuURABGAEyCIpg8wtxFUxf&b2s=false HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDn5vzuURABGAEyCIpg8wtxFUxf&b2s=false
Request Chain 69
  • https://ad.doubleclick.net/ddm/trackimp/N510001.130598SCMAGAZINEUS2/B23930244.270774553;dc_trk_aid=465774920;dc_trk_cid=130306048;ord=910314620;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N510001.130598SCMAGAZINEUS2/B23930244.270774553;dc_pre=CMT449ng7-gCFaLIuwgdjMkPzQ;dc_trk_aid=465774920;dc_trk_cid=130306048;ord=910314620;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 75
  • https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=3624064320840062521&pixelIndex=0&_=1587136632896 HTTP 302
  • https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=3624064320840062521&pixelIndex=0&_=1587136632896&google_gid=CAESELpKewTZ6htTvrSfTM9r3ws&google_cver=1
Request Chain 77
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5e99c879f3e86b0008f6f6e7&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5e99c879f3e86b0008f6f6e7&gdpr=0 HTTP 302
  • https://polo-v1.feathr.co/v1/analytics/match?f_id=5e99c879f3e86b0008f6f6e7&ttd_id=67a08d4e-31da-415b-a96d-27077dcbf020
Request Chain 79
  • https://api-52-25-229-25.b2c.com/api/x?k5X0ydfBJAO1JvNA$YWRibG9jayQ3MzAkMA HTTP 302
  • https://api-52-25-229-25.b2c.com:444/api/4?k5X0ydfBJAO1JvNA

121 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/
Redirect Chain
  • https://cra.omeclk.com/portal/wts/ugmcnr-gB6ehm6%7CQ6qq70yvL88hs3FjjGlGla
  • https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{...
88 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
647bbbd8587043c635def107c546f4bd90516e1fc21c49a3d50c03f994d14e66
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.scmagazine.com
:scheme
https
:path
/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 17 Apr 2020 15:17:11 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d7cc59780ec156958837c557b32844ca51587136631; expires=Sun, 17-May-20 15:17:11 GMT; path=/; domain=.scmagazine.com; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie,X-WPENGINE-SEGMENT
link
<https://www.scmagazine.com/wp-json/>; rel="https://api.w.org/" <https://www.scmagazine.com/?p=104767>; rel=shortlink
x-powered-by
WP Engine
x-cacheable
SHORT
cache-control
max-age=600, must-revalidate
x-cache
HIT: 10
x-cache-group
normal
x-frame-options
SAMEORIGIN
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
server
cloudflare
cf-ray
58571c8a7b3a177a-FRA
content-encoding
br
cf-request-id
022a502a8b0000177a952a4200000001

Redirect headers

X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Location
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{'now'|date:'%Y%m%d'}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Content-Length
0
Date
Fri, 17 Apr 2020 17:17:11 CEST
Server
Apache
style.min.css
www.scmagazine.com/wp-includes/css/dist/block-library/ 		52 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d02934f0a5b722dbd076dda86e34373e037158a672a8a10409bcbdb5a9040b42
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
624099
status
200
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id
022a502b3a0000177a952ae200000001
last-modified
Tue, 10 Mar 2020 15:42:14 GMT
server
cloudflare
etag
W/"5e67b556-d0f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
58571c8b9dcc177a-FRA
shared-style.min.css
www.scmagazine.com/wp-content/themes/haymarket/dist/css/ 		48 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/wp-content/themes/haymarket/dist/css/shared-style.min.css?ver=1576575436
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33fe4fe8214760f15a5fdd753b5c396ee5b916e5d6f66f79d4765ed260706723
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
624099
status
200
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id
022a502b3a0000177a952af200000001
last-modified
Tue, 17 Dec 2019 09:37:16 GMT
server
cloudflare
etag
W/"5df8a1cc-c05a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
58571c8b9dce177a-FRA
olytics.css
olytics.omeda.com/olytics/css/v3/p/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/css/v3/p/olytics.css?ver=1.0
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
b1dee28cc772eb1903b9c309483167354c1054136ccf16ef18908b2eecd4b980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 17 Apr 2020 15:17:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 31 Jan 2020 16:30:36 GMT
Server
Apache
ETag
W/"13883-1580488236000"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Accept-Ranges
bytes
vary
accept-encoding
X-XSS-Protection
1; mode=block
Expires
Fri, 17 Apr 2020 21:17:11 GMT
style.min.css
www.scmagazine.com/wp-content/themes/haymarket/dist/css/ 		240 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/wp-content/themes/haymarket/dist/css/style.min.css?ver=1584149012
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
828a9b7392d22c3f9dfaabb21b2e9c640df68c5035c01daf47a95a9d95f7b9d5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
624099
status
200
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id
022a502b3a0000177a952b0200000001
last-modified
Sat, 14 Mar 2020 01:23:32 GMT
server
cloudflare
etag
W/"5e6c3214-3bf22"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
58571c8b9dcf177a-FRA
css
fonts.googleapis.com/ 		3 KB
642 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
90bedfa7bbd2bb58b7f47611a77feaf852c117ed7e344885cdb34f7df940658f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Apr 2020 15:17:11 GMT
server
ESF
date
Fri, 17 Apr 2020 15:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Apr 2020 15:17:11 GMT
lytics.min.css
www.scmagazine.com/wp-content/themes/haymarket/dist/css/ 		37 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/wp-content/themes/haymarket/dist/css/lytics.min.css?ver=1576575436
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ece5f25bbc643556099a200aa2df5c428d74048e55db71c1880afd1adcb425a9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
624099
status
200
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id
022a502b3a0000177a952b1200000001
last-modified
Tue, 17 Dec 2019 09:37:16 GMT
server
cloudflare
etag
W/"5df8a1cc-95f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
58571c8b9dd0177a-FRA
css
fonts.googleapis.com/ 		825 B
460 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Bree+Serif&ver=0.1.1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
19aa6c614f72f6bb67cb17a6169ca551686c2bab5475293c95880f5f32cd830e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Apr 2020 15:17:11 GMT
server
ESF
date
Fri, 17 Apr 2020 15:17:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Apr 2020 15:17:11 GMT
jquery.js
www.scmagazine.com/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
624099
status
200
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id
022a502b3a0000177a952b2200000001
last-modified
Fri, 17 May 2019 04:25:54 GMT
server
cloudflare
etag
W/"5cde37d2-17a69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
58571c8b9dd1177a-FRA
jquery-migrate.min.js
www.scmagazine.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
624099
status
200
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id
022a502b3a0000177a952b3200000001
last-modified
Fri, 20 May 2016 06:11:28 GMT
server
cloudflare
etag
W/"573eaa90-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
58571c8b9dd6177a-FRA
cookie.min.js
www.scmagazine.com/wp-content/mu-plugins/cookie-controller/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/wp-content/mu-plugins/cookie-controller/js/cookie.min.js?ver=1.2
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e828282e92509efc0f7bc57888382c5816bd403e0abbb685eda5c4372cc7daa5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
624099
status
200
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id
022a502b3a0000177a952b4200000001
last-modified
Tue, 17 Dec 2019 09:37:13 GMT
server
cloudflare
etag
W/"5df8a1c9-834"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
58571c8b9dd8177a-FRA
hm-olytics-beacon.js
www.scmagazine.com/wp-content/plugins/hm-olytics-beacon/js/ 		1 KB
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/wp-content/plugins/hm-olytics-beacon/js/hm-olytics-beacon.js?ver=1.0
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90a260084cfdf97ada7a8e0650eb310a4206d79f1b3a53225d2b9053cc9e4c13
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
624099
status
200
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id
022a502b3a0000177a952b5200000001
last-modified
Tue, 17 Dec 2019 09:37:14 GMT
server
cloudflare
etag
W/"5df8a1ca-421"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
58571c8b9dda177a-FRA
UtilityMove-custom.min.js
www.scmagazine.com/wp-content/themes/haymarket/assets/vendor/ 		2 KB
846 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/wp-content/themes/haymarket/assets/vendor/UtilityMove-custom.min.js?ver=1576744511
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cffef365e4b53f1a6e9d33a7d42c0d1542b573360f774069589240f75f0e84f1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
624099
status
200
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id
022a502b3a0000177a952b6200000001
last-modified
Thu, 19 Dec 2019 08:35:11 GMT
server
cloudflare
etag
W/"5dfb363f-751"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
58571c8b9dde177a-FRA
polyfill.min.js
www.scmagazine.com/wp-content/themes/haymarket/assets/js/frontend/ 		102 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/wp-content/themes/haymarket/assets/js/frontend/polyfill.min.js?ver=1576575436
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
624099
status
200
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id
022a502b3a0000177a952b7200000001
last-modified
Tue, 17 Dec 2019 09:37:16 GMT
server
cloudflare
etag
W/"5df8a1cc-19873"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
58571c8b9deb177a-FRA
gpt.js
www.googletagservices.com/tag/js/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3668f6bc8dd86f6690ad159eed9c3020cf6af81084e29712995005ecc7176aff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"488 / 953 of 1000 / last-modified: 1587070946"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14316
x-xss-protection
0
expires
Fri, 17 Apr 2020 15:17:11 GMT
head.min.js
www.scmagazine.com/wp-content/themes/haymarket/dist/js/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/head.min.js?ver=1584542829
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84fe87df0041db87059cf9c0c269909ea90f7c2d6d14cf048db79734f9f31858
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
624099
status
200
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id
022a502b3a0000177a952b8200000001
last-modified
Wed, 18 Mar 2020 14:47:09 GMT
server
cloudflare
etag
W/"5e72346d-ad2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
58571c8b9dec177a-FRA
SC-MEDIACYBERSOURCEnotag.jpg
www.scmagazine.com/wp-content/uploads/sites/2/2020/01/ 		138 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.scmagazine.com/wp-content/uploads/sites/2/2020/01/SC-MEDIACYBERSOURCEnotag.jpg
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad6110f575081c4de945f980ccf2e045737f164ad2a3d294daffd192f7a5c914
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
626966
status
200
vary
Accept-Encoding
content-length
141243
cf-request-id
022a502c090000177a952cb200000001
last-modified
Tue, 21 Jan 2020 20:09:10 GMT
server
cloudflare
etag
"5e275a66-227bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
58571c8cd910177a-FRA
gtm.js
www.googletagmanager.com/ 		131 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MHZ6C39
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ffe7e119c5d16a070d3f0231b10f982f534643666e0464ce08900d78a99f3c65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
39942
x-xss-protection
0
last-modified
Fri, 17 Apr 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 Apr 2020 15:17:11 GMT
CSAM.png
www.scmagazine.com/wp-content/uploads/sites/2/2020/03/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.scmagazine.com/wp-content/uploads/sites/2/2020/03/CSAM.png
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3326bcc413a9b2f40f263dc4fb4c5f9ef9a0907acf1bd60eb112cd8bbf7e814
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
626965
status
200
vary
Accept-Encoding
content-length
8956
cf-request-id
022a502c6e0000177a952d4200000001
last-modified
Tue, 17 Mar 2020 21:29:07 GMT
server
cloudflare
etag
"5e714123-22fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
58571c8d7a98177a-FRA
spinner.svg
www.scmagazine.com/wp-content/themes/haymarket/assets/svg/src/ 		694 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.scmagazine.com/wp-content/themes/haymarket/assets/svg/src/spinner.svg
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb1dd7905b3797711e15609800d43cabead4c0358dc0030a1932a20e82a37d7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
626965
status
200
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id
022a502c6e0000177a952d5200000001
last-modified
Tue, 17 Dec 2019 09:37:16 GMT
server
cloudflare
etag
W/"5df8a1cc-2b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
58571c8d7a9f177a-FRA
email-decode.min.js
www.scmagazine.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
866 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
cf-request-id
022a502b800000177a952bf200000001
last-modified
Tue, 14 Apr 2020 14:46:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5e95ccb7-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
58571c8c0ee9177a-FRA
expires
Sun, 19 Apr 2020 15:17:11 GMT
ransomware2_1308382-150x150.jpg
www.scmagazine.com/wp-content/uploads/sites/2/2018/08/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.scmagazine.com/wp-content/uploads/sites/2/2018/08/ransomware2_1308382-150x150.jpg
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e11da3c498eb92c6659da09c4eaa03fff2aa932e3a4fc1394513a276fab0c0bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
138672
status
200
vary
Accept-Encoding
content-length
16672
cf-request-id
022a502c6e0000177a952d6200000001
last-modified
Fri, 06 Dec 2019 01:52:07 GMT
server
cloudflare
etag
"5de9b447-4120"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
58571c8d7aa2177a-FRA
2b6d39d680de90da3cea5ebacea7f74c744475a9-v3.js
content.maropost.com/uploads/1325/websites/1/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.maropost.com/uploads/1325/websites/1/2b6d39d680de90da3cea5ebacea7f74c744475a9-v3.js?ver=1.1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:dc00:a:1779:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c7e4012cb73f8c0836fa8aee34bb0da2250b5af84d0c4a1959d60764597f05a

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 13:41:08 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc5.cloudfront.net (CloudFront)
last-modified
Thu, 13 Dec 2018 20:46:06 GMT
server
AmazonS3
age
5764
etag
"33bca5680760348835deea8e5dcbdb62"
x-cache
Hit from cloudfront
status
200
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2565
x-amz-cf-id
CGrfNVJpA1aF09iOwZhRJtXELm_slp9yy9l-fDswxUr8D5xD90RsLg==
blocks.min.js
www.scmagazine.com/wp-content/themes/haymarket/dist/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/blocks.min.js?ver=1580891445
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dfb849a3b8bcf3e07184092c4cc99a9f08f27f01e5de41a871d3ee8750303bd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
624099
status
200
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id
022a502b8b0000177a952c0200000001
last-modified
Wed, 05 Feb 2020 08:30:45 GMT
server
cloudflare
etag
W/"5e3a7d35-1b54"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
58571c8c1f1f177a-FRA
feather-tool.js
www.scmagazine.com/wp-content/plugins/hm-feathr-tool/js/ 		548 B
451 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/wp-content/plugins/hm-feathr-tool/js/feather-tool.js?ver=1.2
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
579a9beff0c400b8b0e87f99d32c3ec8b2b3232232d6ac63438434a0a0d7a8b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
624099
status
200
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id
022a502c6e0000177a952d7200000001
last-modified
Tue, 17 Dec 2019 09:37:14 GMT
server
cloudflare
etag
W/"5df8a1ca-224"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
58571c8d7aa5177a-FRA
hm-olytics-page-tag.js
www.scmagazine.com/wp-content/plugins/hm-olytics-beacon/js/ 		103 B
265 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/wp-content/plugins/hm-olytics-beacon/js/hm-olytics-page-tag.js?ver=1.0
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b79426177f0c17d98c2ffe3aee5403f1f2a50b85d7177080cd06cfc37e2a300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
624099
status
200
vary
Accept-Encoding, Accept-Encoding
cf-request-id
022a502c6e0000177a952d8200000001
last-modified
Tue, 17 Dec 2019 09:37:14 GMT
server
cloudflare
etag
W/"5df8a1ca-67"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
58571c8d7aaa177a-FRA
hmi-registration-ui.manifest.js
s3.amazonaws.com/haymarket-reg-js/develop/production/ 		799 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/haymarket-reg-js/develop/production/hmi-registration-ui.manifest.js?ver=0.1.1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.41.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4d3e9dbf75d761b4fc344b3be601971eb517ce533c7ce46e093539e03349616e

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 17 Apr 2020 15:17:13 GMT
Last-Modified
Wed, 12 Feb 2020 21:49:01 GMT
Server
AmazonS3
x-amz-request-id
F84F7C123E04EC31
ETag
"6878a8fbe72bde4a3f8ecf5b16523972"
Content-Type
application/javascript
x-amz-version-id
FP3SW71vA20BSgqiArAX.j7pMa0EJKOy
Accept-Ranges
bytes
Content-Length
799
x-amz-id-2
c9iwAHr+Yd2/jv7K24KtPanPMYzNAyHXb/6jWHAIXNIsWVjm2WcIqlyt4J2DySXadWh6gLIWUgQ=
hmi-registration-ui.vendor.js
s3.amazonaws.com/haymarket-reg-js/develop/production/ 		357 KB
357 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/haymarket-reg-js/develop/production/hmi-registration-ui.vendor.js?ver=0.1.1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.41.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7ad20336a8307853dc49274515b01a6e154c0028e23f3868ca19b5934accfffc

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 17 Apr 2020 15:17:13 GMT
Last-Modified
Wed, 12 Feb 2020 21:49:01 GMT
Server
AmazonS3
x-amz-request-id
8692C95DF3A41B0C
ETag
"6d58ae43141a010043649e2fd1f590c0"
Content-Type
application/javascript
x-amz-version-id
gDV5x7r8gWZYlxPw8bO7wni3U6LTB.1i
Accept-Ranges
bytes
Content-Length
365119
x-amz-id-2
spnYEJaU05pFk32+U+XVk/QFR3KRNcKgYH/Y6iJSLR2zXT9SCye0rARDi5tv8ZBka5+HxnbAKm4=
hmi-registration-ui.bundle.js
s3.amazonaws.com/haymarket-reg-js/develop/production/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/haymarket-reg-js/develop/production/hmi-registration-ui.bundle.js?ver=0.1.1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.41.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
88b8c776fc89926dc0cc65d4a48d474bfe7f8f37924e799573ed0fff5193b0f2

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 17 Apr 2020 15:17:13 GMT
Last-Modified
Wed, 12 Feb 2020 21:49:01 GMT
Server
AmazonS3
x-amz-request-id
43414151C9A82628
ETag
"3a66e4d9eceb2cb1e6e6ca7e9ca96fdb"
Content-Type
application/javascript
x-amz-version-id
GHVjyfKKvMDjNPvT7T1RqN_VMfTa9kyy
Accept-Ranges
bytes
Content-Length
1286890
x-amz-id-2
kc7DkopXXbL5U3DmJJ4/1KxeJGHdF9tnvZBxA/o9Pf2wA8ecuyduObIuCm1ykR1MKyrZH0EurTI=
frontend.min.js
www.scmagazine.com/wp-content/themes/haymarket/dist/js/ 		146 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1580891445
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a5e9ddb7de073e40c06c4adf1ac055f3612ea07ca54daedf58d1d4758ab7cd8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
624099
status
200
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id
022a502bb10000177a952c3200000001
last-modified
Wed, 05 Feb 2020 08:30:45 GMT
server
cloudflare
etag
W/"5e3a7d35-246ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
58571c8c4fb4177a-FRA
iab.min.js
www.scmagazine.com/wp-content/themes/haymarket/dist/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1580891445
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d06646168f416ecb2c39087699341d4714ef31df7e6014a8d983c5bdb2527fd1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
624099
status
200
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id
022a502bd00000177a952c6200000001
last-modified
Wed, 05 Feb 2020 08:30:45 GMT
server
cloudflare
etag
W/"5e3a7d35-1edd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
58571c8c8821177a-FRA
wp-embed.min.js
www.scmagazine.com/wp-includes/js/ 		1 KB
793 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/wp-includes/js/wp-embed.min.js?ver=5.4
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
624099
status
200
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id
022a502be40000177a952c7200000001
last-modified
Sat, 26 Oct 2019 00:17:07 GMT
server
cloudflare
etag
W/"5db39083-59a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
58571c8ca880177a-FRA
olytics.min.js
olytics.omeda.com/olytics/js/v3/p/ 		256 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/wp-content/plugins/hm-olytics-beacon/js/hm-olytics-beacon.js?ver=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
591c03fa5d6aeafd8a894846669613efc6fa5103beba00fbada8d2b340039260
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 17 Apr 2020 15:17:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 03 Apr 2020 00:50:52 GMT
Server
Apache
ETag
W/"262321-1585875052000"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Accept-Ranges
bytes
vary
accept-encoding
X-XSS-Protection
1; mode=block
Expires
Fri, 17 Apr 2020 21:17:11 GMT
src.svg
www.scmagazine.com/wp-content/themes/haymarket/assets/svg/ 		33 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1576575436
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
866e74600600f8647c979414828f3538d646101dc8504de84c2ed00e30460811
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
623592
status
200
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id
022a502c9c0000177a952dd200000001
last-modified
Tue, 17 Dec 2019 09:37:16 GMT
server
cloudflare
etag
W/"5df8a1cc-8317"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
58571c8dcb64177a-FRA
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i
Origin
https://www.scmagazine.com

Response headers

date
Wed, 15 Apr 2020 01:32:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
222263
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14044
x-xss-protection
0
expires
Thu, 15 Apr 2021 01:32:48 GMT
chevron-right-white.svg
www.scmagazine.com/wp-content/themes/haymarket/assets/svg/src/ 		190 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.scmagazine.com/wp-content/themes/haymarket/assets/svg/src/chevron-right-white.svg
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/wp-content/themes/haymarket/assets/vendor/UtilityMove-custom.min.js?ver=1576744511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e0da2e2d764c1a202d33dd39287784df8ac6bc20c7401ea14f2d62001292856
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/wp-content/themes/haymarket/dist/css/style.min.css?ver=1584149012
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
626962
status
200
vary
Accept-Encoding, Accept-Encoding
cf-request-id
022a502c9c0000177a952de200000001
last-modified
Tue, 17 Dec 2019 09:37:16 GMT
server
cloudflare
etag
W/"5df8a1cc-be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
58571c8dcb68177a-FRA
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/wp-content/themes/haymarket/assets/vendor/UtilityMove-custom.min.js?ver=1576744511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i
Origin
https://www.scmagazine.com

Response headers

date
Sat, 28 Mar 2020 09:55:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
age
1747273
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14176
x-xss-protection
0
expires
Sun, 28 Mar 2021 09:55:58 GMT
S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v16/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/wp-content/themes/haymarket/assets/vendor/UtilityMove-custom.min.js?ver=1576744511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i
Origin
https://www.scmagazine.com

Response headers

date
Mon, 13 Apr 2020 11:37:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:51 GMT
server
sffe
age
358791
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14864
x-xss-protection
0
expires
Tue, 13 Apr 2021 11:37:20 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.scmagazine.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Apr 2020 15:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.scmagazine.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Apr 2020 15:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2020040702.js
securepubads.g.doubleclick.net/gpt/ 		167 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
sffe /
Resource Hash
740078cb1778d885689a3108d2ca696b01fd80cb73437528af4ed0dd6e7466b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Apr 2020 20:25:36 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
62521
x-xss-protection
0
expires
Fri, 17 Apr 2020 15:17:12 GMT
lio.js
c.lytics.io/api/tag// 		40 B
255 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/tag//lio.js
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1580891445
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6557812bb342a14c23635e24733f11e5752f9807a85053be80b6fbd955a34ed9

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
58571c8f8a20dfeb-FRA
date
Fri, 17 Apr 2020 15:17:12 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
1798
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=7200
content-encoding
br
access-control-allow-origin
*
cf-request-id
022a502db50000dfebeb92b200000001
most-widget
www.scmagazine.com/wp-json/haymarket/v1/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/wp-json/haymarket/v1/most-widget?id=most-5
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1580891445
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
1ddccc64f1b5624869a0188a2904c6290e534290975a305aaa39a4141037363f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
SHORT
x-powered-by
WP Engine
x-cache
HIT: 72
status
200
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
cf-request-id
022a502db70000177a952f4200000001
x-cache-group
normal
access-control-allow-headers
Authorization, Content-Type
allow
GET
x-robots-tag
noindex
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages
cache-control
max-age=600, must-revalidate
cf-ray
58571c8f8ff6177a-FRA
link
<https://www.scmagazine.com/wp-json/>; rel="https://api.w.org/"
partial-login
www.scmagazine.com/wp-json/haymarket/v1/ 		58 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.scmagazine.com/wp-json/haymarket/v1/partial-login?subid=%7B%7Bcontact.cms_id_encrypted%7D%7D&subemail=
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1580891445
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
d7b32b5c219a591a8d4c1b3fbf363951965e2d9917e66fda462d77cd4149e5cb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
SHORT
x-powered-by
WP Engine
x-cache
HIT: 9
status
200
vary
Accept-Encoding,Cookie
cf-request-id
022a502db80000177a952f5200000001
x-cache-group
normal
link
<https://www.scmagazine.com/wp-json/>; rel="https://api.w.org/"
allow
GET
x-robots-tag
noindex
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages
cache-control
max-age=600, must-revalidate
cf-ray
58571c8f8ffc177a-FRA
access-control-allow-headers
Authorization, Content-Type
/
accounts.haymarketmedia.com/sso/check/ 		45 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.haymarketmedia.com/sso/check/?gn=106
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1580891445
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.207.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-207-174.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
916b46685de3064525220ba828d946e60ab332f5e65c62d7df5fe9877f9c54b2

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:12 GMT
x-aspnetmvc-version
4.0
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.scmagazine.com
cache-control
private
access-control-allow-credentials
true
content-length
45
boomerang.min.js
cdn.feathr.co/js/ 		113 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.feathr.co/js/boomerang.min.js
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/wp-content/plugins/hm-feathr-tool/js/feather-tool.js?ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681c:70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
880dd1410cf9bfe0f45193fe975b05e6915df228c6304d3b8f279f4e2275351c

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:12 GMT
content-encoding
br
cf-cache-status
HIT
age
547
status
200
x-amz-request-id
CC6861E473FD2264
x-amz-id-2
cSXQLI8MB00FAnnifmKRkukdYCA8s29rUOCugEgJLaJE2cxHLlnpz5cEPNB82Wko+G9TVnhoL/U=
last-modified
Thu, 09 Jan 2020 04:21:07 GMT
server
cloudflare
etag
W/"875ba0ef01af6581f7677611021de48a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
022a502dd70000635f5637e200000001
cf-ray
58571c8fb9a6635f-FRA
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHZ6C39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
5918
date
Fri, 17 Apr 2020 13:38:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Fri, 17 Apr 2020 15:38:34 GMT
7341.js
script.crazyegg.com/pages/scripts/0034/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0034/7341.js?440871
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHZ6C39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:12 GMT
cf-cache-status
HIT
last-modified
Tue, 14 Apr 2020 17:59:22 GMT
server
cloudflare
age
249470
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
410
cache-control
max-age=86400
cf-ray
58571c8ffcef63bf-FRA
content-length
0
cf-request-id
022a502dfa000063bf1b180200000001
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHZ6C39
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.94.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-94-29.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0615974c40d602afdbf9759533e352bc17b0458c85aad6694b1a1ad20659625b

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 17 Apr 2020 01:21:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Jan 2020 19:16:48 GMT
Server
AmazonS3
Age
50119
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
UzneulPXfrBjhDRImbfKHkjrlMTBZhthEZbdHHdwpAmBZfUODARULw==
insight.min.js
snap.licdn.com/li.lms-analytics/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:2b0::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 17 Apr 2020 15:17:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=82698
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
init-131xlxqjsfx7lh82dpc.js
api.b2c.com/api/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.b2c.com/api/init-131xlxqjsfx7lh82dpc.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHZ6C39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5802:59c3:73bd:6861:39b1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
f4d14796ac764002ef852c1f3da08f547aa6f821b18ce1124723a70b7c46504d

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Apr 2020 15:17:12 GMT
content-encoding
gzip
server
openresty
content-type
text/javascript
status
200
cache-control
no-cache, no-store, must-revalidate
expires
-1
dpm_00fd4b4549a1094aae926ef62e9dbd3cdcc2e456.min.js
s.dpmsrv.com/ 		107 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.dpmsrv.com/dpm_00fd4b4549a1094aae926ef62e9dbd3cdcc2e456.min.js
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-97-40.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f04e142a312cc60fc9bafd85e3dd67ad8cd6ca28f4ebf77a9c62e3e1872d6c93

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 17 Apr 2020 02:23:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Feb 2020 16:30:12 GMT
Server
AmazonS3
Age
46429
ETag
"a6de55794f80705064671cc01598f1a2"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
Connection
keep-alive
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
38003
X-Amz-Cf-Id
vAUk9MBfmaqPzer8x2frsUiVNg105PIpbneiMoDx2BhnMEdLvo5pLQ==
olytics
oqs.omeda.com/oqs/rest/ 		15 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oqs.omeda.com/oqs/rest/olytics
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.165 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
2edaa30d4700e9c64439fd90cba328cf7eeb1177cbf7b7e26520266bb75d724d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 17 Apr 2020 15:17:11 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Apr 2020 15:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
2834666070277554483
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
private, max-age=3600
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 17 Apr 2020 15:17:12 GMT
olytics
oqs.omeda.com/oqs/rest/ 		15 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oqs.omeda.com/oqs/rest/olytics
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.165 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
2edaa30d4700e9c64439fd90cba328cf7eeb1177cbf7b7e26520266bb75d724d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 17 Apr 2020 15:17:11 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
gpt.js
www.googletagservices.com/tag/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"488 / 360 of 1000 / last-modified: 1587070946"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 17 Apr 2020 15:17:12 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-po...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D68780%26url%3Dhttps%253A%252F%252Fwww.scmagazine.com%252Fhome%252Fsecurity-news%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-po...
0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7910I6591389B9B&time=1587136632763&liSync=true
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:13 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
status
200
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
0
x-li-uuid
mnqP61ukBhaAlaTefysAAA==

Redirect headers

date
Fri, 17 Apr 2020 15:17:13 GMT
x-content-type-options
nosniff
linkedin-action
1
status
302
x-li-pop
prod-tln1
content-length
0
x-li-uuid
DN4N1FukBhbAMV999CoAAA==
pragma
no-cache
server
Play
cache-control
no-cache, no-store
x-frame-options
sameorigin
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=68780&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7910I6591389B9B&time=1587136632763&liSync=true
x-xss-protection
1; mode=block
x-li-proto
http/2
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
expires
Thu, 01 Jan 1970 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		66 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-TCMLVLP&t=gtm1&cid=1731019722.1587136633
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3fda4429219837a4dbba131ceb68fbaa8db52ce56a1f0ad02b861c9180969218
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:12 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
25205
x-xss-protection
0
last-modified
Fri, 17 Apr 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 Apr 2020 15:17:12 GMT
integrations
polo.feathr.co/v1/accounts/5c2d2a2366bba411c7d26e37/ 		54 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://polo.feathr.co/v1/accounts/5c2d2a2366bba411c7d26e37/integrations
Requested by
Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.179.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-179-184.compute-1.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
68795cb80606f19d4ec0d92744af85048164f53500ad9535229c470fe24fe28a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:12 GMT
server
nginx/1.17.8
status
200
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
54
refresh
marco.feathr.co/v1/ 		43 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://marco.feathr.co/v1/refresh
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-111.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:13 GMT
via
1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amzn-requestid
ac3b22e0-c178-4de7-9d0a-6386fac1462d
status
200
access-control-allow-methods
*
content-type
image/gif
access-control-allow-origin
*
x-amzn-trace-id
Root=1-5e99c879-81c6576a9b684eac34ff626a;Sampled=0
x-cache
Miss from cloudfront
x-amz-apigw-id
LIxC7HmMoAMFV9w=
content-length
43
x-amz-cf-id
ZnNEgBL5ts6HUjHoy3FbhpScl_6VBU2FciMWXxfpdRMkAfRU65KTVQ==
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key
ad.gif
api-52-25-229-25.b2c.com/api/ 		43 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-52-25-229-25.b2c.com/api/ad.gif
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5802:b4cf:edc:9d0a:a87c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 17 Apr 2020 15:17:13 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
openresty
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
index.php
a.dpmsrv.com/dpmpxl/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D1122%26pixelIndex%3D0%26r%3D964095%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.scmagazine.c...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D1122%2526pixelIndex%253D0%2526r%253D964095%2526tzOffset%2...
  • https://a.dpmsrv.com/dpmpxl/index.php?id=3624064320840062521&q=xImp&v=1.x&cl=1122&pixelIndex=0&r=964095&tzOffset=-120&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragn...
247 B
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.dpmsrv.com/dpmpxl/index.php?id=3624064320840062521&q=xImp&v=1.x&cl=1122&pixelIndex=0&r=964095&tzOffset=-120&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7910I6591389B9B&_=1587136632895
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.233.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-233-94.compute-1.amazonaws.com
Software
/
Resource Hash
4f8984f39e0ef4793954d7228d6324478396ebb4ce9390109a68b6611051320a

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
content-encoding
gzip
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Access-Control-Allow-Headers
content-type, accept
Content-Length
219
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 17 Apr 2020 15:17:15 GMT
X-Proxy-Origin
82.102.19.132; 82.102.19.132; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.8:80
AN-X-Request-Uuid
9b9edbf5-055f-4564-8451-369fdc028224
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://a.dpmsrv.com/dpmpxl/index.php?id=3624064320840062521&q=xImp&v=1.x&cl=1122&pixelIndex=0&r=964095&tzOffset=-120&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7910I6591389B9B&_=1587136632895
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		406 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1002457150998245&correlator=3818778841611534&output=ldjh&impl=fif&adsid=NT&eid=21065203&vrg=2020040702&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200417&iu_parts=21883553441%2CSkin&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&prev_scp=pos%3D&eri=1&cust_params=pagetype%3Dpost%26author%3DDoug%2520Olenick%26postID%3D104767%26env%3Dlive%26sid%3DRansomware%252CSecurity_News%26cat%3DCritical_Infrastructure%252CCybercrime%252CRansomware%26isnht%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1587136632&dt=1587136632933&dlt=1587136631595&idt=1311&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=2399&adks=1385187290&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7910I6591389B9B&dssz=59&icsg=1125825285915636&mso=67108896&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x2400&msz=1585x1&ga_vid=1731019722.1587136633&ga_sid=1587136633&ga_hid=1028458963&fws=4&ohw=1585&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
536d487cbfc48ddc28793f022899bedd47653856356c36443e31785128e8400d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
220
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.scmagazine.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2020040702.js
securepubads.g.doubleclick.net/gpt/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
sffe /
Resource Hash
fb30d19bfdc58c092bdabad889657613116021c0d07e936fdb3e9e5dbd669872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Apr 2020 20:25:36 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
23928
x-xss-protection
0
expires
Fri, 17 Apr 2020 15:17:12 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1002457150998245&correlator=3818778841611534&output=ldjh&impl=fif&adsid=NT&eid=21065203&vrg=2020040702&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200417&iu_parts=21883553441%2CPrestitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&prev_scp=pos%3D&eri=1&cust_params=pagetype%3Dpost%26author%3DDoug%2520Olenick%26postID%3D104767%26env%3Dlive%26sid%3DRansomware%252CSecurity_News%26cat%3DCritical_Infrastructure%252CCybercrime%252CRansomware%26isnht%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1587136632&dt=1587136632950&dlt=1587136631595&idt=1311&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=2400&adks=1753008912&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7910I6591389B9B&dssz=60&icsg=1125825285915636&mso=67108896&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x2401&msz=1585x1&ga_vid=1731019722.1587136633&ga_sid=1587136633&ga_hid=1028458963&fws=4&ohw=1585&btvi=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
2e0c65a16d7974bc45aed4852dda4a21195f88455e3e3ebcc5a247343461c9e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
3135
x-xss-protection
0
google-lineitem-id
5340281896
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138308376520
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.scmagazine.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1028458963&t=pageview&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1290429-10&cid=1731019722.1587136633&jid=206465093&_gid=857728441.1587136633&gjid=1569698514&_v=j81&z=66344922
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=1731019722.1587136633&jid=206465093&_v=j81&z=66344922
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=1731019722.1587136633&jid=206465093&_v=j81&z=66344922&slf_rd=1&random=2208995829
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=1731019722.1587136633&jid=206465093&_v=j81&z=66344922&slf_rd=1&random=2208995829
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Apr 2020 15:17:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Apr 2020 15:17:13 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1290429-10&cid=1731019722.1587136633&jid=206465093&_v=j81&z=66344922&slf_rd=1&random=2208995829
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame F401 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2b61d11f84d5b7b5fe235f5df3fdde28d60254207abffc86419fcba2e411ed6

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2565892bc9a7c05ac215b1784631317b1c0a8c7a91986394662768a6d4dab1d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1586950235212681"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28446
x-xss-protection
0
expires
Fri, 17 Apr 2020 15:17:13 GMT
imgad
tpc.googlesyndication.com/pagead/
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupzAwQilJPKPsglu3VomMnV68uo0QAP0RuEBEwZF8YjZwOqH4TPb62RxcZPN_sGdr9eme5izZ3F63t1pWk1F1w6yY-sWarLFUrmvy_muyOnpvVKQ-V9MNJQ4-x3Vpe_j0oN0_dzmnjz...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDn5vzuURABGAEyCIpg8wtxFUxf&b2s=false
226 KB
226 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDn5vzuURABGAEyCIpg8wtxFUxf&b2s=false
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1b47041dccbe06b5f4ea1a15ccfc55d5e9cf670fd054751cababe75142c2633
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 23:42:21 GMT
x-content-type-options
nosniff
server
cafe
age
56092
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
231725
x-xss-protection
0
expires
Thu, 23 Apr 2020 23:42:21 GMT

Redirect headers

timing-allow-origin
*
date
Fri, 17 Apr 2020 15:17:13 GMT
x-content-type-options
nosniff
server
cafe
status
302
location
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDn5vzuURABGAEyCIpg8wtxFUxf&b2s=false
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
B23930244.270774553;dc_pre=CMT449ng7-gCFaLIuwgdjMkPzQ;dc_trk_aid=465774920;dc_trk_cid=130306048;ord=910314620;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N510001.130598SCMAGAZINEUS2/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N510001.130598SCMAGAZINEUS2/B23930244.270774553;dc_trk_aid=465774920;dc_trk_cid=130306048;ord=910314620;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N510001.130598SCMAGAZINEUS2/B23930244.270774553;dc_pre=CMT449ng7-gCFaLIuwgdjMkPzQ;dc_trk_aid=465774920;dc_trk_cid=130306048;ord=910314620;dc_lat=;dc_rdid=;ta...
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N510001.130598SCMAGAZINEUS2/B23930244.270774553;dc_pre=CMT449ng7-gCFaLIuwgdjMkPzQ;dc_trk_aid=465774920;dc_trk_cid=130306048;ord=910314620;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.70 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Apr 2020 15:17:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Apr 2020 15:17:13 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N510001.130598SCMAGAZINEUS2/B23930244.270774553;dc_pre=CMT449ng7-gCFaLIuwgdjMkPzQ;dc_trk_aid=465774920;dc_trk_cid=130306048;ord=910314620;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
x
api-52-25-229-25.b2c.com/api/ 		0
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-52-25-229-25.b2c.com/api/x?k5X0ydfBJAO1JvNA$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL3JhbnNvbXdhcmUvcmFnbmFyLWxvY2tlcnMtd2VsbC1jb25jZWl2ZWQtcmFuc29td2FyZS1hdHRhY2stb24tZW5lcmdpYXMtZGUtcG9ydHVnYWwvP3V0bV9zb3VyY2U9bmV3c2xldHRlciZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj1TQ1VTX05ld3N3aXJlX3t7JTI3bm93JTI3fGRhdGU6JTI3JVklbSVkJTI3fX0maG1TdWJJZD17e2NvbnRhY3QuY21zX2lkX2VuY3J5cHRlZH19JmVtYWlsX2hhc2g9e3tjb250YWN0LmVtYWlsfG1kNX19Jm9seV9lbmNfaWQ9NzkxMEk2NTkxMzg5QjlCIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCQiLCJ2aWRlbyQwJDE2MDB4MTIwMHgyNCIsImZyYW1lJDAkMCIsImhpZGRlbiQwJDAiLCJ2aXNpYmlsaXR5U3RhdGUkMCR2aXNpYmxlIiwiaGFzRm9jdXMkMCQxIiwid2luZG93JDAkMTU4NXgxMjAwIiwiaW5uZXIkMCQxNjAweDEyMDAiLCJvdXRlciQwJDE2MDB4MTIwMCIsImxvY2FsU3RvcmFnZSQwJEVycm9yOiBUeXBlRXJyb3I6IENhbm5vdCByZWFkIHByb3BlcnR5ICdzZXRJdGVtJyBvZiBudWxsIiwic2Vzc2lvblN0b3JhZ2UkNCQxIiwiYXBwQ29kZU5hbWUkNCRNb3ppbGxhIiwiYXBwTmFtZSQ0JE5ldHNjYXBlIiwiYXBwVmVyc2lvbiQ0JDUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNzQuMC4zNzI5LjE2OSBTYWZhcmkvNTM3LjM2IiwiY29va2llRW5hYmxlZCQ0JHRydWUiLCJkb05vdFRyYWNrJDQkIiwiaGFyZHdhcmVDb25jdXJyZW5jeSQ0JDE2IiwibGFuZ3VhZ2UkNCRlbi1VUyIsInBsYXRmb3JtJDQkTGludXggeDg2XzY0IiwicHJvZHVjdCQ0JEdlY2tvIiwicHJvZHVjdFN1YiQ0JDIwMDMwMTA3Iiwic2VuZEJlYWNvbiQ0JDEiLCJ1c2VyQWdlbnQkNCRNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNzQuMC4zNzI5LjE2OSBTYWZhcmkvNTM3LjM2IiwidmVuZG9yJDQkR29vZ2xlIEluYy4iLCJ2ZW5kb3JTdWIkNCQiLCJmb250cmVuZGVyJDgkMSIsIndlYmdsJDkkbi9hIiwid2ViZ2wyJDkkMCIsInRpbWUkOSQxNTg3MTM2NjMyODUwIiwidGltZXpvbmUkOSQtMTIwIiwicGx1Z2lucyQ5JE5vbmUiLCJtZW0tdG90YWxKU0hlYXBTaXplJDkkOC4yODQyNTgiLCJtZW0tdXNlZEpTSGVhcFNpemUkOSQ3LjA0NjUxNCIsIm1lbS1qc0hlYXBTaXplTGltaXQkOSQ0Mjk0LjcwNTE1MiIsInRpbWUtZmV0Y2hTdGFydCQxMCQxMjAiLCJ0aW1lLWRvbWFpbkxvb2t1cFN0YXJ0JDEwJDEyMCIsInRpbWUtZG9tYWluTG9va3VwRW5kJDEwJDEyMCIsInRpbWUtY29ubmVjdFN0YXJ0JDEwJDEyMCIsInRpbWUtY29ubmVjdEVuZCQxMCQxMjAiLCJ0aW1lLXJlcXVlc3RTdGFydCQxMCQxMjAiLCJ0aW1lLXJlc3BvbnNlU3RhcnQkMTAkMjcwIiwidGltZS1yZXNwb25zZUVuZCQxMCQyNzEiLCJ0aW1lLWRvbUxvYWRpbmckMTAkMjc4IiwidGltZS1kb21JbnRlcmFjdGl2ZSQxMCQ5NDMiLCJuYXZpZ2F0aW9uLXJlZGlyZWN0Q291bnQkMTAkMCIsIm5hdmlnYXRpb24tdHlwZSQxMCRuYXZpZ2F0ZSIsImdsb2JhbHMtdGltZSQxNCQwLjU2NSIsImdsb2JhbHMkMTUkZWJlMDhhMDEiLCJkb2N1bWVudC10aW1lJDIwJDAuOTMiLCJkb2N1bWVudCQyMSRjMTZhNTA1NSIsImNvbm5lY3Rpb24kMjEkIiwiZG93bmxpbmtNYXgkMjEkIiwiZ2V0VXNlck1lZGlhJDIxJDIiLCJjbG9jayQyNiQyNTQ5IiwiYmF0dGVyeSQ0NyQxIDEgMCBJbmZpbml0eSIsImF1ZGlvY29udGV4dCQxMTQkZGM2NmE2MjgiLCJpbnRlcnNlY3Rpb24tc2l6ZSQxMzIkMTU4NXgxMjAwIiwiaW50ZXJzZWN0aW9uLWVudGVyJDEzMiQweDAgMTU4NXgxMjAwIiwiaW50ZXJzZWN0aW9uJDEzMiQ1MCIsImZyYW1lcmF0ZSQxMzIkMjAiLCJzb3J0JDE1MyQxOC4yMjU
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:e96:5802:b4cf:edc:9d0a:a87c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Apr 2020 15:17:13 GMT
Server
openresty
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.scmagazine.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
-1
script.js
polo.feathr.co/v1/analytics/match/ 		290 B
565 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polo.feathr.co/v1/analytics/match/script.js?pk=feathr
Requested by
Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.179.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-179-184.compute-1.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
6d151acf8c57d0928285b73d2f28d1532e0070b890defca64c8551d45ba004e1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:13 GMT
content-encoding
gzip
server
nginx/1.17.8
status
200
etag
W/"5e99c879f3e86b0008f6f6e7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
no-cache, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
pixel.js
polo.feathr.co/v1/accounts/5c2d2a2366bba411c7d26e37/ 		32 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polo.feathr.co/v1/accounts/5c2d2a2366bba411c7d26e37/pixel.js?pk=feathr
Requested by
Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.179.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-179-184.compute-1.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:13 GMT
server
nginx/1.17.8
status
200
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
must-revalidate, max-age=14400
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
32
p
olytics.omeda.com/olytics/segments/ 		20 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/segments/p
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 17 Apr 2020 15:17:13 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
/
olytics.omeda.com/olytics/segments/form/check/ 		20 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/segments/form/check/
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 17 Apr 2020 15:17:13 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
index.php
a.dpmsrv.com/dpmpxl/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=3624064320840062521&pixelIndex=0&_=1587136632896
  • https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=3624064320840062521&pixelIndex=0&_=1587136632896&google_gid=CAESELpKewTZ6htTvrSfTM9r3ws&google_cver=1
0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=3624064320840062521&pixelIndex=0&_=1587136632896&google_gid=CAESELpKewTZ6htTvrSfTM9r3ws&google_cver=1
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.233.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-233-94.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Access-Control-Allow-Headers
content-type, accept
Content-Length
0
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Apr 2020 15:17:13 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=3624064320840062521&pixelIndex=0&_=1587136632896&google_gid=CAESELpKewTZ6htTvrSfTM9r3ws&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
368
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
423396.gif
idsync.rlcdn.com/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/423396.gif?partner_uid=3624064320840062521
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Fri, 17 Apr 2020 15:17:13 GMT
via
1.1 google
alt-svc
clear
match
polo-v1.feathr.co/v1/analytics/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5e99c879f3e86b0008f6f6e7&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5e99c879f3e86b0008f6f6e7&gdpr=0
  • https://polo-v1.feathr.co/v1/analytics/match?f_id=5e99c879f3e86b0008f6f6e7&ttd_id=67a08d4e-31da-415b-a96d-27077dcbf020
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polo-v1.feathr.co/v1/analytics/match?f_id=5e99c879f3e86b0008f6f6e7&ttd_id=67a08d4e-31da-415b-a96d-27077dcbf020
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.20.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-20-103.compute-1.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:13 GMT
server
nginx/1.17.8
status
200
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0,no-cache,no-store
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 17 Apr 2020 15:17:13 GMT
x-aspnet-version
4.0.30319
status
302
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://polo-v1.feathr.co/v1/analytics/match?f_id=5e99c879f3e86b0008f6f6e7&ttd_id=67a08d4e-31da-415b-a96d-27077dcbf020
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
crumb
polo.feathr.co/v1/analytics/ 		43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polo.feathr.co/v1/analytics/crumb?cb=1587136633643&a_id=5c2d2a2366bba411c7d26e37&f_id=5e99c879f3e86b0008f6f6e7&ses_id=5e99c878405fb3846c807c27&flvr=page_view&loc_url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7910I6591389B9B&s_w=1600&s_h=1200&b_w=1600&b_h=1200&cust_params=e30=&utm_params=eyJ1dG1fc291cmNlIjoibmV3c2xldHRlciIsInV0bV9tZWRpdW0iOiJlbWFpbCIsInV0bV9jYW1wYWlnbiI6IlNDVVNfTmV3c3dpcmVfe3slMjdub3clMjd8ZGF0ZTolMjclWSVtJWQlMjd9fSJ9
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.179.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-179-184.compute-1.amazonaws.com
Software
nginx/1.17.8 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:13 GMT
server
nginx/1.17.8
status
200
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0,no-cache,no-store
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
43
4
api-52-25-229-25.b2c.com/api/
Redirect Chain
  • https://api-52-25-229-25.b2c.com/api/x?k5X0ydfBJAO1JvNA$YWRibG9jayQ3MzAkMA
  • https://api-52-25-229-25.b2c.com:444/api/4?k5X0ydfBJAO1JvNA
43 B
406 B 		Other
General
Check archive.org
Download Go to
Full URL
https://api-52-25-229-25.b2c.com:444/api/4?k5X0ydfBJAO1JvNA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.229.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-229-25.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Apr 2020 15:17:14 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
openresty
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
Expires
-1

Redirect headers

Date
Fri, 17 Apr 2020 15:17:13 GMT
Server
openresty
Location
https://api-52-25-229-25.b2c.com:444/api/4?k5X0ydfBJAO1JvNA
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
https://www.scmagazine.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
142
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020040702&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b1e6c1ac2aa6a7c70abf48303bb1b45bbd0d5944314f2b2665d3799b9690b9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Apr 2020 15:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5119
x-xss-protection
0
up
insight.adsrvr.org/track/ Frame DBCB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=znpsh7f&ref=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7910I6591389B9B&upid=e4qkh98&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.51.196.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-51-196-250.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=znpsh7f&ref=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7910I6591389B9B&upid=e4qkh98&upv=1.1.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TDID=67a08d4e-31da-415b-a96d-27077dcbf020; TDCPM=CAEYBSABKAIyCwjyr7i2pLuxOBAFOAE.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B

Response headers

status
200
date
Fri, 17 Apr 2020 15:17:13 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1028458963&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7910I6591389B9B&ul=en-us&de=UTF-8&dt=Ragnar%20Locker%E2%80%99s%20well-conceived%20ransomware%20attack%20on%20Energias%20de%20Portugal%20%7C%20SC%20Media&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Depth&ea=%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F&el=25%25&ev=25&_u=aGDAAAADQ~&jid=&gjid=&cid=1731019722.1587136633&tid=UA-1290429-10&_gid=857728441.1587136633&gtm=2wg480MHZ6C39&z=1654748907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Apr 2020 12:32:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1133068
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1028458963&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7910I6591389B9B&ul=en-us&de=UTF-8&dt=Ragnar%20Locker%E2%80%99s%20well-conceived%20ransomware%20attack%20on%20Energias%20de%20Portugal%20%7C%20SC%20Media&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Depth&ea=%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F&el=50%25&ev=50&_u=aGDAAAADQ~&jid=&gjid=&cid=1731019722.1587136633&tid=UA-1290429-10&_gid=857728441.1587136633&gtm=2wg480MHZ6C39&z=936418974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Apr 2020 12:32:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1133068
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5456
x-xss-protection
0
expires
Fri, 17 Apr 2020 15:17:13 GMT
index.php
a.dpmsrv.com/dpmpxl/ 		5 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.dpmsrv.com/dpmpxl/index.php?q=xSeg&v=1.x&ep%5Bids%5D=20986004&cl=1122&pixelIndex=0&r=875231&tzOffset=-120&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7910I6591389B9B&id=3624064320840062521&_=1587136632897
Requested by
Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_00fd4b4549a1094aae926ef62e9dbd3cdcc2e456.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.233.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-233-94.compute-1.amazonaws.com
Software
/
Resource Hash
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
content-encoding
gzip
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Access-Control-Allow-Headers
content-type, accept
Content-Length
31
Expires
0
seg
ib.adnxs.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/seg?member=827&add=20986004
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Apr 2020 15:17:15 GMT
X-Proxy-Origin
82.102.19.132; 82.102.19.132; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.167:80
AN-X-Request-Uuid
668b85bb-468e-4965-9991-c38a32d1f17e
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 2DB5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Fri, 17 Apr 2020 14:45:17 GMT
expires
Sat, 17 Apr 2021 14:45:17 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1916
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
gen_204
pagead2.googlesyndication.com/pagead/ 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020040702&jk=1002457150998245&bg=!Y2ClYHhY5LJvXShE60ACAAAAUlIAAAAOmQFei8zwdwh0DbrMA2rTPWA3UeS4r6-a1KtiHHpQF7hNlF73vS66kp6cxDG00LzphrG6V6MBGFf7B3PE_S88Qx2h2qtttMo2NScLSqpjYC9uIIH8RUQC3fqXXxi8UHxAT0Zq0-pbtuERda-dbZWfnTd1vIXt2xabVKwkUEn36_F1CQDnPVbSxwNDNHBZLZhP41ZZk9sbRf6BmsaYpUFMSjzhHPIN9pLtIFn6bp-jlgzo_aGKdBNUhhCkEqfA6yr-eu9GLu3YH9-QMPo8IgRs5TOxM59XuEYNpiDubKvg4MYYeUd7YWkD_QJU3YcEqLvJxx6_60UwmVKmBYYRDzxJbiXUlvgrt903JFVLZg4Feks0vMTqM4bMjiQ6r5avZOpEtAg0RvGeeqDEX5E0T2Dckno0-_RIRRNIs6gd6PEOXotoZFctRFRRbdx6E2aXKj1CqnxdkrBRdgTQXw0Y0a80Nis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Apr 2020 15:17:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1002457150998245&correlator=3818778841611534&output=ldjh&impl=fif&adsid=NT&eid=21065203%2C21064502&vrg=2020040702&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200417&iu_parts=21883553441%2CLeaderboard&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x250&prev_scp=pos%3Dleaderboard1&eri=1&cust_params=pagetype%3Dpost%26author%3DDoug%2520Olenick%26postID%3D104767%26env%3Dlive%26sid%3DRansomware%252CSecurity_News%26cat%3DCritical_Infrastructure%252CCybercrime%252CRansomware%26isnht%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1587136634&dt=1587136634517&dlt=1587136631595&idt=1311&frm=20&biw=1585&bih=1200&oid=3&adxs=193&adys=202&adks=490734277&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7910I6591389B9B&dssz=61&icsg=4502405630591988&mso=67108864&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x106&msz=1200x90&psts=AKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCIsYiq5YggewXUnBUKy9cyXqy5MWEqThMg-333OKOVbacqOq1xdDnsP_zu8FAi7S2agsm7uYGWa1zjEvZM&ga_vid=1731019722.1587136633&ga_sid=1587136633&ga_hid=1028458963&fws=4&ohw=1585&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
b1e1a486b3de8066c068706a7cd55df30296ae8cb1b781ae04c7d642b13c7295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:14 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
4753
x-xss-protection
0
google-lineitem-id
5337308112
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138307550612
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.scmagazine.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003262059300/ Frame 2246 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Origin
https://www.scmagazine.com

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
6367
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55871
x-xss-protection
0
server
sffe
date
Fri, 17 Apr 2020 13:31:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5920a4a9dcd48347"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Apr 2021 13:31:07 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003262059300/ Frame 2246 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
6367
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55871
x-xss-protection
0
server
sffe
date
Fri, 17 Apr 2020 13:31:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5920a4a9dcd48347"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Apr 2021 13:31:07 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012003262059300/v0/ Frame 2246 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003262059300/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a58db5adf9958450ff7368808e322df972146f6c86546e471b0608af84e93bb3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
6413
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28417
x-xss-protection
0
server
sffe
date
Fri, 17 Apr 2020 13:30:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"40aee2f6297ccc56"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Apr 2021 13:30:21 GMT
truncated
/ Frame 2246 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa85eb37b5ffb62d55997c812dd8cc71d07fa2102c61144edde408b65169012e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012003262059300/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003262059300/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d30ac22ab046870c2859ae90b8598967936e693bf0773ef5e41dae33a04f0a5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5017
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
7162
x-xss-protection
0
server
sffe
date
Fri, 17 Apr 2020 13:53:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"124c7b7cd5d53550"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Apr 2021 13:53:37 GMT
3160106502110673313
tpc.googlesyndication.com/simgad/ Frame 2246 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3160106502110673313
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7c8a2d10db5b0f9efb8c8f7f23c30452219e6642cc40f0fc34c904ce8b94c0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 22:08:32 GMT
x-content-type-options
nosniff
age
234522
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
24385
x-xss-protection
0
last-modified
Mon, 30 Mar 2020 19:29:33 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Apr 2021 22:08:32 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2246 		0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulfWV7uLHfF806glGQD478BZKNE3444HY61XX4Bvvrft3GO2aKNtnTxBc82EBn4JTYlVThEW-WfvW35589GwX-TJQgsj1ulfmbMyrmARo08qOj1Bhqm3f7ZUo9_gRsGL5kdL2K7iAkTokCZQqNuktcj_7s78J_L7CN_BY7XctJ8R2adn6yVcit2Z6Uf37LTA5FhuqihkK8pgrPAOqZe0VapIcPH9t9bKBnNi3QNu42dhSkNz5IAESXu_okV5nU4_aI96dL-YI&sai=AMfl-YT-TglIGeTznFsL-tz_dEDleMEwL3He6Jh7Jy-if3WilZsSALODpUVE_vxWpdUjVzYzo31md8TpB1j5giFNWOgHFxWmewQWAFe5_mGt&sig=Cg0ArKJSzAFYv511hI88EAE&adurl=
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Apr 2020 15:17:14 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 17 Apr 2020 15:17:14 GMT
3160106502110673313
tpc.googlesyndication.com/simgad/ Frame 2246 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3160106502110673313
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7c8a2d10db5b0f9efb8c8f7f23c30452219e6642cc40f0fc34c904ce8b94c0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 22:08:32 GMT
x-content-type-options
nosniff
age
234522
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
24385
x-xss-protection
0
last-modified
Mon, 30 Mar 2020 19:29:33 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Apr 2021 22:08:32 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1002457150998245&correlator=3818778841611534&output=ldjh&impl=fif&adsid=NT&eid=21065203%2C21064502&vrg=2020040702&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200417&iu_parts=21883553441%2CLeaderboard&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x250&prev_scp=pos%3Dleaderboard2%26lid%3D5337308112&eri=1&cust_params=pagetype%3Dpost%26author%3DDoug%2520Olenick%26postID%3D104767%26env%3Dlive%26sid%3DRansomware%252CSecurity_News%26cat%3DCritical_Infrastructure%252CCybercrime%252CRansomware%26isnht%3Dfalse&cookie=ID%3D37e60958e5a8837e%3AT%3D1587136634%3AS%3DALNI_MbfspPz12pm2wNsyJhiXnoEAuKEVw&cookie_enabled=1&bc=31&abxe=1&lmt=1587136635&dt=1587136635608&dlt=1587136631595&idt=1311&frm=20&biw=1585&bih=1200&oid=3&adxs=429&adys=1965&adks=2588316086&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7910I6591389B9B&dssz=61&icsg=4502405630591988&mso=67108864&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x1747&msz=1585x90&psts=AKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCIsYiq5YggewXUnBUKy9cyXqy5MWEqThMg-333OKOVbacqOq1xdDnsP_zu8FAi7S2agsm7uYGWa1zjEvZM%2CAKB7eCJWn9ViahyQMBSHYvNXduQ18ev0fEO6iqxciSJx9EbvZPjoCYWh3gJudKW7_kGMDlu40_9HHqDKuAMlqF0&ga_vid=1731019722.1587136633&ga_sid=1587136633&ga_hid=1028458963&fws=4&ohw=1585&btvi=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
828b2c68ee5c3dc35cc3accd297eb46652b4ee6d01bed05f465d380a7bb3c6a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
4467
x-xss-protection
0
google-lineitem-id
5346691330
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138308973238
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.scmagazine.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003262059300/ Frame F1B6 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Origin
https://www.scmagazine.com

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
6368
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55871
x-xss-protection
0
server
sffe
date
Fri, 17 Apr 2020 13:31:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5920a4a9dcd48347"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Apr 2021 13:31:07 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003262059300/ Frame F1B6 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
6368
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55871
x-xss-protection
0
server
sffe
date
Fri, 17 Apr 2020 13:31:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5920a4a9dcd48347"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Apr 2021 13:31:07 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012003262059300/v0/ Frame F1B6 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003262059300/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a58db5adf9958450ff7368808e322df972146f6c86546e471b0608af84e93bb3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
6414
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28417
x-xss-protection
0
server
sffe
date
Fri, 17 Apr 2020 13:30:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"40aee2f6297ccc56"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Apr 2021 13:30:21 GMT
truncated
/ Frame F1B6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58ffb9e8bac3ccd356a3eace48af11cd27cf20014a70f4986d6b3fa39f1c13b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
14228788483847401729
tpc.googlesyndication.com/simgad/ Frame F1B6 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14228788483847401729
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41f7ca6a1a400b2a4ec2399080abdc7862ea76f8505e76f3108422fcae05b278
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 22:09:13 GMT
x-content-type-options
nosniff
age
234482
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
21374
x-xss-protection
0
last-modified
Fri, 10 Apr 2020 16:22:40 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Apr 2021 22:09:13 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F1B6 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOYASdn0y7OORXVKjPOM65_p2LQglkV1dG8vDTz0uIKp95YooNkyy2lFSYJ09NIsR1oUJ9K_2-o75txcHB6-bJF8r-7_Nfog8Z6DyAZ82S2qAlQTDSqZQQi1FexHphUMzaLRVJ-8-rF4y-uQOYYfI_74_WGML0Qs47bPCSgFAfrIsuenjrdfsXbi97TlpKftw9jGlBiI8x5gYLiVwUQKr4Zfp36UkQbuWsFaSmzFbzIZs7CORgTGNgvEypSnFmQmuvgcniYXM&sig=Cg0ArKJSzEpsH42h0wTdEAE&adurl=
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Apr 2020 15:17:15 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 2246 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSvN67Id0-75rR4yDZ417XVnSrJON_j2cq0-ZRLtkwhBVuyNJFJIPGqYzNBLSHsrtXMWaannMKxFbk2xaJEUAXM6oEwxlRQR2SlzDtUwY&sig=Cg0ArKJSzIihFSRh9zX7EAE&id=ampim&o=429,202&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=101&tls=1102&g=100&h=100&tt=1102&r=v&avms=ampa&adk=490734277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Apr 2020 15:17:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
14228788483847401729
tpc.googlesyndication.com/simgad/ Frame F1B6 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14228788483847401729
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41f7ca6a1a400b2a4ec2399080abdc7862ea76f8505e76f3108422fcae05b278
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 22:09:13 GMT
x-content-type-options
nosniff
age
234482
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
21374
x-xss-protection
0
last-modified
Fri, 10 Apr 2020 16:22:40 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Apr 2021 22:09:13 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1002457150998245&correlator=3818778841611534&output=ldjh&impl=fif&adsid=NT&eid=21065203%2C21064502&vrg=2020040702&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200417&iu_parts=21883553441%2CBox&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600%7C300x1050&prev_scp=pos%3Dbox1%26lid%3D5337308112%2C5346691330&eri=1&cust_params=pagetype%3Dpost%26author%3DDoug%2520Olenick%26postID%3D104767%26env%3Dlive%26sid%3DRansomware%252CSecurity_News%26cat%3DCritical_Infrastructure%252CCybercrime%252CRansomware%26isnht%3Dfalse&cookie=ID%3D37e60958e5a8837e%3AT%3D1587136634%3AS%3DALNI_MbfspPz12pm2wNsyJhiXnoEAuKEVw&cookie_enabled=1&bc=31&abxe=1&lmt=1587136636&dt=1587136636713&dlt=1587136631595&idt=1311&frm=20&biw=1585&bih=1200&oid=3&adxs=1053&adys=667&adks=607498164&ucis=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7910I6591389B9B&dssz=60&icsg=4502405630591988&mso=67108864&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCIsYiq5YggewXUnBUKy9cyXqy5MWEqThMg-333OKOVbacqOq1xdDnsP_zu8FAi7S2agsm7uYGWa1zjEvZM%2CAKB7eCJWn9ViahyQMBSHYvNXduQ18ev0fEO6iqxciSJx9EbvZPjoCYWh3gJudKW7_kGMDlu40_9HHqDKuAMlqF0%2CAKB7eCIPO_ynCfVtud5BXDLWusrPCAU4DqSaQ8G49LcNs3RaLZjnVk7voTSyjdxJt7pL1A2qoOG6fnFdyfhH13U&ga_vid=1731019722.1587136633&ga_sid=1587136633&ga_hid=1028458963&fws=4&ohw=1585&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
9fc5ab552b0328a32b983dc45753d69a1e26a1df94dbe34a3b8970b1c42401c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
4527
x-xss-protection
0
google-lineitem-id
5248479770
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138298261324
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.scmagazine.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003262059300/ Frame FE56 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Origin
https://www.scmagazine.com

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
6369
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55871
x-xss-protection
0
server
sffe
date
Fri, 17 Apr 2020 13:31:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5920a4a9dcd48347"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Apr 2021 13:31:07 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003262059300/ Frame FE56 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
6369
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55871
x-xss-protection
0
server
sffe
date
Fri, 17 Apr 2020 13:31:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5920a4a9dcd48347"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Apr 2021 13:31:07 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012003262059300/v0/ Frame FE56 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003262059300/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a58db5adf9958450ff7368808e322df972146f6c86546e471b0608af84e93bb3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
6415
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28417
x-xss-protection
0
server
sffe
date
Fri, 17 Apr 2020 13:30:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"40aee2f6297ccc56"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Apr 2021 13:30:21 GMT
truncated
/ Frame FE56 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebf8b4b24cf0c4ec2b9455c7217894c383af425f673174299f0da96487913697

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
6437931825489883698
tpc.googlesyndication.com/simgad/ Frame FE56 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6437931825489883698
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde6c8f2d12960ffe22f3f0179ccefd3e565641c5bdcd54ad9d8f512c79c6d89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 21:35:51 GMT
x-content-type-options
nosniff
age
236485
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
106534
x-xss-protection
0
last-modified
Sat, 14 Dec 2019 15:48:47 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Apr 2021 21:35:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FE56 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6U3azl_E9m-OCjrNU7_VN2XUpB5K-Kb4JaAB8lfcgDAyzhcP9RqtDtFMx86LAZrBXf1WuKOeAOk3rgUbKJuKSEXbg36ghPmduoe2-y_vo8oe5hU2wC2msI_88QBKsF8M9Y5-mVns79lQcDuf6ED9LYeD2JP2dpjdV0A2FIDP2C6VQSEdbsy2b6A40sjL5WsmYpBVjzB4nlVL-YVHl8ohEmfKWg0i4cyxDuNQgkiFcUz3TOmwy0wwkH9b3HASB6Vt4eg&sig=Cg0ArKJSzIIQOEpA6XFAEAE&adurl=
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Apr 2020 15:17:16 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame FE56 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTD8R-N5PLRdWEDA9yjB7LGZRf-vFVYtLUxownpMP_eWtk-vzq4KbYiU5D3QKE_NDagp5aJZ543ZHd3Kn9TMScg5BuShg
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
6437931825489883698
tpc.googlesyndication.com/simgad/ Frame FE56 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6437931825489883698
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde6c8f2d12960ffe22f3f0179ccefd3e565641c5bdcd54ad9d8f512c79c6d89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 14 Apr 2020 21:35:51 GMT
x-content-type-options
nosniff
age
236485
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
106534
x-xss-protection
0
last-modified
Sat, 14 Dec 2019 15:48:47 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Apr 2021 21:35:51 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1002457150998245&correlator=3818778841611534&output=ldjh&impl=fif&adsid=NT&eid=21065203%2C21064502&vrg=2020040702&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200417&iu_parts=21883553441%2CBox&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=pos%3Dbox2%26lid%3D5337308112%2C5346691330%2C5248479770&eri=1&cust_params=pagetype%3Dpost%26author%3DDoug%2520Olenick%26postID%3D104767%26env%3Dlive%26sid%3DRansomware%252CSecurity_News%26cat%3DCritical_Infrastructure%252CCybercrime%252CRansomware%26isnht%3Dfalse&cookie=ID%3D37e60958e5a8837e%3AT%3D1587136634%3AS%3DALNI_MbfspPz12pm2wNsyJhiXnoEAuKEVw&cookie_enabled=1&bc=31&abxe=1&lmt=1587136637&dt=1587136637800&dlt=1587136631595&idt=1311&frm=20&biw=1585&bih=1200&oid=3&adxs=1053&adys=1564&adks=1048971383&ucis=6&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fransomware%2Fragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7910I6591389B9B&dssz=60&icsg=4502405630591988&mso=67108864&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x283&msz=300x250&psts=AKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCIsYiq5YggewXUnBUKy9cyXqy5MWEqThMg-333OKOVbacqOq1xdDnsP_zu8FAi7S2agsm7uYGWa1zjEvZM%2CAKB7eCL2jPcqvJ67b_8yi3AgWIvjvqcxxpMd47rr5-cnzIJXDxIOTBJfBQtxJ37FetCRYzZowo77Lf3YdkRTm4A%2CAKB7eCJWn9ViahyQMBSHYvNXduQ18ev0fEO6iqxciSJx9EbvZPjoCYWh3gJudKW7_kGMDlu40_9HHqDKuAMlqF0%2CAKB7eCIPO_ynCfVtud5BXDLWusrPCAU4DqSaQ8G49LcNs3RaLZjnVk7voTSyjdxJt7pL1A2qoOG6fnFdyfhH13U&ga_vid=1731019722.1587136633&ga_sid=1587136633&ga_hid=1028458963&fws=4&ohw=1585&btvi=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
05c8d76581cbb784a5b410de9b30a478ed189f4e792a4cb1ad3ae323c21de62b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 15:17:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
4440
x-xss-protection
0
google-lineitem-id
5337308112
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138307549889
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.scmagazine.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003262059300/ Frame C5C8 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Origin
https://www.scmagazine.com

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
6370
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55871
x-xss-protection
0
server
sffe
date
Fri, 17 Apr 2020 13:31:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5920a4a9dcd48347"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Apr 2021 13:31:07 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012003262059300/ Frame C5C8 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
6370
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
55871
x-xss-protection
0
server
sffe
date
Fri, 17 Apr 2020 13:31:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5920a4a9dcd48347"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Apr 2021 13:31:07 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012003262059300/v0/ Frame C5C8 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012003262059300/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a58db5adf9958450ff7368808e322df972146f6c86546e471b0608af84e93bb3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
6416
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28417
x-xss-protection
0
server
sffe
date
Fri, 17 Apr 2020 13:30:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"40aee2f6297ccc56"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Apr 2021 13:30:21 GMT
truncated
/ Frame C5C8 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
000fbcb2bcec7834e51051819fd165a323c393c03a15bd038a07bbce5d94aff3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
10813866377081954429
tpc.googlesyndication.com/simgad/ Frame C5C8 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10813866377081954429
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a554705259e14db97d4697c0b1556503d8908a998ba8ae0d4ab1bd41e9c6eb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 22:07:18 GMT
x-content-type-options
nosniff
age
61799
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
32356
x-xss-protection
0
last-modified
Mon, 30 Mar 2020 19:30:01 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Apr 2021 22:07:18 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C5C8 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAOEHBdC7yZqc9g98Z3R3F8p1H4vXJ-JEqDC5dGpGxgDuKNXHhaQ5sHe78Nt4s5lcPiKGeEZ927IvnQDbfYwNdSD9pHSPXU3HfsuSxewvm3VPco_wPSDFvFhhMKadTcjJGUfHJXdwHUVqpN0pY_6Gfc1hDWemdKc4EPvY28ytga9wcYHMGH8zQ6K16helReWRv7ELg75xnOaWFYvztOb_fJrtDpmp7spyJCx8gDbw-Oxu8wAusr3LARlp929kMrszWqQ&sig=Cg0ArKJSzCG5hHg9i6FIEAE&adurl=
Requested by
Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Apr 2020 15:17:17 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FE56 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuG1axDlYsvMwvXJfi6S7MpdB_I9JnKVFlyQWGYQqwkYVp33DrMCQHAxgvVxRpBB8GBWj2eSwQZAzklBum9wRJvD9uJWkLCVNwDicqSpCo&sig=Cg0ArKJSzNfHRSGClrdqEAE&id=ampim&o=1053,667&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=92&tls=1093&g=100&h=100&tt=1093&r=v&avms=ampa&adk=607498164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Apr 2020 15:17:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
10813866377081954429
tpc.googlesyndication.com/simgad/ Frame C5C8 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10813866377081954429
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a554705259e14db97d4697c0b1556503d8908a998ba8ae0d4ab1bd41e9c6eb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 16 Apr 2020 22:07:18 GMT
x-content-type-options
nosniff
age
61800
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
32356
x-xss-protection
0
last-modified
Mon, 30 Mar 2020 19:30:01 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Apr 2021 22:07:18 GMT

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate number| pamEnabled object| hmAds object| dataLayer undefined| $ function| jQuery function| cookie string| method object| olytics object| a function| UtilityMove object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| googletag function| hmHeaderLoginState object| dfpAdSlots object| mapping object| adSlotsConfig object| allowedSlots string| hmHomeUrl string| hmAccountUrl object| hmRegisteredAds boolean| hmAdsLazyload number| hmAdsActiveRefresh boolean| hmDmdAimEnabled boolean| hmProclivityEnabled boolean| hmAdsActiveRefreshAll boolean| hmAdsCommentsHouse boolean| hmAdsBoxReposition boolean| hmAdsLytics number| hmAdsPrestitialCooldown object| adSlots number| adDebug object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| hm_feathr object| hmOlytics object| hm_localize object| hm_gated object| TenUp object| liosetup object| jstag object| hmAuthNoncePromise function| disqus_config object| hmRegisterPrompt function| hmSetLyticsData object| adblockDetector object| pageVars object| wp object| google_tag_manager function| maropostInitTracking string| name_funnel function| _132510 string| name_funnel1 function| _13251 function| feathr function| FeathrBoomerang string| GoogleAnalyticsObject function| ga function| retry function| isIE10OrLater function| detectPrivateMode string| _linkedin_data_partner_id object| JSON3 function| normalize function| webpackJsonp function| lintrk boolean| _already_called_lintrk object| google_tag_data object| gaplugins object| gaGlobal object| gaData undefined| feathr_account_id object| __feathrs function| __feathr function| ttd_dom_ready function| TTDUniversalPixelApi function| __$PP function| Dpxl object| dpmPixels object| jQuery111107110003930295272 number| google_srt undefined| google_measure_js_timing number| __google_ad_urls_id number| google_unique_id boolean| initialized object| google_optimize function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| ampInaboxIframes object| ampInaboxPendingMessages object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| dataLayerService function| HMIRegistration object| GoogleGcLKhOms object| google_image_requests object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP

13 Cookies

Domain/Path Name / Value
www.scmagazine.com/ Name: dpm_url_count
Value: 1
.scmagazine.com/ Name: __gads
Value: ID=9d1429ea9c1a9fc5:T=1587136632:S=ALNI_Mbd1eNVqdqtbTYuZcTyUpvQy5Fotw
.www.scmagazine.com/ Name: feathr_session_id
Value: 5e99c878405fb3846c807c27
.scmagazine.com/ Name: oly_enc_id
Value: %227910I6591389B9B%22
www.scmagazine.com/ Name: prestitial_shown
Value: 1
.scmagazine.com/ Name: _ga
Value: GA1.2.1731019722.1587136633
.scmagazine.com/ Name: oly_anon_id
Value: %22F-2961ada1-43eb-4a83-b843-c7d3646a3456%22
.scmagazine.com/ Name: _gid
Value: GA1.2.857728441.1587136633
.scmagazine.com/ Name: _gat_UA-1290429-10
Value: 1
www.scmagazine.com/ Name: hmSsoCheck
Value: true
www.scmagazine.com/ Name: spinfo
Value: spsid={{contact.cms_id_encrypted}}
.scmagazine.com/ Name: __cfduid
Value: d7cc59780ec156958837c557b32844ca51587136631
www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal Name: hasLiveRampMatch
Value: true

12 Console Messages

Source Level URL
Text
console-api log URL: https://www.scmagazine.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js(Line 1)
Message:
olytics fire called
console-api log URL: https://c.lytics.io/api/tag//lio.js(Line 1)
Message:
Missing required params.
console-api log URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1580891445(Line 1)
Message:
[ABD] start beginTest
console-api log URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1580891445(Line 1)
Message:
[ABD] adding bait node to DOM
console-api log URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1580891445(Line 1)
Message:
[ABD] start beginTest
console-api log URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1580891445(Line 1)
Message:
[ABD] adding bait node to DOM
console-api log URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1580891445(Line 1)
Message:
[ABD] exiting test loop - value: false
console-api info URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js(Line 407)
Message:
Powered by AMP ⚡ HTML – Version 2003262059300 https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
console-api info URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js(Line 407)
Message:
Powered by AMP ⚡ HTML – Version 2003262059300 https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
console-api info URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js(Line 407)
Message:
Powered by AMP ⚡ HTML – Version 2003262059300 https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B
console-api info URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js(Line 407)
Message:
Powered by AMP ⚡ HTML – Version 2003262059300 https://www.scmagazine.com/home/security-news/ransomware/ragnar-lockers-well-conceived-ransomware-attack-on-energias-de-portugal/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7910I6591389B9B

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dpmsrv.com
accounts.haymarketmedia.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
api-52-25-229-25.b2c.com
api.b2c.com
c.lytics.io
cdn.ampproject.org
cdn.feathr.co
cm.g.doubleclick.net
content.maropost.com
cra.omeclk.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
marco.feathr.co
match.adsrvr.org
olytics.omeda.com
oqs.omeda.com
pagead2.googlesyndication.com
polo-v1.feathr.co
polo.feathr.co
px.ads.linkedin.com
s.dpmsrv.com
s3.amazonaws.com
script.crazyegg.com
securepubads.g.doubleclick.net
snap.licdn.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.scmagazine.com
13.225.73.111
143.204.94.29
143.204.97.40
172.217.16.162
172.217.21.194
204.180.130.159
204.180.130.165
205.162.42.171
216.58.207.70
2600:1f14:e96:5802:59c3:73bd:6861:39b1
2600:1f14:e96:5802:b4cf:edc:9d0a:a87c
2600:9000:2156:dc00:a:1779:3180:93a1
2606:4700:20::681a:316
2606:4700:20::681a:3d7
2606:4700:3035::681c:70b
2606:4700::6813:9408
2a00:1450:4001:809::2001
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:814::2002
2a00:1450:4001:816::2003
2a00:1450:4001:817::200e
2a00:1450:4001:818::2008
2a00:1450:4001:81a::2004
2a00:1450:4001:81b::2003
2a00:1450:4001:81f::2002
2a00:1450:400c:c00::9a
2a02:26f0:3100:2b0::25ea
2a05:f500:11:101::b93f:9001
2a05:f500:11:101::b93f:9005
34.231.179.184
35.190.72.21
37.252.172.37
46.51.196.250
52.0.233.94
52.217.41.14
52.22.20.103
52.25.229.25
54.88.207.174
63.32.144.14
000fbcb2bcec7834e51051819fd165a323c393c03a15bd038a07bbce5d94aff3
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05c8d76581cbb784a5b410de9b30a478ed189f4e792a4cb1ad3ae323c21de62b
0615974c40d602afdbf9759533e352bc17b0458c85aad6694b1a1ad20659625b
0c7e4012cb73f8c0836fa8aee34bb0da2250b5af84d0c4a1959d60764597f05a
19aa6c614f72f6bb67cb17a6169ca551686c2bab5475293c95880f5f32cd830e
1b1e6c1ac2aa6a7c70abf48303bb1b45bbd0d5944314f2b2665d3799b9690b9d
1b79426177f0c17d98c2ffe3aee5403f1f2a50b85d7177080cd06cfc37e2a300
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ddccc64f1b5624869a0188a2904c6290e534290975a305aaa39a4141037363f
2565892bc9a7c05ac215b1784631317b1c0a8c7a91986394662768a6d4dab1d9
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a554705259e14db97d4697c0b1556503d8908a998ba8ae0d4ab1bd41e9c6eb4
2e0c65a16d7974bc45aed4852dda4a21195f88455e3e3ebcc5a247343461c9e2
2edaa30d4700e9c64439fd90cba328cf7eeb1177cbf7b7e26520266bb75d724d
33fe4fe8214760f15a5fdd753b5c396ee5b916e5d6f66f79d4765ed260706723
3668f6bc8dd86f6690ad159eed9c3020cf6af81084e29712995005ecc7176aff
3fda4429219837a4dbba131ceb68fbaa8db52ce56a1f0ad02b861c9180969218
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
41f7ca6a1a400b2a4ec2399080abdc7862ea76f8505e76f3108422fcae05b278
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a5e9ddb7de073e40c06c4adf1ac055f3612ea07ca54daedf58d1d4758ab7cd8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d30ac22ab046870c2859ae90b8598967936e693bf0773ef5e41dae33a04f0a5
4d3e9dbf75d761b4fc344b3be601971eb517ce533c7ce46e093539e03349616e
4f8984f39e0ef4793954d7228d6324478396ebb4ce9390109a68b6611051320a
536d487cbfc48ddc28793f022899bedd47653856356c36443e31785128e8400d
579a9beff0c400b8b0e87f99d32c3ec8b2b3232232d6ac63438434a0a0d7a8b7
58ffb9e8bac3ccd356a3eace48af11cd27cf20014a70f4986d6b3fa39f1c13b4
59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a
591c03fa5d6aeafd8a894846669613efc6fa5103beba00fbada8d2b340039260
5dfb849a3b8bcf3e07184092c4cc99a9f08f27f01e5de41a871d3ee8750303bd
647bbbd8587043c635def107c546f4bd90516e1fc21c49a3d50c03f994d14e66
6557812bb342a14c23635e24733f11e5752f9807a85053be80b6fbd955a34ed9
68795cb80606f19d4ec0d92744af85048164f53500ad9535229c470fe24fe28a
6d151acf8c57d0928285b73d2f28d1532e0070b890defca64c8551d45ba004e1
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
740078cb1778d885689a3108d2ca696b01fd80cb73437528af4ed0dd6e7466b7
7ad20336a8307853dc49274515b01a6e154c0028e23f3868ca19b5934accfffc
828a9b7392d22c3f9dfaabb21b2e9c640df68c5035c01daf47a95a9d95f7b9d5
828b2c68ee5c3dc35cc3accd297eb46652b4ee6d01bed05f465d380a7bb3c6a2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84fe87df0041db87059cf9c0c269909ea90f7c2d6d14cf048db79734f9f31858
866e74600600f8647c979414828f3538d646101dc8504de84c2ed00e30460811
880dd1410cf9bfe0f45193fe975b05e6915df228c6304d3b8f279f4e2275351c
88b8c776fc89926dc0cc65d4a48d474bfe7f8f37924e799573ed0fff5193b0f2
8e0da2e2d764c1a202d33dd39287784df8ac6bc20c7401ea14f2d62001292856
90a260084cfdf97ada7a8e0650eb310a4206d79f1b3a53225d2b9053cc9e4c13
90bedfa7bbd2bb58b7f47611a77feaf852c117ed7e344885cdb34f7df940658f
916b46685de3064525220ba828d946e60ab332f5e65c62d7df5fe9877f9c54b2
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9fc5ab552b0328a32b983dc45753d69a1e26a1df94dbe34a3b8970b1c42401c4
a3326bcc413a9b2f40f263dc4fb4c5f9ef9a0907acf1bd60eb112cd8bbf7e814
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a58db5adf9958450ff7368808e322df972146f6c86546e471b0608af84e93bb3
aa85eb37b5ffb62d55997c812dd8cc71d07fa2102c61144edde408b65169012e
abb1dd7905b3797711e15609800d43cabead4c0358dc0030a1932a20e82a37d7
ad6110f575081c4de945f980ccf2e045737f164ad2a3d294daffd192f7a5c914
b1dee28cc772eb1903b9c309483167354c1054136ccf16ef18908b2eecd4b980
b1e1a486b3de8066c068706a7cd55df30296ae8cb1b781ae04c7d642b13c7295
bde6c8f2d12960ffe22f3f0179ccefd3e565641c5bdcd54ad9d8f512c79c6d89
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cffef365e4b53f1a6e9d33a7d42c0d1542b573360f774069589240f75f0e84f1
d02934f0a5b722dbd076dda86e34373e037158a672a8a10409bcbdb5a9040b42
d06646168f416ecb2c39087699341d4714ef31df7e6014a8d983c5bdb2527fd1
d7b32b5c219a591a8d4c1b3fbf363951965e2d9917e66fda462d77cd4149e5cb
da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1
dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d
e11da3c498eb92c6659da09c4eaa03fff2aa932e3a4fc1394513a276fab0c0bc
e2b61d11f84d5b7b5fe235f5df3fdde28d60254207abffc86419fcba2e411ed6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c8a2d10db5b0f9efb8c8f7f23c30452219e6642cc40f0fc34c904ce8b94c0d
e828282e92509efc0f7bc57888382c5816bd403e0abbb685eda5c4372cc7daa5
eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ebf8b4b24cf0c4ec2b9455c7217894c383af425f673174299f0da96487913697
ece5f25bbc643556099a200aa2df5c428d74048e55db71c1880afd1adcb425a9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04e142a312cc60fc9bafd85e3dd67ad8cd6ca28f4ebf77a9c62e3e1872d6c93
f1b47041dccbe06b5f4ea1a15ccfc55d5e9cf670fd054751cababe75142c2633
f4d14796ac764002ef852c1f3da08f547aa6f821b18ce1124723a70b7c46504d
fb30d19bfdc58c092bdabad889657613116021c0d07e936fdb3e9e5dbd669872
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b
fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382
ffe7e119c5d16a070d3f0231b10f982f534643666e0464ce08900d78a99f3c65