www.zdnet.com Open in urlscan Pro
23.37.50.121 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Submission: On February 02 via api (February 2nd 2020, 4:46:26 pm UTC) from IT

Summary HTTP 217 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 20 domains to perform 217 HTTP transactions. The main IP is 23.37.50.121, located in Netherlands and belongs to AKAMAI-AS, US. The main domain is www.zdnet.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on April 23rd 2019. Valid for: a year.

This is the only time www.zdnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	23.37.50.121 23.37.50.121	16625 (AKAMAI-AS) (AKAMAI-AS)
10	152.195.132.202 152.195.132.202	15133 (EDGECAST) (EDGECAST)
33	2a04:4e42:1b:... 2a04:4e42:1b::444	54113 (FASTLY) (FASTLY)
37	23.210.250.213 23.210.250.213	16625 (AKAMAI-AS) (AKAMAI-AS)
10	2a04:4e42:3::444 2a04:4e42:3::444	54113 (FASTLY) (FASTLY)
18	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE)
2	23.0.36.169 23.0.36.169	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:19c::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.190.38.167 35.190.38.167	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
2	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
16	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:184::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
35	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
5	2.19.38.84 2.19.38.84	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	95.101.193.124 95.101.193.124	16625 (AKAMAI-AS) (AKAMAI-AS)
2	3.9.36.140 3.9.36.140	16509 (AMAZON-02) (AMAZON-02)
4	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
3	69.173.144.153 69.173.144.153	26667 (RUBICONPR...) (RUBICONPROJECT)
3	23.37.55.184 23.37.55.184	16625 (AKAMAI-AS) (AKAMAI-AS)
16	95.100.197.246 95.100.197.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.203.131.238 18.203.131.238	16509 (AMAZON-02) (AMAZON-02)
217	26

6 23.37.50.121 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-50-121.deploy.static.akamaitechnologies.com

www.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 152.195.132.202 (United States)

ASN15133 (EDGECAST, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a04:4e42:1b::444 (Ascension Island)

ASN54113 (FASTLY, US)

production-cmp.isgprivacy.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet2.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet3.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet4.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 23.210.250.213 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a04:4e42:3::444 (Ascension Island)

ASN54113 (FASTLY, US)

zdnet1.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.0.36.169 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-36-169.deploy.static.akamaitechnologies.com

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
685d5b18.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:19c::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.38.167 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 167.38.190.35.bc.googleusercontent.com

urs.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.19 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

vidtech.cbsinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:184::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

685d5b18.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.19.38.84 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-38-84.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.193.124 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-193-124.deploy.static.akamaitechnologies.com

rev.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.9.36.140 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-36-140.eu-west-2.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.153 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

beacon-eu2.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.55.184 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-55-184.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 95.100.197.246 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-197-246.deploy.static.akamaitechnologies.com

cbsdfp5832910442.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.131.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-131-238.eu-west-1.compute.amazonaws.com

s.update.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	cbsistatic.com zdnet2.cbsistatic.com zdnet1.cbsistatic.com zdnet3.cbsistatic.com zdnet4.cbsistatic.com	592 KB
39	moatads.com z.moatads.com geo.moatads.com px.moatads.com	1 MB
23	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	219 KB
20	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	420 KB
16	moatpixel.com cbsdfp5832910442.s.moatpixel.com	7 KB
16	rubiconproject.com ads.rubiconproject.com optimized-by.rubiconproject.com beacon-eu2.rubiconproject.com eus.rubiconproject.com secure-assets.rubiconproject.com s.update.rubiconproject.com	42 KB
16	googletagservices.com www.googletagservices.com	425 KB
10	cookielaw.org cdn.cookielaw.org	120 KB
7	zdnet.com www.zdnet.com urs.zdnet.com	197 KB
6	ampproject.org cdn.ampproject.org	112 KB
6	google.com 1 redirects adservice.google.com www.google.com	2 KB
4	google.de adservice.google.de	1 KB
3	go-mpulse.net c.go-mpulse.net	49 KB
3	cbsi.com production-cmp.isgprivacy.cbsi.com rev.cbsi.com	23 KB
2	nr-data.net bam.nr-data.net	455 B
2	akstat.io 685d5b18.akstat.io	555 B
1	cbsinteractive.com vidtech.cbsinteractive.com	281 KB
1	newrelic.com js-agent.newrelic.com	10 KB
1	onetrust.com geolocation.onetrust.com	514 B
1	google.be adservice.google.be	778 B
217	20

	Domain	Requested by
26	px.moatads.com
18	securepubads.g.doubleclick.net	www.zdnet.com securepubads.g.doubleclick.net www.googletagservices.com
16	cbsdfp5832910442.s.moatpixel.com
16	www.googletagservices.com	www.zdnet.com securepubads.g.doubleclick.net rev.cbsi.com pagead2.googlesyndication.com
13	zdnet2.cbsistatic.com	www.zdnet.com zdnet3.cbsistatic.com zdnet2.cbsistatic.com
11	zdnet3.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com
11	z.moatads.com	www.zdnet.com securepubads.g.doubleclick.net
10	pagead2.googlesyndication.com	optimized-by.rubiconproject.com pagead2.googlesyndication.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.zdnet.com cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
10	zdnet1.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com zdnet3.cbsistatic.com
10	cdn.cookielaw.org	www.zdnet.com cdn.cookielaw.org
7	zdnet4.cbsistatic.com	zdnet2.cbsistatic.com zdnet3.cbsistatic.com
6	cdn.ampproject.org	securepubads.g.doubleclick.net
6	www.zdnet.com	www.zdnet.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	adservice.google.com	securepubads.g.doubleclick.net www.googletagservices.com pagead2.googlesyndication.com
4	adservice.google.de	www.googletagservices.com pagead2.googlesyndication.com
4	optimized-by.rubiconproject.com	ads.rubiconproject.com
4	ads.rubiconproject.com	www.zdnet.com
3	eus.rubiconproject.com	www.zdnet.com
3	beacon-eu2.rubiconproject.com	www.zdnet.com
3	c.go-mpulse.net	www.zdnet.com c.go-mpulse.net
2	geo.moatads.com	z.moatads.com
2	bam.nr-data.net	js-agent.newrelic.com www.zdnet.com
2	685d5b18.akstat.io	c.go-mpulse.net www.zdnet.com
2	production-cmp.isgprivacy.cbsi.com	www.zdnet.com
1	s.update.rubiconproject.com	www.zdnet.com
1	secure-assets.rubiconproject.com	www.zdnet.com
1	www.google.com	1 redirects
1	rev.cbsi.com	www.zdnet.com
1	vidtech.cbsinteractive.com	zdnet2.cbsistatic.com
1	js-agent.newrelic.com	www.zdnet.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	urs.zdnet.com	zdnet2.cbsistatic.com
1	adservice.google.be	securepubads.g.doubleclick.net
217	35

This site contains links to these domains. Also see Links.

Domain
www.zdnet.com.cn
www.zdnet.fr
www.zdnet.de
www.zdnet.co.kr
japan.zdnet.com
www.techrepublic.com
downloads.zdnet.com
www.ewa.com
www.bleepingcomputer.com
www.youtube.com
www.cnet.com
cbsi.force.com
www.cbsinteractive.com
www.facebook.com
twitter.com
www.linkedin.com
legalterms.cbsinteractive.com
narratives.zdnet.com
ca.privacy.cbs
cbsi.secure.force.com
academy.zdnet.com
privacy.cbs
onetrust.com

Subject Issuer	Validity	Valid
www.cbs.com GeoTrust RSA CA 2018	`2019-04-23` - `2020-07-22`	a year	crt.sh
sa437gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2018-05-17` - `2020-08-19`	2 years	crt.sh
*.isgprivacy.cbsi.com DigiCert SHA2 High Assurance Server CA	`2019-10-07` - `2021-10-14`	2 years	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.cbsistatic.com DigiCert SHA2 High Assurance Server CA	`2019-02-22` - `2021-02-26`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2019-04-16` - `2020-06-14`	a year	crt.sh
*.google.be GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.zdnet.com DigiCert SHA2 High Assurance Server CA	`2017-12-12` - `2020-12-15`	3 years	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2018-03-12` - `2020-06-14`	2 years	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-10` - `2020-03-21`	a year	crt.sh
*.nr-data.net GeoTrust RSA CA 2018	`2018-01-11` - `2020-03-17`	2 years	crt.sh
vidtech.cbsinteractive.com DigiCert SHA2 High Assurance Server CA	`2018-12-13` - `2020-12-17`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
kazfv.com Sectigo ECC Domain Validation Secure Server CA	`2019-06-05` - `2020-06-04`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Frame ID: EE2CDBB9A90B44A37316028ABCC93294
Requests: 127 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Frame ID: 6CE0A9C9553E44D164036F0AF29D52E9
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQZmDQ6Is-RHT44Tjg2rSkMbhCUjq07-Jt0-ik_b4yC9rUaHWsRT2iLukzcag8RGfqioMvqXr4NkXjak19BW06f2Dfa2kC0k2RbH9AkO_6FDbZ-f41aeiLsGckpkuPA7fdkCfcM4jqluY5bZiPYrSWInj1Jt_ABZAs3EXsaxd_4jz44Pb-I3t1sIIKgizCuDMG0vtkDeHP_nPz-Vce6fwlzdP2VhcrqJ6IkYwcJSR-i8IZmVqON67Cf7nkcLf_nmAXjQNR4fcm&sai=AMfl-YTlOtYHG7QiXiJ9zlvrYqSKAokuJ0SbFDf1Q_mjTDDZ0uJup_XgqaHvJs1qdNF_-OBeDxqjF_DtFGoJrSK8kIIquMm_GBuEINq6Lu4X&sig=Cg0ArKJSzKRvS7YRmPrzEAE&urlfix=1&adurl=
Frame ID: F17023267FB855D6902D291F889C043A
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzIsCNg7_rQ55caQ5LUi6dcLDueLVvPwvjgy18ivLmaiU5z_JsobZKQlHwR1hpcZmzbSkBJ2Ngz61lJ_76Cg58hgAO6uCw4FMqOYdsFihX4LR1RvZPqQR7dtmN_5AmAXVw3xPOuxUchjvNe61p8XH9_7PWpFTVvOCCIdQ7AAwomjJTbnTltRE7nyhSdyVXu9-ibcz0HivuT5Tb2HZNGTA-D3wfCPP84ujs4vjReOwiJ0gU7Ap8b1QW2-RFt5Iv6WsDAl4&sai=AMfl-YRDqeX3-7rrtbuZ2lxv17DSnFx-xr-1S8741v0TlGcxBy3pI9VShCHPIakgzYhkMqTSph0Pws7KnFdLWan03stFWm9n-mZgZzjfM5lC&sig=Cg0ArKJSzHr2P3862ZvfEAE&urlfix=1&adurl=
Frame ID: 6183ED402D94BBBFEA5B8A9644E87CE0
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvi0mqnghfPyq3ajY1e2NNi2KzgxWdPd4lOIjrJ_tAaC_7Q9MfMOciUE-ARQ8JzbQoVzA_KASaessp5JN_JemK1cKPti1oqR7IohpEflqbFYmp04iUmgvno3MkxgAt15n8CTReBaeVZwGN-4ymN1LeWX57JKeBQ0WsKar_uCkiB26WTHOUI0U9waFaGflG4erDANRMWsqiQA5rCrkVI6J_nID-B6gjFWueQVJWvRLRyET-ZW7T_GgVGk-zFdz3z1y_OVO8&sai=AMfl-YSZmN_z8QOMdfXJKmjVLYIy0FBP8Pg-KNNg6QQrHJbL_mMwzZwi9dWzypbYTF6CpWHBHLKsh1uz9wAfl1HFCh_HZ-Qsgchub8rmnaRs&sig=Cg0ArKJSzFVIcrntpBnPEAE&urlfix=1&adurl=
Frame ID: B7AC70FAE3314A2EB1DE308ED5310241
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8W9-aw_Lwfydm9Qu8tfx2LJzSvzBUYZIdztUw2LChjx8JAZ19YCCBgJo4pDKDNH2rtDA-L5AZY22pEK4-sQEZ-rrk15g_Iz54Zy3VBV9N2KqpuvgVzJ_vc8EgCzVsAM_cEkOZwW0IAnqZZy6yuZulSLiI0DicA1N075B2Ya09qUntlMfj8IIK75Wq4b_ix0w4sYN4T3ACYB0rTW3O0K26FEU8gIqd_YHdLJKmRiZacme4GXplLtKkmZZjQWzepXt76SL375jZ&sai=AMfl-YQiM-PPbdsXndImpoQoaywtIjimtDvRYvfeqQjsN70qBEnCFOb9hg85gCoaaZzMuXdBuZADpR6HRAO6FtSbnwhz0fC3R82Kw1xLt_KG&sig=Cg0ArKJSzLlEk0UB3CifEAE&urlfix=1&adurl=
Frame ID: EF634D73B7879DFFB0FA47C4E952D337
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js
Frame ID: 3C4AEEADC53D3F77067F8CD8464006AC
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulPKS_FthVQk0XboWTruNMwz58Es7_NCqhO5_QMoq8oi7U8JhivzSz4JynqRLXlIRnmgs1s7XLPa0mo_6eo0oksEIbdnZtI9jp0OqbuaZRaorUwlZJE1LG_hSjj41p7RaelwHJ_N_IzQljU5DTLR6AY4lKhIEUv5wfqfc2ChbMRycTHWgiEiFG1x7KWEFNRXuJqbBvBgPlZHKBrFELma4vBoaxo5lAjf--jNZRG6nTTizXKx6nIGDVOXwWQkuex0rOs0o&sai=AMfl-YQfgqw4OP5EZsm8p2eFnPUGUo2VwCOeZ-jcmNhi_pY-MvyOx4Ii1TW5nFTiQEx4UOPTM-baRhEhk29iUYzus_tTvEPq7iln6mobM-PX&sig=Cg0ArKJSzM2p_7wMsPgWEAE&urlfix=1&adurl=
Frame ID: 19B79B7E00CE948FBA89C23141495DFC
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkoJwyGr_Rop-mDxpbSRcPB9v7F1kTjPeSezNSxPlxAW_JG7LXzZ2gVAiFSUqIiGZyZVBSHLnO5QQBPvZ3LcYr-yvpLoruDrRWYjubE8Op9WrLqze4MQjx0XRH5nVuMQk_GvdZsQ_eJVbO9JyzVT4x1Xe78inxOQ0h2psxIXAaFcw5wJzIf8FtjTcMsghYaBY7qWGwkZaSaj7U0Ah7YyorVhWSSy2yf0K1rWFBr1gOL7Y1KAObU0rzQVmzpavgH79Mx3mDkVCe&sai=AMfl-YSq720nwpQlTIYh-1fVoST58Kpbisyy3A_MX7jOWHyexzOt2I0ICUjWok3U1MD6tEtAKv4JqB9evONRx9QhFTpE5L015eGO6J434gRE&sig=Cg0ArKJSzNuxGX65e5v4EAE&urlfix=1&adurl=
Frame ID: 827B4736D379E5F5465E468632325B02
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstE82WVOxhaChyA6Brub22o6pMKE6V7pFs_8uDSHnQc4ubjmqw-WRfHlPRo2Z4ctGQpC1w90EvPMFBzu7agEvZimJHQAkr_9zhV8bOcKykISTOTI8wC_RFwpQhUACTgJAIUXo30rcqoRVVaOmKXCcL9kItscGf_eIT9IswqfX-ZDXpFRfH8uqIW_JJK7zgpB51wKucwRtdE2n1_r9kLnEt2m_rZ6e-R9E_G-t77a0kRhjknTfNxnwy4fcEbncl33wxhA10&sai=AMfl-YQAftXVZbQFCTTKKGRif2GM5ZAwVMMMHqtrBjRzRxHAj1jSS_OFHn484Jh6PaQXJzLPMcj3T31KbqPKpYHCIS9Yn7Vzf8AkG9pk8zV8&sig=Cg0ArKJSzF15Gf-gG9CZEAE&urlfix=1&adurl=
Frame ID: C48073F377ED5DB7C575214D75058962
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyww8qmMi5UWRNR_nviY7rNlnkJy4u0nQkwuFqJ62GZ4d84wkNCbYJlCS5nqyLVDPT_Xmeo2Q2eFWEwz5x2u4oyFzqFMT_LaIcIyLrWc_3q2Fs9kh3al9GKTx3jqqvMakSZOwgclll_V0FMOgReqplipOgLgDHTVmAs0l3N9hJRJxAHdOReNNhMbQsSNx_P_F-i5NyBgJJrluUFdQMEJFMebS3r9Kv_uIQ36Ai2ZXVorLC-ZK9eSaJ4y_HswcQv0nURi7M1sJK&sai=AMfl-YRAOPrClGs5xjjs45vXr9x0BwAE74hZBzbQuaqx_FxNJfa5p6zR33HiI-eNYxxe6Pk_Z-zzc2cHyFTwZoCBK5ffmMkSwynjO_6A2vL0&sig=Cg0ArKJSzBjtaUlt9dkXEAE&urlfix=1&adurl=
Frame ID: C18450CD43492E688041D73566F20F35
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200129/r20190131/zrt_lookup.html
Frame ID: 1A3B2F9308DD051CCC69DB044036A4D7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=be
Frame ID: B648A6299155166A36327994ACED67A4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1991679624331369&output=html&h=90&slotname=3084619100&adk=2606246846&adf=52413248&w=728&npa=1&guci=1.2.0.0.2.1.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1580661971975&bpp=16&bdt=424&fdt=78&idt=78&shv=r20200129&cbv=r20190131&ptt=5&saldr=sa&correlator=5517231888475&frm=23&ife=4&pv=2&ga_vid=136830378.1580661972&ga_sid=1580661972&ga_hid=32217454&ga_fc=0&iag=3&icsg=43368&nhd=1&dssz=18&mdo=0&mso=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=333&biw=1585&bih=1200&isw=728&ish=90&ifk=2673482249&scr_x=0&scr_y=0&eid=21065381&oid=3&pvsid=2977271144772024&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.w82c76tcxhhd&fsb=1&dtd=88
Frame ID: 3CA613BD5082F7B0229F62F78F82D0D6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFLttXGYwsJeulNIsJWVLFjYkjOCWd7hhKo86ZlzSFWBE6djKwlu58AFwLfv35PF9P_1mRvfKfQ5B0d2umQX4qgmt7PWl8Mgupd34njqSFSR0KtPzRKcApya2WLcGUrQbclCpe613nvbHjzx5oAvKq5CJrT9C16yR-VGPLkP-5tg7fApGiOi9H07RlCClm9UFKAVJvV94SbypHuboFUyUGfSC194Fsucy2KUW1AxQ0B77POXqy_a2S8hZX6MdyUO7Izf3wqys1&sig=Cg0ArKJSzITVoeE__px8EAE&urlfix=1&adurl=
Frame ID: 4F869D1E9C07250B8B4C519AD8D60343
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxsDRux6mqCkCSC7kLhnW8rboeSTUYvX5zJMjwoIobgkeCZxtx8NYi6rdCk142UKhnUeEho-JD2Oqh-YSiHctNZCBy6WB5s7YUHBbKezPHJ-5owC1nl_crdrFulRLSSak_p94NSyNpDjJNMYQYfSsAynqeP4Nxtu0URCiJhaA19QN2r7_ek0-P1P3cmvRMqQU-1UsRKRFBMMeufw92tvgZU3pk5zI4Nr7-I2wCFIk6diL1QfGlodUFDZUgSCKMCg8jOYhp5lFs&sig=Cg0ArKJSzAgH16LNxXD7EAE&urlfix=1&adurl=
Frame ID: DCC874AE028977CB0A7ED08DCFB34A7C
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=be
Frame ID: 24C1CA5F9FEDBC9356218A52A1DA9FC8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=be
Frame ID: 306B6D0D9D12CB27CEAE0D93869CACE7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1991679624331369&output=html&h=250&slotname=8385808081&adk=418362401&adf=52413249&w=300&npa=1&guci=1.2.0.0.2.1.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1580661972107&bpp=6&bdt=548&fdt=146&idt=146&shv=r20200129&cbv=r20190131&ptt=5&saldr=sa&correlator=5517231888475&frm=23&ife=4&pv=1&ga_vid=676941768.1580661972&ga_sid=1580661972&ga_hid=714&ga_fc=0&iag=3&icsg=173464&nhd=1&dssz=20&mdo=0&mso=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1043&ady=453&biw=1585&bih=1200&isw=300&ish=250&ifk=1726391744&scr_x=0&scr_y=0&eid=21065382&oid=3&pvsid=1461875398806229&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.x2wg59gaeb53&fsb=1&dtd=151
Frame ID: 2C60B7F941600985CB842DD37B286A4E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1991679624331369&output=html&h=250&slotname=8385808081&adk=418362401&adf=52413252&w=300&npa=1&guci=1.2.0.0.2.1.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1580661972174&bpp=7&bdt=583&fdt=103&idt=103&shv=r20200129&cbv=r20190131&ptt=5&saldr=sa&correlator=5517231888475&frm=23&ife=4&pv=1&ga_vid=2096097787.1580661972&ga_sid=1580661972&ga_hid=98193436&ga_fc=0&iag=3&icsg=43368&nhd=1&dssz=18&mdo=0&mso=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1043&ady=2662&biw=1585&bih=1200&isw=300&ish=250&ifk=840981435&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=4152916090815303&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.fr7v6exubm1m&btvi=1&fsb=1&dtd=107
Frame ID: 05FA032559FC4ADD7B216631195AA77F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html
Frame ID: 5C750E8FA61CF0B101E4C240DE49F3E9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

217
Requests

100 %
HTTPS

35 %
IPv6

20
Domains

35
Subdomains

26
IPs

6
Countries

3595 kB
Transfer

10486 kB
Size

6
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: http://www.zdnet.com.cn/
Title: ZDNet China

Search URL Search Domain Scan URL

URL: http://www.zdnet.fr/
Title: ZDNet France

Search URL Search Domain Scan URL

URL: http://www.zdnet.de/
Title: ZDNet Germany

Search URL Search Domain Scan URL

URL: http://www.zdnet.co.kr/
Title: ZDNet Korea

Search URL Search Domain Scan URL

URL: http://japan.zdnet.com/
Title: ZDNet Japan

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/whitepapers/
Title: White Papers

Search URL Search Domain Scan URL

URL: https://downloads.zdnet.com/
Title: Downloads

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/forums/
Title: TechRepublic Forums

Search URL Search Domain Scan URL

URL: https://www.ewa.com/customers/
Title: On its website

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/new-ryuk-info-stealer-targets-government-and-military-secrets/
Title: according to a Bleeping Computer report

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=saocXhTb7bc
Title: The security risks of running unsupported Windows 7 (ZDNet YouTube)

Search URL Search Domain Scan URL

URL: https://www.cnet.com/how-to/best-home-security-systems-for-2020/?ftag=CMG-01-10aaa1b
Title: Best home security of 2020: Professional monitoring and DIY (CNET)

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/article/how-to-setup-secure-credential-storage-for-docker/?ftag=CMG-01-10aaa1b
Title: How to set up secure credential storage for Docker (TechRepublic)

Search URL Search Domain Scan URL

URL: http://cbsi.force.com/CBSi/zdnetcommunityfaq
Title: Community Guidelines

Search URL Search Domain Scan URL

URL: http://www.cbsinteractive.com/legal/cbsi/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.cbsinteractive.com/legal/cbsi/privacy-policy/highlights
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/ZDNet/5953112932
Title:

Search URL Search Domain Scan URL

URL: http://twitter.com/zdnet
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/zdnet-com
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCr9QWb5RKLfaunjKHJZAdQQ
Title:

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/cookies
Title: Cookies

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/adchoice
Title: Ad Choice

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/eula
Title: Mobile User Agreement

Search URL Search Domain Scan URL

URL: http://narratives.zdnet.com/
Title: Sponsored Narratives

Search URL Search Domain Scan URL

URL: https://ca.privacy.cbs/
Title: CA Privacy/Info We Collect

Search URL Search Domain Scan URL

URL: https://ca.privacy.cbs/donotsell
Title: CA Do Not Sell My Info

Search URL Search Domain Scan URL

URL: https://cbsi.secure.force.com/CBSi/knowledgehome?referer=zdnet.com
Title: Site Assistance

Search URL Search Domain Scan URL

URL: https://academy.zdnet.com/
Title: ZDNet Academy

Search URL Search Domain Scan URL

URL: https://www.cbsinteractive.com/legal/cbsi/privacy-policy/cookies-and-beacons
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://privacy.cbs/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 118

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

217 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/ 481 KB
113 KB 238ms
177ms Document
text/html 23.37.50.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.37.50.121 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-50-121.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

306086b53671e06145e11f18034b237d0776d15f56e03e003e70eb69874d47bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.zdnet.com
:scheme: https
:path: /article/dod-contractor-suffers-ransomware-infection/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
server: nginx
cache-control: max-age=5400, private
x-tx-id: ef453c95-b279-48ce-a95b-c29a60feb3f4
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
expires: Sun, 02 Feb 2020 17:19:23 GMT
last-modified: Sun, 02 Feb 2020 15:49:23 GMT
content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://www.zdnet.com
content-type: text/html; charset=UTF-8
content-encoding: gzip
accept-ranges: bytes
content-length: 114501
date: Sun, 02 Feb 2020 16:46:10 GMT
set-cookie: fly_device=desktop; expires=Sun, 09-Feb-2020 16:46:10 GMT; path=/; domain=.zdnet.com; secure fly_geo={"countryCode": "be"}; expires=Sun, 09-Feb-2020 16:46:10 GMT; path=/; domain=.zdnet.com; secure fly_preferred_edition=eu; path=/; domain=.zdnet.com; secure fly_default_edition=eu; path=/; domain=.zdnet.com; secure
vary: Accept-Encoding, User-Agent
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
H2 200 otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 3 KB
1 KB 84ms
19ms Other
application/javascript 152.195.132.202
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.202 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8AAA) /
Resource Hash: f2aa076f22fd2f3b52ba1cc2f9def788f778227d7158ea620905b18074c61433

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Origin: https://www.zdnet.com

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
content-md5: Lto6xB7MHQAK85R0e3AYDQ==
age: 3299
x-cache: HIT
status: 200
content-length: 855
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 01:57:49 GMT
server: ECAcc (ama/8AAA)
etag: 0x8D79AF0A7D9D1DE
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: eb9f70a2-701e-0119-79e0-d9b2db000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sun, 02 Feb 2020 20:46:10 GMT

GET
H2 200 optanon.js Show response
production-cmp.isgprivacy.cbsi.com/dist/ 34 KB
10 KB 59ms
6ms Script
application/x-javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://production-cmp.isgprivacy.cbsi.com/dist/optanon.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

69eb943dcff21a1685a8be08ca46dec994d6d7d6c4d0e5019f47352cdb3c1e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Origin: https://www.zdnet.com

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1830
via: 1.1 varnish
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 9999
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4076-HHN
x-amz-id-2: KunyUq5XfPelnKHpW3nKQuQiGR/WhYU+9Z+Y6l9SACqbGRly8BrxoMsIMto8ug8sgKQgRVG1PjY=
last-modified: Thu, 30 Jan 2020 22:10:02 GMT
x-timer: S1580661970.212087,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "3e2e8d3476f923213eb8d1b7c9ce9307"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
accept-ranges: bytes
x-cache-hits: 311

GET
H2 200 bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c.json Show response
cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/ 4 KB
2 KB 85ms
21ms Script
application/x-javascript 152.195.132.202
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c.json
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.202 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B5A) /
Resource Hash: 0b5750f7319cd68234a9fdf91a6baaeaa48bff4a591d4fce5ffbf95bd5721f2c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Origin: https://www.zdnet.com

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
content-md5: uvY7Lm/H6IpTv7eNozZmQg==
age: 1828
x-cache: HIT
status: 200
content-length: 2097
x-ms-lease-status: unlocked
last-modified: Wed, 29 Jan 2020 17:18:07 GMT
server: ECAcc (ama/8B5A)
etag: 0x8D7A4DF35813E0D
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7ce30a45-301e-0099-42e4-d95724000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sun, 02 Feb 2020 20:46:10 GMT

GET
H/1.1 200
OK moatheader.js Show response
z.moatads.com/cbsprebidheader506831276743/ 193 KB
69 KB 93ms
38ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 43e79dee5f35e8b66e77913784a0c4c7234a4deeb621beb54018513bd9379fd9

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 02 Feb 2020 16:46:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 21:18:58 GMT
Server: AmazonS3
x-amz-request-id: 2AAE81389FEA9692
ETag: "ba3ca5331da2025273b7b78ec0dbdb33"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=55445
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 69878
x-amz-id-2: HTQhgIPlET896WOEfibbD58VpU/8tDL0krnPCLNgDg8ErPDq9suxh8NeaMDMaDN5TzHidxyxFeA=

GET
H2 200 main-838eeec021-rev.css
zdnet2.cbsistatic.com/fly/1957-fly/css/core/ 345 KB
63 KB 35ms
6ms Stylesheet
text/css 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/1957-fly/css/core/main-838eeec021-rev.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a900ad46d7ea2be2cc6dad73f5a6034d654bde612bd99942a253bc351689e092

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326475
status: 200
strict-transport-security: max-age=31536000
content-length: 63804
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jan 2020 21:57:24 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5e31ffc4-5633b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2020 22:04:54 GMT

GET
H2 200 controls-ea62eb1674-rev.css
zdnet1.cbsistatic.com/fly/css/video/htmlPlayerControls/ 17 KB
4 KB 35ms
6ms Stylesheet
text/css 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/css/video/htmlPlayerControls/controls-ea62eb1674-rev.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

6ddff44c65569a0a29464311596a792ab164077cd831192e3ae2c2b0e62738da

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326475
status: 200
strict-transport-security: max-age=31536000
content-length: 3684
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jan 2020 21:57:39 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5e31ffd3-440c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2020 22:04:54 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 3 KB
1 KB 76ms
19ms Script
application/javascript 152.195.132.202
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.202 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8AAA) /
Resource Hash: f2aa076f22fd2f3b52ba1cc2f9def788f778227d7158ea620905b18074c61433

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
content-md5: Lto6xB7MHQAK85R0e3AYDQ==
age: 3299
x-cache: HIT
status: 200
content-length: 855
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 01:57:49 GMT
server: ECAcc (ama/8AAA)
etag: 0x8D79AF0A7D9D1DE
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: eb9f70a2-701e-0119-79e0-d9b2db000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sun, 02 Feb 2020 20:46:10 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 53 KB
16 KB 88ms
31ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

76ece7717e62eed8809e2a21aacd89e529e37f2141669448a62acd31c3a16005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "416 / 292 of 1000 / last-modified: 1580409148"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16246
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:10 GMT

GET
H2 200 catalin-cimpanu.jpg
zdnet3.cbsistatic.com/hub/i/r/2018/08/21/a59867e9-8d75-40af-a87c-690638f8afa4/thumbnail/40x40/e9e4d21a35e101b1402c656cf979114c/ 910 B
1 KB 14ms
6ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2018/08/21/a59867e9-8d75-40af-a87c-690638f8afa4/thumbnail/40x40/e9e4d21a35e101b1402c656cf979114c/catalin-cimpanu.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ba2fa15976662b87f31dccdd53d415b927f2118760fdafc4ac21dd2c1b234ff3

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
x-content-type-options: nosniff
age: 11256643
status: 200
nncoection: close
strict-transport-security: max-age=31536000
content-length: 910
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Sep 2018 02:32:23 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Sep 2020 09:53:51 GMT

GET
H2 200 aircraft-carrier.jpg
zdnet3.cbsistatic.com/hub/i/2020/01/29/6a64214d-b643-41a4-926f-37a868d8d688/ 78 KB
78 KB 15ms
7ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/2020/01/29/6a64214d-b643-41a4-926f-37a868d8d688/aircraft-carrier.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

628756d718cc0179ab2870df9202208cd1d5808add1dda0177c5ab812d0f2ce2

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320594
status: 200
content-transfer-encoding: binary
x-image-exists: 1
strict-transport-security: max-age=31536000
content-length: 79219
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"8e7897cc58ebaf3f7d8590323ffd1e7c"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 require-2.1.2.js Show response
zdnet2.cbsistatic.com/fly/1957-fly/js/libs/ 16 KB
6 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/1957-fly/js/libs/require-2.1.2.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f96f203f5605c9f56e7f6f97caf6ea84f122872ec3c5ac1f9037a1b508c706ee

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326475
status: 200
strict-transport-security: max-age=31536000
content-length: 6305
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jan 2020 21:57:48 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5e31ffdc-3f09"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2020 22:04:54 GMT

GET
H2 200 optanon.js Show response
production-cmp.isgprivacy.cbsi.com/dist/ 34 KB
10 KB 18ms
6ms Script
application/x-javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://production-cmp.isgprivacy.cbsi.com/dist/optanon.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

69eb943dcff21a1685a8be08ca46dec994d6d7d6c4d0e5019f47352cdb3c1e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1829
via: 1.1 varnish
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 9999
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4060-HHN
x-amz-id-2: KunyUq5XfPelnKHpW3nKQuQiGR/WhYU+9Z+Y6l9SACqbGRly8BrxoMsIMto8ug8sgKQgRVG1PjY=
last-modified: Thu, 30 Jan 2020 22:10:02 GMT
x-timer: S1580661970.243342,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "3e2e8d3476f923213eb8d1b7c9ce9307"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
accept-ranges: bytes
x-cache-hits: 317

GET
H2 200 YZ2TK-PC7PJ-K64DL-L53CR-P2G4E Show response
c.go-mpulse.net/boomerang/ Frame 6CE0 187 KB
47 KB 24ms
24ms Script
application/javascript 23.0.36.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.0.36.169 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-0-36-169.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: br
last-modified: Sat, 30 Nov 2019 03:05:23 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
status: 200
cache-control: max-age=604800, s-maxage=604800
timing-allow-origin: *
content-length: 47928

GET
DATA 200
OK truncated
/ 917 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 mag-white01.png
zdnet3.cbsistatic.com/fly/1580334814-asset/bundles/zdnetcss/images/core/ 1 KB
1 KB 8ms
6ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/fly/1580334814-asset/bundles/zdnetcss/images/core/mag-white01.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet2.cbsistatic.com/fly/1957-fly/css/core/main-838eeec021-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326472
status: 200
strict-transport-security: max-age=31536000
content-length: 936
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jan 2020 21:53:34 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5e31fede-4f1"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2020 22:04:56 GMT

GET
H2 200 Raleway-Bold.woff2
zdnet2.cbsistatic.com/bundles/zdnetcss/fonts/raleway/ 51 KB
51 KB 18ms
6ms Font
font/woff2 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/bundles/zdnetcss/fonts/raleway/Raleway-Bold.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

9db8bd3e641dc88d54edf476a148e75e29b4e8ccd040cb340404d557578dcfbd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://zdnet2.cbsistatic.com/fly/1957-fly/css/core/main-838eeec021-rev.css
Origin: https://www.zdnet.com

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
x-content-type-options: nosniff
age: 17361558
status: 200
nncoection: close
strict-transport-security: max-age=31536000
content-length: 52212
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Jul 2019 08:38:39 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d2d8d0f-cbf4"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jul 2020 18:06:51 GMT

GET
H2 200 Raleway-Light.woff2
zdnet2.cbsistatic.com/bundles/zdnetcss/fonts/raleway/ 50 KB
50 KB 32ms
19ms Font
font/woff2 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/bundles/zdnetcss/fonts/raleway/Raleway-Light.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

6de73873dd441f953668e77030299f082e0f3e6335bf944d88d44978162e6609

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://zdnet2.cbsistatic.com/fly/1957-fly/css/core/main-838eeec021-rev.css
Origin: https://www.zdnet.com

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
x-content-type-options: nosniff
age: 17361557
status: 200
strict-transport-security: max-age=31536000
content-length: 51608
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Jul 2019 08:38:39 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d2d8d0f-c998"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jul 2020 18:06:51 GMT

GET
H2 200 Raleway-Regular.woff2
zdnet2.cbsistatic.com/bundles/zdnetcss/fonts/raleway/ 50 KB
51 KB 18ms
5ms Font
font/woff2 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/bundles/zdnetcss/fonts/raleway/Raleway-Regular.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

66ef1b7581d8ef7b82bfe2ca363a612a479d89b808e2241f68d3e8c75f4f06d4

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://zdnet2.cbsistatic.com/fly/1957-fly/css/core/main-838eeec021-rev.css
Origin: https://www.zdnet.com

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
x-content-type-options: nosniff
age: 9191691
status: 200
strict-transport-security: max-age=31536000
content-length: 51572
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Oct 2019 18:12:58 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5da8af2a-c974"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Oct 2020 07:30:18 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c.json Show response
cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/ 4 KB
2 KB 19ms
18ms XHR
application/x-javascript 152.195.132.202
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c.json
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.202 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B5A) /
Resource Hash: 0b5750f7319cd68234a9fdf91a6baaeaa48bff4a591d4fce5ffbf95bd5721f2c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Origin: https://www.zdnet.com

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
content-md5: uvY7Lm/H6IpTv7eNozZmQg==
age: 1828
x-cache: HIT
status: 200
content-length: 2097
x-ms-lease-status: unlocked
last-modified: Wed, 29 Jan 2020 17:18:07 GMT
server: ECAcc (ama/8B5A)
etag: 0x8D7A4DF35813E0D
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7ce30a45-301e-0099-42e4-d95724000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sun, 02 Feb 2020 20:46:10 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/old/scripttemplates/ 14 KB
3 KB 19ms
19ms Script
application/javascript 152.195.132.202
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/scripttemplates/old/scripttemplates/otSDKStub.js
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.202 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8A98) /
Resource Hash: 94c7b36de45dbddd51b2f347ca10201824be98f58e8db04c652f14dc2949ee1e

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
content-md5: J/JMAS9xSE3n9BjiBh8nHg==
age: 2884
x-cache: HIT
status: 200
content-length: 2916
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 01:57:55 GMT
server: ECAcc (ama/8A98)
etag: 0x8D79AF0AB4454CC
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 413adb88-401e-0096-7ee1-d9bad2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sun, 02 Feb 2020 20:46:10 GMT

GET
H2 200 logo.png
zdnet2.cbsistatic.com/fly/1580334814-asset/bundles/zdnetcss/images/core/ 4 KB
4 KB 6ms
6ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/fly/1580334814-asset/bundles/zdnetcss/images/core/logo.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet2.cbsistatic.com/fly/1957-fly/css/core/main-838eeec021-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326474
status: 200
strict-transport-security: max-age=31536000
content-length: 4128
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jan 2020 21:53:34 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5e31fede-1009"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2020 22:04:56 GMT

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 109 B
778 B 50ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
778 B 28ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020012701.js Show response
securepubads.g.doubleclick.net/gpt/ 167 KB
61 KB 33ms
33ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

d1c7f856b2634d01853b4e1496651fb5a7cd9c95ad90f6dfc8959e415268c240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jan 2020 14:06:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62184
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:10 GMT

GET
H2 200 main.default.js Show response
zdnet3.cbsistatic.com/fly/1957-fly/js/ 217 KB
72 KB 7ms
7ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/1957-fly/js/main.default.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1957-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

d77c91886d1e648a5549f9a6a58dbf8e930bf633b7184fefedb0568722b926a2

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326475
status: 200
strict-transport-security: max-age=31536000
content-length: 73301
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jan 2020 21:57:51 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5e31ffdf-36206"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2020 22:04:55 GMT

GET
H2 200 bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c.json Show response
cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/ 4 KB
2 KB 19ms
19ms XHR
application/x-javascript 152.195.132.202
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c.json
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.202 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B5A) /
Resource Hash: 0b5750f7319cd68234a9fdf91a6baaeaa48bff4a591d4fce5ffbf95bd5721f2c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Origin: https://www.zdnet.com

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
content-md5: uvY7Lm/H6IpTv7eNozZmQg==
age: 1828
x-cache: HIT
status: 200
content-length: 2097
x-ms-lease-status: unlocked
last-modified: Wed, 29 Jan 2020 17:18:07 GMT
server: ECAcc (ama/8B5A)
etag: 0x8D7A4DF35813E0D
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7ce30a45-301e-0099-42e4-d95724000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sun, 02 Feb 2020 20:46:10 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 6CE0 2 KB
1018 B 219ms
218ms XHR
application/json 2a02:26f0:6c00:19c::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&d=www.zdnet.com&t=5268873&v=1.571.0&if=&sl=0&si=qsu7grrelhe-NaN&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,LOGN&acao=
Requested by: Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:19c::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 8b6bc420f36a7ee19030f08310711c5cf3a841e55c2be554622221f25e6ce8fa

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Origin: https://www.zdnet.com

Response headers

Date: Sun, 02 Feb 2020 16:46:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 698

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/old/scripttemplates/5.11.0/ 326 KB
78 KB 19ms
18ms Script
application/javascript 152.195.132.202
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/scripttemplates/old/scripttemplates/5.11.0/otBannerSdk.js
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/old/scripttemplates/otSDKStub.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.202 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B66) /
Resource Hash: 3c049ea432cb3c95043ef58d76b7635592b2a4cd8e0fb6ef5b4bd5cbef573923

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
content-md5: q5TV2UTKwEiG982GRjoWWw==
age: 13898
x-cache: HIT
status: 200
content-length: 80194
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 01:57:56 GMT
server: ECAcc (ama/8B66)
etag: 0x8D79AF0AC276557
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e202be3d-101e-0024-43c7-d941a8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sun, 02 Feb 2020 20:46:10 GMT

GET
H2 200 urs.js Show response
urs.zdnet.com/sdk/ 50 KB
50 KB 291ms
125ms Script
application/javascript 35.190.38.167
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://urs.zdnet.com/sdk/urs.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1957-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.38.167 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 167.38.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ffaeeea8b8a09eda9e1eb2f2dc2c9ae055afb7fdbd4d88f57f324f8cad1d4ac5

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
via: 1.1 google
last-modified: Thu, 07 Feb 2019 14:05:56 GMT
etag: "5c5c3b44-c7f5"
content-type: application/javascript
status: 200
accept-ranges: bytes
alt-svc: clear
content-length: 51189

GET
H2 200 scrolling-mpu-22779a851e-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 956 B
598 B 7ms
7ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/scrolling-mpu-22779a851e-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1957-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

4d565f67641c732365c3180ec1e37c7a987825faad3e8632de8a07a9101feedd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346794
status: 200
strict-transport-security: max-age=31536000
content-length: 491
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jan 2020 15:14:54 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5e31a16e-3bc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2020 16:26:16 GMT

GET
H2 200 mpulse-1.0.2.js Show response
zdnet1.cbsistatic.com/fly/js/libs/ 12 KB
5 KB 6ms
5ms Script
application/javascript 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1957-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

763fa0bd7eff816d0a5f8c3e4075f9173a5cebf51a1e2c0d1174f841de10b9dd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181584
status: 200
strict-transport-security: max-age=31536000
content-length: 4877
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jan 2020 21:57:48 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5e31ffdc-2fdf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2020 14:19:46 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/v2/ 2 KB
1 KB 229ms
219ms XHR
application/json 2a02:26f0:6c00:19c::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/v2/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&t=1580661970416&s=d5fcf4c3a29ab40f87c440400480d442cf7f9bfe0e91c47b2bf20fd37db90eea
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:19c::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 3bc86d36b5a74ad0122fbb2b9553faaaf657bc486b3752eb58f9b95bc1351e7d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Origin: https://www.zdnet.com

Response headers

Date: Sun, 02 Feb 2020 16:46:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 741

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 197 B
514 B 41ms
25ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/old/scripttemplates/5.11.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3fc31f7ff4e172cf230a99559537672d43115f6b69e5c0900c625ecfaac8e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 55eda3c34a18c2ef-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/bac19328-3673-4434-b575-5b669b4d361d/ 93 KB
14 KB 21ms
21ms Fetch
application/x-javascript 152.195.132.202
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/bac19328-3673-4434-b575-5b669b4d361d/en.json
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.202 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8AE7) /
Resource Hash: 1cf9158dbeb0d88a6ab5c79109a04535bed9cc1bc09608f400505fe37ccdc370

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Origin: https://www.zdnet.com

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
content-md5: 4U6lIN+AKew+JwT2CbAsAQ==
age: 949
x-cache: HIT
status: 200
content-length: 14400
x-ms-lease-status: unlocked
last-modified: Wed, 29 Jan 2020 17:18:20 GMT
server: ECAcc (ama/8AE7)
etag: 0x8D7A4DF3D130328
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: df2b0fe3-401e-0037-53e6-d97449000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sun, 02 Feb 2020 20:46:10 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/old/scripttemplates/5.11.0/assets/ 15 KB
3 KB 19ms
19ms Fetch
application/json 152.195.132.202
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/scripttemplates/old/scripttemplates/5.11.0/assets/otFlat.json
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.202 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B39) /
Resource Hash: c01d825e8f03f4125b38f630b84c7a88201c319b4f94e5a6a787cd86b89543f0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Origin: https://www.zdnet.com

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
content-md5: vs/gsO9tV0OXmh/ItWBsNA==
age: 13897
x-cache: HIT
status: 200
content-length: 2826
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 01:57:45 GMT
server: ECAcc (ama/8B39)
etag: 0x8D79AF0A5AEE8BA
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: dfc2bf17-001e-0152-4bc7-d98341000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sun, 02 Feb 2020 20:46:10 GMT

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/old/scripttemplates/5.11.0/assets/ 71 KB
13 KB 20ms
20ms Fetch
application/json 152.195.132.202
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/scripttemplates/old/scripttemplates/5.11.0/assets/otPcPanel.json
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.202 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8AB2) /
Resource Hash: c1f050d746352edfeb7b8651a16b62799161a08198ac01873c75bf9f5e33b684

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Origin: https://www.zdnet.com

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
content-md5: H+NNmLJfIbm1+G38NEKXbQ==
age: 506
x-cache: HIT
status: 200
content-length: 12694
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 01:57:46 GMT
server: ECAcc (ama/8AB2)
etag: 0x8D79AF0A60D9546
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2eff91e6-f01e-0061-47e7-d99c39000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sun, 02 Feb 2020 20:46:10 GMT

GET
H2 200 nr-1158.min.js Show response
js-agent.newrelic.com/ 26 KB
10 KB 78ms
22ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1158.min.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 005414ad9d93e4cb677b5e4f87112b0ff6d3731b414bc425bfa1bb94c99a081a

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-amz-request-id: 05078C8314CE05D9
x-cache: HIT
status: 200
content-length: 10068
x-amz-id-2: k/o3rVVH7xEllWkMDt+UqJXGc2XymCSLb7GhA46y1pMU8KrFeHcaloOyE3YiczFpR0rZbrpvg/o=
x-served-by: cache-hhn4022-HHN
last-modified: Wed, 18 Dec 2019 00:24:13 GMT
server: AmazonS3
x-timer: S1580661971.797613,VS0,VE0
etag: "0be8452b990e805f60431dce9e0279b2"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 13285

GET
H2 200 article-bb88aaeb22-rev.js Show response
zdnet4.cbsistatic.com/fly/js/pages/ 155 KB
44 KB 31ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/js/pages/article-bb88aaeb22-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1957-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

9f67fdd7b170902493042bacfa38d2673cede0444d6248db8c19d5d46ff013f2

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256343
status: 200
strict-transport-security: max-age=31536000
content-length: 44431
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jan 2020 21:57:52 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5e31ffe0-26d01"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2020 17:33:47 GMT

POST
H2 204 /
685d5b18.akstat.io/ 0
201 B 236ms
235ms Other
image/gif 23.0.36.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://685d5b18.akstat.io/

Requested by

Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.0.36.169 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-0-36-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 02 Feb 2020 16:46:11 GMT
access-control-allow-origin: https://www.zdnet.com
content-type: image/gif
status: 204
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H/1.1 200
OK 36c1ca5070 Show response
bam.nr-data.net/1/ 57 B
275 B 437ms
109ms Script
text/javascript 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/36c1ca5070?a=138637741&v=1158.afc605b&to=NV1TZ0MHXxUFWxBYWQwXcFBFD14IS1kWRV8BVFRsQg9fAQhd&rst=949&ref=https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/&ap=943&be=306&fe=868&dc=451&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1580661969869,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:1,%22c%22:1,%22s%22:15,%22ce%22:61,%22rq%22:61,%22rp%22:237,%22rpe%22:285,%22dl%22:246,%22di%22:450,%22ds%22:450,%22de%22:450,%22dc%22:867,%22l%22:867,%22le%22:881%7D,%22navigation%22:%7B%7D%7D&fp=380&fcp=380&at=GRpEEQsdExIcZw1VFFgaBlYEUgdUBg9JVVcBXhwHB1YCSwYJAgkbBg0BUQcDCQMFWQcJFE4aRVxBD1IoBVUBEwxAS1RQRBRYEh1EA15AB0pfXlQIRUYRS0YdFANKRVpSClQyHUgBEwxAW15dRQNfEjtZFkVfAVRUER1EUxMdUQpWdRtbXVYTXBMCDUsHXkAHShMfEwJUEA1bAWVPEl0TCRMCVBUPTAtBFE4aU19eAXgCRgJGU1ABW1VXA1UcAwAMBRwHU10CHghTVVRJCFYIB1MABwAGUAQDRhRGQVcFXWVKQQMTXEZZFkVfAVRUER1ERQkUUQd4UkACEwIAVVJUUVpSHFMBAQAeAFdUVUkBUVUETwgDCgBXCVBXD1IEUx4JAQZXUwRUBhUBUg9TFQACVFUcX1FcVhwGUAEAAglQAlFSDQETGkBNQ18TXBMOEEwUQgw%2BF20cRhFGSB5cClRCTFteXm1JUBQQUQddUz4XVVxVS1IJCkwWUFUWV0MeQhNXAAFKFxxEA1ZCXFwRUBQBFQ1fUAdbRVpeCG1JRkVIE1dAAkpOTA%3D%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1158.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: text/javascript;charset=ISO-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 CBSI-PLAYER.js Show response
vidtech.cbsinteractive.com/uvpjs/0.42.297/ 1 MB
281 KB 79ms
24ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidtech.cbsinteractive.com/uvpjs/0.42.297/CBSI-PLAYER.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1957-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
age: 1245229
x-cache: HIT, HIT
status: 200
content-length: 286838
x-amz-id-2: a7sTpjN0rbLZvEEnuHdaTck1VBHekvKhhLC2Mk6PBFUk87JlwOZCikwf5WULADe+/kLh6gJa9yk=
x-served-by: cache-dca17770-DCA, cache-fra19131-FRA
last-modified: Fri, 01 Feb 2019 18:20:56 GMT
server: AmazonS3
x-timer: S1580661971.895261,VS0,VE1
etag: "eb5dd4ed3dcb7641ebbcb604d7ddb038"
vary: Accept-Encoding
x-amz-request-id: 45E7246C4D68C98C
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 1

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 153 KB
25 KB 614ms
614ms XHR
text/plain 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2584386712469832&correlator=1886372525806301&output=ldjh&impl=fifs&adsid=NT&eid=21062453%2C21063048&vrg=2020012701&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200202&iu_parts=8264%2Cuk-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=7x7%7C5x5%2C728x90%7C970x66%7C970x250%2C300x250%7C300x600%7C300x1050%2C320x50%7C11x11%2C300x250%2C300x250%2C641x321%2C728x90%7C970x66%7C970x250%2C371x771&fluid=0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0&prev_scp=pos%3Dnav%7Cpos%3Dtop%7Cpos%3Dtop%7Cpos%3Dtop%26strnativekey%3D8ec3a4f3%7Cpos%3Dmiddle%7Cpos%3Dbottom%7Cpos%3Dtop%7Cpos%3Dbottom%7Cpos%3Dtop&eri=1&cust_params=buyingcycle%3Ddiscover%26topic%3Dsecurity%252Cgovernment-us%252Cgovernment%26tag%3Dransomware%252Cgovernment-it%26device%3Ddesktop%26ptype%3Darticle%26cid%3Ddod-contractor-suffers-ransomware-infection%26env%3Dprod%26firstpg%3D1%26vguid%3D31dc7330-59cb-4366-80df-116f0d0a5cd2%26session%3Dh%26subses%3D2&cookie_enabled=1&bc=31&abxe=1&lmt=1580658563&dt=1580661970865&dlt=1580661970115&idt=269&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933%2C-12245933%2C-12245933%2C208%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933&adys=-12245933%2C-12245933%2C-12245933%2C2225%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933&adks=209528187%2C3978811740%2C1729397503%2C2929111965%2C1946293026%2C237481803%2C2747245683%2C2128831610%2C935135691&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&dssz=45&icsg=547880960&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x4169%7C1585x0%7C370x0%7C770x11%7C370x0%7C370x250%7C770x3079%7C1210x0%7C370x0&msz=7x7%7C688x105%7C300x280%7C770x11%7C300x280%7C300x280%7C641x361%7C728x130%7C371x771&ga_vid=27030123.1580661971&ga_sid=1580661971&ga_hid=1236331281&fws=132%2C132%2C132%2C4%2C132%2C132%2C132%2C132%2C132&ohw=1585%2C1585%2C1585%2C1585%2C1585%2C1585%2C1585%2C1585%2C1585

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

a79d2f486c2f4985ebc84bd7dc2faf0c101799262b9082eb8058bbd34785ec00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Origin: https://www.zdnet.com

Response headers

date: Sun, 02 Feb 2020 16:46:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24619
x-xss-protection: 0
google-lineitem-id: 4745974454,241984809,241984809,4745189935,-1,253246569,4745327422,253246569,4825966980
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138239360627,138271463474,138271449720,138239344472,-1,138271463546,138239368367,138271463540,138247024569
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020012701.js Show response
securepubads.g.doubleclick.net/gpt/ 66 KB
24 KB 32ms
32ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

42473182b7be1e9059b11448b00e33e0197994dd8e542fb7b58706408e02f2b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jan 2020 14:06:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24916
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:10 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 27ms
6ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET
H2 200 / Show response
www.zdnet.com/components/breaking-news/xhr/ 1 KB
2 KB 171ms
170ms XHR
application/json 23.37.50.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/components/breaking-news/xhr/?slug=breaking-news-banner

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.37.50.121 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-50-121.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

da2906ff5051c96edac625db8d76b8773a240dc563b3965f3c08680d3e851df0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-NewRelic-ID: UQIHWFZXGwIDXFdRAAYDVw==
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
nncoection: close
status: 200
vary: Accept-Encoding, User-Agent
content-length: 522
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 02 Feb 2020 16:45:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
date: Sun, 02 Feb 2020 16:46:11 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: c125102d-69f5-4624-86db-327ba8b9eac7
content-type: application/json
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=5400, private
accept-ranges: bytes
expires: Sun, 02 Feb 2020 18:15:22 GMT

GET
H2 200 ewa-ransomware.png
zdnet1.cbsistatic.com/hub/i/2020/01/29/f59115d4-f26a-4cfd-825c-7c3e6371b05a/ 24 KB
24 KB 6ms
6ms Image
image/png 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/2020/01/29/f59115d4-f26a-4cfd-825c-7c3e6371b05a/ewa-ransomware.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

89790a2e62536760a6c186e8bd311507c8704cd923153b2f5e7dd7a271e3b29e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313860
status: 200
content-transfer-encoding: binary
x-image-exists: 1
strict-transport-security: max-age=31536000
content-length: 24464
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"7dac0f8f86afc0db7f7854d370346127"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 image-gallery-modal-ec26a43f49-rev.js Show response
zdnet1.cbsistatic.com/fly/js/components/ 5 KB
2 KB 13ms
13ms Script
application/javascript 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/components/image-gallery-modal-ec26a43f49-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1957-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0e247324f306f5533e1494da4fb16b44a6ddab36c999d225fb91400eac2c0ec3

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242200
status: 200
strict-transport-security: max-age=31536000
content-length: 1923
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jan 2020 21:57:45 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5e31ffd9-13fd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2020 21:29:30 GMT

GET
H2 200 anthem-hacker.jpg
zdnet3.cbsistatic.com/hub/i/r/2019/05/29/48679984-c00c-4d32-87b9-4963628f9813/thumbnail/170x128/f09153854c6474331f0a55b83f1abd32/ 4 KB
4 KB 7ms
6ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2019/05/29/48679984-c00c-4d32-87b9-4963628f9813/thumbnail/170x128/f09153854c6474331f0a55b83f1abd32/anthem-hacker.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

9e226827a0d6dd483a9c39cb0ac1a4f76797fb43852bd84e2dbfea3bf697980e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519492
status: 200
content-transfer-encoding: binary
x-image-exists: 1
strict-transport-security: max-age=31536000
content-length: 4144
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"d278df4919453195d221030324127a0e"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sae.jpg
zdnet3.cbsistatic.com/hub/i/r/2019/05/28/119595aa-09b6-4aa3-80f8-a29d823ec9d3/thumbnail/170x128/c3b8c7f157484ec06dfdacd038bc3a3e/ 5 KB
5 KB 8ms
7ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2019/05/28/119595aa-09b6-4aa3-80f8-a29d823ec9d3/thumbnail/170x128/c3b8c7f157484ec06dfdacd038bc3a3e/sae.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

d37c6ae9a90caed510bd467a4db90c10220e7e8cf417455df545e270f41c6f69

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6441177
status: 200
content-transfer-encoding: binary
strict-transport-security: max-age=31536000
content-length: 4647
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "4aaa76178f8567e05c8e8295c96171d8"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 lazarus-group-member.jpg
zdnet1.cbsistatic.com/hub/i/r/2019/05/29/0470890a-3f2d-4291-bf6f-168fa50d6537/thumbnail/170x128/75bbbeebb309f148e251ea16f2ff22e7/ 4 KB
4 KB 8ms
8ms Image
image/jpeg 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2019/05/29/0470890a-3f2d-4291-bf6f-168fa50d6537/thumbnail/170x128/75bbbeebb309f148e251ea16f2ff22e7/lazarus-group-member.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

299880654ed93f867a634ba355fdec61d2ac6e7cd39a8adec4c313a709fc814e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6770529
status: 200
content-transfer-encoding: binary
x-image-exists: 1
strict-transport-security: max-age=31536000
content-length: 4079
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"dd1016d687d5960a8f279198a94d0cc5"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 zeus.jpg
zdnet3.cbsistatic.com/hub/i/r/2019/05/28/238b3585-22ff-4ba9-8c90-bb5d864a1f00/thumbnail/170x128/6de0fc8e9b5d999206db3b7ff0cac1ae/ 4 KB
4 KB 7ms
6ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2019/05/28/238b3585-22ff-4ba9-8c90-bb5d864a1f00/thumbnail/170x128/6de0fc8e9b5d999206db3b7ff0cac1ae/zeus.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ed00176d19bfead49bb296f7961559f70b7de511350ca1dbef08d578010685e1

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2381858
status: 200
content-transfer-encoding: binary
x-image-exists: 1
strict-transport-security: max-age=31536000
content-length: 4460
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"7d411dca7348327b71e894c52e76eeeb"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 mabna-hackers.jpg
zdnet2.cbsistatic.com/hub/i/r/2019/05/28/0fefe900-f50a-429c-b3eb-21ade92e8be3/thumbnail/170x128/5b82bb170255df4c20858280e3c9efbe/ 7 KB
7 KB 7ms
6ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/05/28/0fefe900-f50a-429c-b3eb-21ade92e8be3/thumbnail/170x128/5b82bb170255df4c20858280e3c9efbe/mabna-hackers.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ae7ffa9357fbd52d24ec1fe9a3fa10a65ef98ca2eb073ef80be613a8ae3fa17e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8765818
status: 200
content-transfer-encoding: binary
strict-transport-security: max-age=31536000
content-length: 7080
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "4cc05b35c2f937c5bd9e7d41d3686fff"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 disqus-loader-8e759b9d3c-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 1 KB
785 B 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/disqus-loader-8e759b9d3c-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1957-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0b2b82ba31f5d420a68664c3d7276effda59946d491a56236c1fbfe358fcbe79

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274481
status: 200
strict-transport-security: max-age=31536000
content-length: 636
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jan 2020 21:57:45 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5e31ffd9-576"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2020 12:31:29 GMT

GET
H2 200 raytheon.jpg
zdnet4.cbsistatic.com/hub/i/r/2020/02/02/f0b5b621-cb83-480a-b021-252a6c516ae1/thumbnail/170x128/84e32e4a0ad08574360cb38583c28078/ 4 KB
4 KB 8ms
7ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2020/02/02/f0b5b621-cb83-480a-b021-252a6c516ae1/thumbnail/170x128/84e32e4a0ad08574360cb38583c28078/raytheon.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

1eb54021fbb030bfc591775cffc57521d8f1b2ecaf07280fa7cde0cf6e8adf9b

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
x-content-type-options: nosniff
age: 8046
status: 200
content-transfer-encoding: binary
x-image-exists: 1
strict-transport-security: max-age=31536000
content-length: 4173
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "2130eb640e0a272898a51da41363542d"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 firefoxlogo.png
zdnet1.cbsistatic.com/hub/i/r/2019/04/05/92e71ec8-ad58-4bd5-b6dc-a50c3d9951d5/thumbnail/170x128/b13f92dd0b9345df0f99a56d16293e3f/ 14 KB
14 KB 8ms
7ms Image
image/png 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2019/04/05/92e71ec8-ad58-4bd5-b6dc-a50c3d9951d5/thumbnail/170x128/b13f92dd0b9345df0f99a56d16293e3f/firefoxlogo.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

b2af083b0a1531d23eacfafb7b770be943f2008819f66f9392cca06054642525

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
x-content-type-options: nosniff
age: 118487
status: 200
content-transfer-encoding: binary
x-image-exists: 1
strict-transport-security: max-age=31536000
content-length: 14596
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "1a4789e18b41063f512f76ebc5409d42"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 set-top-box-remote.jpg
zdnet2.cbsistatic.com/hub/i/r/2019/08/28/6e9ef6f7-5bf9-4ebe-8e1d-5dc94bfd3293/thumbnail/170x128/4286d88ddfdcdc04127d532cda69d9d6/ 9 KB
8 KB 8ms
7ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/08/28/6e9ef6f7-5bf9-4ebe-8e1d-5dc94bfd3293/thumbnail/170x128/4286d88ddfdcdc04127d532cda69d9d6/set-top-box-remote.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

aaaa7031fe55da54504dd94d2fb35be1e7699dbb11d3b93cbbb965c9bb281125

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165582
status: 200
content-transfer-encoding: binary
x-image-exists: 1
strict-transport-security: max-age=31536000
content-length: 8132
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"d6f84c02e2a54908d96f410083beb6e0"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 belfastarrest.jpg
zdnet4.cbsistatic.com/hub/i/r/2020/01/31/862e8d37-5790-4205-b198-ba17b039e9b8/thumbnail/170x128/917517d576d1959749944218992790ed/ 5 KB
5 KB 8ms
7ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2020/01/31/862e8d37-5790-4205-b198-ba17b039e9b8/thumbnail/170x128/917517d576d1959749944218992790ed/belfastarrest.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

601e3b02efbc6fcef221c14fe5abaa44423b907cddf2928c37fb6ac7b7b936b2

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
x-content-type-options: nosniff
age: 180084
status: 200
content-transfer-encoding: binary
x-image-exists: 1
strict-transport-security: max-age=31536000
content-length: 5116
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "878a0658e652765c4979dba411787e43"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
www.zdnet.com/newsletter/xhr/widget-login/ 2 KB
2 KB 410ms
410ms XHR
application/json 23.37.50.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/newsletter/xhr/widget-login/?topic=security

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.37.50.121 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-50-121.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

dbafb5370a578219d5063bed09622dbed9ee3b0c9690dd40874c98e216b56d93

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-NewRelic-ID: UQIHWFZXGwIDXFdRAAYDVw==
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, User-Agent
content-length: 755
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: SAMEORIGIN
date: Sun, 02 Feb 2020 16:46:11 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: 5e36afc0-23e1-439c-80c3-f2386edb9a24
content-type: application/json
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H2 200 front-door-carousel-56427878d9-rev.js Show response
zdnet1.cbsistatic.com/fly/js/components/ 5 KB
2 KB 5ms
5ms Script
application/javascript 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/components/front-door-carousel-56427878d9-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1957-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

5ecc6a93ec2939faa8dbf80084346c7d940f5a2181ee69343810da52902eb92d

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 556122
status: 200
strict-transport-security: max-age=31536000
content-length: 1564
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Jan 2020 17:09:59 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5e2b24e7-124a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Feb 2020 06:17:28 GMT

GET
H2 200 ewa-ransomware.png
zdnet1.cbsistatic.com/hub/i/2020/01/29/f59115d4-f26a-4cfd-825c-7c3e6371b05a/ 24 KB
24 KB 6ms
5ms Image
image/png 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/2020/01/29/f59115d4-f26a-4cfd-825c-7c3e6371b05a/ewa-ransomware.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1957-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

89790a2e62536760a6c186e8bd311507c8704cd923153b2f5e7dd7a271e3b29e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313860
status: 200
content-transfer-encoding: binary
x-image-exists: 1
strict-transport-security: max-age=31536000
content-length: 24464
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"7dac0f8f86afc0db7f7854d370346127"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2019/04/05/92e71ec8-ad58-4bd5-b6dc-a50c3d9951d5/thumbnail/170x128/b13f92dd0b9345df0f99a56d16293e3f/firefoxlogo.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1957-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

b2af083b0a1531d23eacfafb7b770be943f2008819f66f9392cca06054642525

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
x-content-type-options: nosniff
age: 118487
status: 200
content-transfer-encoding: binary
x-image-exists: 1
strict-transport-security: max-age=31536000
content-length: 14596
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "1a4789e18b41063f512f76ebc5409d42"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2020/02/02/f0b5b621-cb83-480a-b021-252a6c516ae1/thumbnail/170x128/84e32e4a0ad08574360cb38583c28078/raytheon.jpg

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1957-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

1eb54021fbb030bfc591775cffc57521d8f1b2ecaf07280fa7cde0cf6e8adf9b

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
x-content-type-options: nosniff
age: 8046
status: 200
content-transfer-encoding: binary
x-image-exists: 1
strict-transport-security: max-age=31536000
content-length: 4173
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "2130eb640e0a272898a51da41363542d"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/08/28/6e9ef6f7-5bf9-4ebe-8e1d-5dc94bfd3293/thumbnail/170x128/4286d88ddfdcdc04127d532cda69d9d6/set-top-box-remote.jpg

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1957-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

aaaa7031fe55da54504dd94d2fb35be1e7699dbb11d3b93cbbb965c9bb281125

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165582
status: 200
content-transfer-encoding: binary
x-image-exists: 1
strict-transport-security: max-age=31536000
content-length: 8132
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"d6f84c02e2a54908d96f410083beb6e0"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2020/01/31/862e8d37-5790-4205-b198-ba17b039e9b8/thumbnail/170x128/917517d576d1959749944218992790ed/belfastarrest.jpg

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1957-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

601e3b02efbc6fcef221c14fe5abaa44423b907cddf2928c37fb6ac7b7b936b2

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
x-content-type-options: nosniff
age: 180084
status: 200
content-transfer-encoding: binary
x-image-exists: 1
strict-transport-security: max-age=31536000
content-length: 5116
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "878a0658e652765c4979dba411787e43"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 204
No Content / Show response
685d5b18.akstat.io/ 0
354 B 230ms
216ms XHR
image/gif 2a02:26f0:6c00:184::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://685d5b18.akstat.io/?h.pg=article&when=1580661970926&t_other=custom4%7C286&d=zdnet.com&h.key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&h.d=zdnet.com&h.cr=a16ea9c0bb10f9bb11a44ead2ac30fa65af3e132&h.t=1580661970536&http.initiator=api&rt.start=api&rt.si=77d9b2e7-802f-4a50-bea6-ec0a9769cd51&rt.ss=1580661970964&rt.sl=0&api=1&api.v=2&api.l=js&api.lv=0.0.1

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:184::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Origin: https://www.zdnet.com

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:11 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H2 200 show-hide-1.0-7dc26ff326-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 2 KB
819 B 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/show-hide-1.0-7dc26ff326-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1957-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f92514f4e39c16da9037f964148a09a79419744b77d611860ffc81c86aeace0a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282741
status: 200
strict-transport-security: max-age=31536000
content-length: 710
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jan 2020 21:57:46 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5e31ffda-7a5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2020 10:13:50 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F170 0
0 34ms
34ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQZmDQ6Is-RHT44Tjg2rSkMbhCUjq07-Jt0-ik_b4yC9rUaHWsRT2iLukzcag8RGfqioMvqXr4NkXjak19BW06f2Dfa2kC0k2RbH9AkO_6FDbZ-f41aeiLsGckpkuPA7fdkCfcM4jqluY5bZiPYrSWInj1Jt_ABZAs3EXsaxd_4jz44Pb-I3t1sIIKgizCuDMG0vtkDeHP_nPz-Vce6fwlzdP2VhcrqJ6IkYwcJSR-i8IZmVqON67Cf7nkcLf_nmAXjQNR4fcm&sai=AMfl-YTlOtYHG7QiXiJ9zlvrYqSKAokuJ0SbFDf1Q_mjTDDZ0uJup_XgqaHvJs1qdNF_-OBeDxqjF_DtFGoJrSK8kIIquMm_GBuEINq6Lu4X&sig=Cg0ArKJSzKRvS7YRmPrzEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Feb 2020 16:46:11 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame F170 72 KB
27 KB 42ms
22ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08cb302a491f30074105f1e227bfa91e66f471877fa52bb20ba76df1efb98523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27723
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame F170 304 KB
101 KB 25ms
25ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 29773b39eab55c400e0525684dee0e6d5d4cdb215072d0fa79e7ea267cc2b565

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 02 Feb 2020 16:46:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 21:00:19 GMT
Server: AmazonS3
x-amz-request-id: B15B02FF82CA4C2E
ETag: "a8702c932f49a0dde7e1ec9bafa8851b"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=54259
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103432
x-amz-id-2: OPCAuiwmHVXHDf09pjKujY3OjKKaxWq7hUh/UdztDX2xYTA0kLbhimRBGVzRIL/GOEeeaG14ryc=

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 32ms
15ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

060cdd9e9505aabff86edab8e74ad408f4f643f81e9287e4bb6126dcf83eb876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28006
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6183 0
0 35ms
34ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzIsCNg7_rQ55caQ5LUi6dcLDueLVvPwvjgy18ivLmaiU5z_JsobZKQlHwR1hpcZmzbSkBJ2Ngz61lJ_76Cg58hgAO6uCw4FMqOYdsFihX4LR1RvZPqQR7dtmN_5AmAXVw3xPOuxUchjvNe61p8XH9_7PWpFTVvOCCIdQ7AAwomjJTbnTltRE7nyhSdyVXu9-ibcz0HivuT5Tb2HZNGTA-D3wfCPP84ujs4vjReOwiJ0gU7Ap8b1QW2-RFt5Iv6WsDAl4&sai=AMfl-YRDqeX3-7rrtbuZ2lxv17DSnFx-xr-1S8741v0TlGcxBy3pI9VShCHPIakgzYhkMqTSph0Pws7KnFdLWan03stFWm9n-mZgZzjfM5lC&sig=Cg0ArKJSzHr2P3862ZvfEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Feb 2020 16:46:11 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H/1.1 200
OK 9818.js Show response
ads.rubiconproject.com/ad/ Frame 6183 29 KB
9 KB 66ms
22ms Script
text/javascript 2.19.38.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/9818.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.38.84 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-38-84.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: 9c3c4cff97345d34610704580b4634771d2ec0f8f7c640e510e3d830e4a4ea0a

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 02 Feb 2020 16:46:11 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=7301
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 8784
Expires: Sun, 02 Feb 2020 18:47:52 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6183 72 KB
28 KB 26ms
15ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08cb302a491f30074105f1e227bfa91e66f471877fa52bb20ba76df1efb98523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27723
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 6183 304 KB
101 KB 66ms
24ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 29773b39eab55c400e0525684dee0e6d5d4cdb215072d0fa79e7ea267cc2b565

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 02 Feb 2020 16:46:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 21:00:19 GMT
Server: AmazonS3
x-amz-request-id: B15B02FF82CA4C2E
ETag: "a8702c932f49a0dde7e1ec9bafa8851b"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=54259
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103432
x-amz-id-2: OPCAuiwmHVXHDf09pjKujY3OjKKaxWq7hUh/UdztDX2xYTA0kLbhimRBGVzRIL/GOEeeaG14ryc=

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B7AC 0
0 34ms
33ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvi0mqnghfPyq3ajY1e2NNi2KzgxWdPd4lOIjrJ_tAaC_7Q9MfMOciUE-ARQ8JzbQoVzA_KASaessp5JN_JemK1cKPti1oqR7IohpEflqbFYmp04iUmgvno3MkxgAt15n8CTReBaeVZwGN-4ymN1LeWX57JKeBQ0WsKar_uCkiB26WTHOUI0U9waFaGflG4erDANRMWsqiQA5rCrkVI6J_nID-B6gjFWueQVJWvRLRyET-ZW7T_GgVGk-zFdz3z1y_OVO8&sai=AMfl-YSZmN_z8QOMdfXJKmjVLYIy0FBP8Pg-KNNg6QQrHJbL_mMwzZwi9dWzypbYTF6CpWHBHLKsh1uz9wAfl1HFCh_HZ-Qsgchub8rmnaRs&sig=Cg0ArKJSzFVIcrntpBnPEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Feb 2020 16:46:11 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H/1.1 200
OK 9818.js Show response
ads.rubiconproject.com/ad/ Frame B7AC 29 KB
9 KB 66ms
21ms Script
text/javascript 2.19.38.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/9818.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.38.84 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-38-84.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: 9c3c4cff97345d34610704580b4634771d2ec0f8f7c640e510e3d830e4a4ea0a

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 02 Feb 2020 16:46:11 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=7301
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 8784
Expires: Sun, 02 Feb 2020 18:47:52 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B7AC 72 KB
27 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08cb302a491f30074105f1e227bfa91e66f471877fa52bb20ba76df1efb98523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27723
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame B7AC 304 KB
101 KB 84ms
40ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 29773b39eab55c400e0525684dee0e6d5d4cdb215072d0fa79e7ea267cc2b565

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 02 Feb 2020 16:46:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 21:00:19 GMT
Server: AmazonS3
x-amz-request-id: B15B02FF82CA4C2E
ETag: "a8702c932f49a0dde7e1ec9bafa8851b"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=54259
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103432
x-amz-id-2: OPCAuiwmHVXHDf09pjKujY3OjKKaxWq7hUh/UdztDX2xYTA0kLbhimRBGVzRIL/GOEeeaG14ryc=

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame EF63 0
0 35ms
35ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8W9-aw_Lwfydm9Qu8tfx2LJzSvzBUYZIdztUw2LChjx8JAZ19YCCBgJo4pDKDNH2rtDA-L5AZY22pEK4-sQEZ-rrk15g_Iz54Zy3VBV9N2KqpuvgVzJ_vc8EgCzVsAM_cEkOZwW0IAnqZZy6yuZulSLiI0DicA1N075B2Ya09qUntlMfj8IIK75Wq4b_ix0w4sYN4T3ACYB0rTW3O0K26FEU8gIqd_YHdLJKmRiZacme4GXplLtKkmZZjQWzepXt76SL375jZ&sai=AMfl-YQiM-PPbdsXndImpoQoaywtIjimtDvRYvfeqQjsN70qBEnCFOb9hg85gCoaaZzMuXdBuZADpR6HRAO6FtSbnwhz0fC3R82Kw1xLt_KG&sig=Cg0ArKJSzLlEk0UB3CifEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Feb 2020 16:46:11 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame EF63 72 KB
27 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08cb302a491f30074105f1e227bfa91e66f471877fa52bb20ba76df1efb98523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27723
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame EF63 304 KB
101 KB 84ms
40ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 29773b39eab55c400e0525684dee0e6d5d4cdb215072d0fa79e7ea267cc2b565

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 02 Feb 2020 16:46:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 21:00:19 GMT
Server: AmazonS3
x-amz-request-id: B15B02FF82CA4C2E
ETag: "a8702c932f49a0dde7e1ec9bafa8851b"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=54259
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103432
x-amz-id-2: OPCAuiwmHVXHDf09pjKujY3OjKKaxWq7hUh/UdztDX2xYTA0kLbhimRBGVzRIL/GOEeeaG14ryc=

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012001251659540/ 20 KB
7 KB 40ms
12ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43869e57b9339b03aecd3da7938097421e238ae9bdfd42a64035cc17c86399e0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 14786
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7150
x-xss-protection: 0
server: sffe
date: Sun, 02 Feb 2020 12:39:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7e98551560828916"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Feb 2021 12:39:45 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012001251659540/ Frame 3C4A 200 KB
55 KB 40ms
13ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

385bf60b00ac86347e623110798bf340dac6a124146c034cf58ff596525f38a3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 14778
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55740
x-xss-protection: 0
server: sffe
date: Sun, 02 Feb 2020 12:39:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "73c5733c238bea88"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Feb 2021 12:39:53 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame 3C4A 15 KB
6 KB 38ms
12ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc0d3b44a4cbe769eca3a48f9470f911bf3f4e65f1650b2eecea7ed2942eada6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 173646
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5593
x-xss-protection: 0
server: sffe
date: Fri, 31 Jan 2020 16:32:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb81b23fc83ce453"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jan 2021 16:32:05 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame 3C4A 91 KB
28 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f825366b29e0c783fd4416f9729fec0e5900cf115de79d2a628fb21d7df7b4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 14793
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28005
x-xss-protection: 0
server: sffe
date: Sun, 02 Feb 2020 12:39:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "72f52e45b57a11ad"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Feb 2021 12:39:38 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame 3C4A 3 KB
1 KB 44ms
18ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e548c1ce78f73067beca7f7e2bb284f7a79a0e537c7ebb48266560290fcfbe66

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 150873
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1396
x-xss-protection: 0
server: sffe
date: Fri, 31 Jan 2020 22:51:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5821fa2b275b35ee"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jan 2021 22:51:38 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame 3C4A 46 KB
15 KB 43ms
17ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cda09677337093b10da14ba0ecbed2ea647ecec1f327ff794a046e3a71083fd4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 173611
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14831
x-xss-protection: 0
server: sffe
date: Fri, 31 Jan 2020 16:32:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "95a2cb227bce10b6"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jan 2021 16:32:40 GMT

GET
DATA 200
OK truncated
/ Frame 3C4A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 440bb2b47f38e8ccd8efa209bc1531f763dec549cb03733cc6182197295c4703

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 19B7 0
0 36ms
34ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulPKS_FthVQk0XboWTruNMwz58Es7_NCqhO5_QMoq8oi7U8JhivzSz4JynqRLXlIRnmgs1s7XLPa0mo_6eo0oksEIbdnZtI9jp0OqbuaZRaorUwlZJE1LG_hSjj41p7RaelwHJ_N_IzQljU5DTLR6AY4lKhIEUv5wfqfc2ChbMRycTHWgiEiFG1x7KWEFNRXuJqbBvBgPlZHKBrFELma4vBoaxo5lAjf--jNZRG6nTTizXKx6nIGDVOXwWQkuex0rOs0o&sai=AMfl-YQfgqw4OP5EZsm8p2eFnPUGUo2VwCOeZ-jcmNhi_pY-MvyOx4Ii1TW5nFTiQEx4UOPTM-baRhEhk29iUYzus_tTvEPq7iln6mobM-PX&sig=Cg0ArKJSzM2p_7wMsPgWEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Feb 2020 16:46:11 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK 9818.js Show response
ads.rubiconproject.com/ad/ Frame 19B7 29 KB
9 KB 53ms
24ms Script
text/javascript 2.19.38.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/9818.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.38.84 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-38-84.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: 9c3c4cff97345d34610704580b4634771d2ec0f8f7c640e510e3d830e4a4ea0a

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 02 Feb 2020 16:46:11 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=7301
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 8784
Expires: Sun, 02 Feb 2020 18:47:52 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 19B7 72 KB
27 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08cb302a491f30074105f1e227bfa91e66f471877fa52bb20ba76df1efb98523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27723
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 19B7 304 KB
101 KB 62ms
38ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 29773b39eab55c400e0525684dee0e6d5d4cdb215072d0fa79e7ea267cc2b565

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 02 Feb 2020 16:46:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 21:00:19 GMT
Server: AmazonS3
x-amz-request-id: B15B02FF82CA4C2E
ETag: "a8702c932f49a0dde7e1ec9bafa8851b"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=54259
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103432
x-amz-id-2: OPCAuiwmHVXHDf09pjKujY3OjKKaxWq7hUh/UdztDX2xYTA0kLbhimRBGVzRIL/GOEeeaG14ryc=

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 827B 0
0 34ms
34ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkoJwyGr_Rop-mDxpbSRcPB9v7F1kTjPeSezNSxPlxAW_JG7LXzZ2gVAiFSUqIiGZyZVBSHLnO5QQBPvZ3LcYr-yvpLoruDrRWYjubE8Op9WrLqze4MQjx0XRH5nVuMQk_GvdZsQ_eJVbO9JyzVT4x1Xe78inxOQ0h2psxIXAaFcw5wJzIf8FtjTcMsghYaBY7qWGwkZaSaj7U0Ah7YyorVhWSSy2yf0K1rWFBr1gOL7Y1KAObU0rzQVmzpavgH79Mx3mDkVCe&sai=AMfl-YSq720nwpQlTIYh-1fVoST58Kpbisyy3A_MX7jOWHyexzOt2I0ICUjWok3U1MD6tEtAKv4JqB9evONRx9QhFTpE5L015eGO6J434gRE&sig=Cg0ArKJSzNuxGX65e5v4EAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Feb 2020 16:46:11 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 827B 72 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08cb302a491f30074105f1e227bfa91e66f471877fa52bb20ba76df1efb98523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27723
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 827B 304 KB
101 KB 51ms
25ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 29773b39eab55c400e0525684dee0e6d5d4cdb215072d0fa79e7ea267cc2b565

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 02 Feb 2020 16:46:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 21:00:19 GMT
Server: AmazonS3
x-amz-request-id: B15B02FF82CA4C2E
ETag: "a8702c932f49a0dde7e1ec9bafa8851b"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=54259
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103432
x-amz-id-2: OPCAuiwmHVXHDf09pjKujY3OjKKaxWq7hUh/UdztDX2xYTA0kLbhimRBGVzRIL/GOEeeaG14ryc=

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C480 0
0 35ms
34ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstE82WVOxhaChyA6Brub22o6pMKE6V7pFs_8uDSHnQc4ubjmqw-WRfHlPRo2Z4ctGQpC1w90EvPMFBzu7agEvZimJHQAkr_9zhV8bOcKykISTOTI8wC_RFwpQhUACTgJAIUXo30rcqoRVVaOmKXCcL9kItscGf_eIT9IswqfX-ZDXpFRfH8uqIW_JJK7zgpB51wKucwRtdE2n1_r9kLnEt2m_rZ6e-R9E_G-t77a0kRhjknTfNxnwy4fcEbncl33wxhA10&sai=AMfl-YQAftXVZbQFCTTKKGRif2GM5ZAwVMMMHqtrBjRzRxHAj1jSS_OFHn484Jh6PaQXJzLPMcj3T31KbqPKpYHCIS9Yn7Vzf8AkG9pk8zV8&sig=Cg0ArKJSzF15Gf-gG9CZEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Feb 2020 16:46:11 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK 9818.js Show response
ads.rubiconproject.com/ad/ Frame C480 29 KB
9 KB 48ms
25ms Script
text/javascript 2.19.38.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/9818.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.38.84 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-38-84.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: 9c3c4cff97345d34610704580b4634771d2ec0f8f7c640e510e3d830e4a4ea0a

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 02 Feb 2020 16:46:11 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=7301
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 8784
Expires: Sun, 02 Feb 2020 18:47:52 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C480 72 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08cb302a491f30074105f1e227bfa91e66f471877fa52bb20ba76df1efb98523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27723
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame C480 304 KB
101 KB 81ms
39ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 29773b39eab55c400e0525684dee0e6d5d4cdb215072d0fa79e7ea267cc2b565

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 02 Feb 2020 16:46:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 21:00:19 GMT
Server: AmazonS3
x-amz-request-id: B15B02FF82CA4C2E
ETag: "a8702c932f49a0dde7e1ec9bafa8851b"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=54259
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103432
x-amz-id-2: OPCAuiwmHVXHDf09pjKujY3OjKKaxWq7hUh/UdztDX2xYTA0kLbhimRBGVzRIL/GOEeeaG14ryc=

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C184 0
0 33ms
33ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyww8qmMi5UWRNR_nviY7rNlnkJy4u0nQkwuFqJ62GZ4d84wkNCbYJlCS5nqyLVDPT_Xmeo2Q2eFWEwz5x2u4oyFzqFMT_LaIcIyLrWc_3q2Fs9kh3al9GKTx3jqqvMakSZOwgclll_V0FMOgReqplipOgLgDHTVmAs0l3N9hJRJxAHdOReNNhMbQsSNx_P_F-i5NyBgJJrluUFdQMEJFMebS3r9Kv_uIQ36Ai2ZXVorLC-ZK9eSaJ4y_HswcQv0nURi7M1sJK&sai=AMfl-YRAOPrClGs5xjjs45vXr9x0BwAE74hZBzbQuaqx_FxNJfa5p6zR33HiI-eNYxxe6Pk_Z-zzc2cHyFTwZoCBK5ffmMkSwynjO_6A2vL0&sig=Cg0ArKJSzBjtaUlt9dkXEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Feb 2020 16:46:11 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK adKit.min.js Show response
rev.cbsi.com/common/js/ Frame C184 6 KB
2 KB 188ms
20ms Script
application/x-javascript 95.101.193.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rev.cbsi.com/common/js/adKit.min.js?1310244804
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.193.124 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-193-124.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2bf78db102c9d6e84c8e86cd2bd6134383688ae866a991028728b62f482358ab

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 02 Feb 2020 16:46:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 May 2019 18:29:20 GMT
Server: AkamaiNetStorage
ETag: "e524dc608d5c7c30eef57b6ed95dc6a8:1557772160"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2149

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C184 72 KB
27 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08cb302a491f30074105f1e227bfa91e66f471877fa52bb20ba76df1efb98523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27723
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame C184 304 KB
101 KB 86ms
44ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 29773b39eab55c400e0525684dee0e6d5d4cdb215072d0fa79e7ea267cc2b565

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 02 Feb 2020 16:46:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 21:00:19 GMT
Server: AmazonS3
x-amz-request-id: B15B02FF82CA4C2E
ETag: "a8702c932f49a0dde7e1ec9bafa8851b"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=54259
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103432
x-amz-id-2: OPCAuiwmHVXHDf09pjKujY3OjKKaxWq7hUh/UdztDX2xYTA0kLbhimRBGVzRIL/GOEeeaG14ryc=

GET
H2 200 643320211519523817
tpc.googlesyndication.com/simgad/ Frame 3C4A 33 KB
33 KB 9ms
8ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/643320211519523817?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qknSYLuDP0NGPgopj6jllc4n48ONA

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf68490f4470cd1d7bf9e914cda7e5f550fa8e8f18ca152f9a25538af762fe49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 22:40:02 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Dec 2019 09:29:04 GMT
server: sffe
age: 842769
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 33315
x-xss-protection: 0
expires: Fri, 22 Jan 2021 22:40:02 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3C4A 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sat, 01 Feb 2020 23:33:42 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 61949
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sun, 02 Feb 2020 23:33:42 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3C4A 295 B
401 B 8ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sat, 01 Feb 2020 21:53:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 67970
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 02 Feb 2020 21:53:21 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3C4A 0
0 35ms
34ms Image
text/html 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CRzrJ0vw2XviOPJX83gP_3KWYBb_SqcNb_OimsvAKne-Z3tQYEAEgzJGuImC56L6A1AGgAYbX170DyAECqQI4e3jXPpyyPuACAKgDAcgDCKoElAJP0PTYCLcpnSqnl13F3xrDVJXKC0CmR7zlSl8pRGMGTm-ayVVwK5KWLUwhVrNt0Mbk0AryxyJiEyjfO29wWk9iubzTpjDZfi2eyphOjOtdvDDD_eSBUlKJM1ALa3izynTFeqylW6uqMaaWTAE00cYz1nFyXM7J7jbXtmw9Iu97gCsyX50g6f8CkysjTrVJ-X4zZkZWEd1y-OSOciIktTUSpMxK_THJEUpTvuWX-k9PrzhmQohIs8bqfwUjqBtQsCfrP0yVfojonIPk1ZoxP6MYnc1_7AuCdJFrMibhB791xz-3zvxvw2AudJSsXSNF0S4Wq0NFBTgQNTHgOPqUGJVJmTzQcak5Ptl0iqGWH8Pww1GDOunABPrS_ODXAuAEAZIFBAgEGAGSBQQIBRgEoAYCgAfiqKhCqAeOzhuoB9XJG6gHk9gbqAe6BqgH8tkbqAemvhuoB-zVG9gHAfIHBBC-_wrSCAkIgOGAcBABGB2ACgPICwHYEw0&sigh=DAvxJynOOrs&tpd=AGWhJmsZADWMCPCKZ4vp3Ky6EKGNyRfYftQmSr6cr6Wcl0k74g
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s24-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET
H2 200 n.js Show response
geo.moatads.com/ 97 B
270 B 159ms
33ms Script
text/html 3.9.36.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRax%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGE%3Dh%2CqkG%24xt!9rmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soBggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1580661971646&de=803088525025&m=0&ar=a7a25cc1c32-clean&iw=c699ca9&q=2&cb=0&ym=0&cu=1580661971646&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745974454%3A138239360627&zMoatPS=nav&zMoatPT=article&zMoatW=7&zMoatH=7&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=7x7&zMoatSZPS=7x7%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=176572&na=1394194840&cs=0&callback=DOMlessLLDcallback_79753351
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.36.140 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-36-140.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 14c7ac41b04134472bac3befb13a91f561bf0bb036623b7e301a1088bc70814f

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:11 GMT
server: TornadoServer/4.5.3
etag: "1686b0514794ee8b3a0e061c2ef5db417c6cf82f"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=900
timing-allow-origin: *
content-length: 97

GET
H2 200 n.js Show response
geo.moatads.com/ 99 B
273 B 174ms
49ms Script
text/html 3.9.36.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRax%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGE%3Dh%2CqkG%24xt!9rmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soBggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1580661971646&de=803088525025&m=0&ar=a7a25cc1c32-clean&iw=c699ca9&q=3&cb=0&ym=0&cu=1580661971646&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745974454%3A138239360627&zMoatPS=nav&zMoatPT=article&zMoatW=7&zMoatH=7&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=7x7&zMoatSZPS=7x7%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=176572&na=870682969&cs=0&callback=MoatDataJsonpRequest_79753351
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.36.140 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-36-140.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: a297c2012a5551b345c91c7a54956db9117646f429c33c68a17d8d624f854086

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:11 GMT
server: TornadoServer/4.5.3
etag: "b675960a9ee6808165ef84d66c7d9f9f90a4f095"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=900
timing-allow-origin: *
content-length: 99

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 76ms
25ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1580661971646&de=803088525025&m=0&ar=a7a25cc1c32-clean&iw=c699ca9&q=4&cb=0&ym=0&cu=1580661971646&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745974454%3A138239360627&zMoatPS=nav&zMoatPT=article&zMoatW=7&zMoatH=7&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=7x7&zMoatSZPS=7x7%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=176572&na=631302713&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:11 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H/1.1 200
OK 283812-2.js Show response
optimized-by.rubiconproject.com/a/9818/59604/ Frame 6183 2 KB
1 KB 195ms
103ms Script
text/javascript 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/9818/59604/283812-2.js?&cb=0.20802681109868826&tk_st=1&rf=https%3A//www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=59604_2&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/9818.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 98355fec3e55c17b6d1b4bca3207fc9f41291d97ab760f570c6c7b5baf1a3db7

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:11 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=147
Content-Length: 915
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK 283812-15.js Show response
optimized-by.rubiconproject.com/a/9818/59604/ Frame B7AC 2 KB
1 KB 249ms
153ms Script
text/javascript 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/9818/59604/283812-15.js?&cb=0.13976147390717952&tk_st=1&rf=https%3A//www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=59604_15&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/9818.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 3d9b3b58b8f6c0bda9432d03a5d6b95da39d5bb05b55b47dd281b3f637f0c9f9

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:11 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=10
Content-Length: 1067
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK 283812-15.js Show response
optimized-by.rubiconproject.com/a/9818/59604/ Frame 19B7 2 KB
1 KB 255ms
163ms Script
text/javascript 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/9818/59604/283812-15.js?&cb=0.7106730061317745&tk_st=1&rf=https%3A//www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=59604_15&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/9818.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: f59e3ec4da38bc4c12680811e9741bb91aecd62e79fcc795c461dc75d0c3986b

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:11 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=149
Content-Length: 918
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK 283812-2.js Show response
optimized-by.rubiconproject.com/a/9818/59604/ Frame C480 146 B
534 B 210ms
115ms Script
text/javascript 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/9818/59604/283812-2.js?&cb=0.6112274791961332&tk_st=1&rf=https%3A//www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=59604_2&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/9818.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: f6914cddfb8fcc3e7d99864e104ebdb47934a357ef08d90f9e0acdf48433d6c9

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:11 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=438
Content-Length: 146
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 3C4A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

41ms
39ms

Image
text/html

2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Redirect headers

date: Sun, 02 Feb 2020 16:46:11 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame C184 53 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: rev.cbsi.com
URL: https://rev.cbsi.com/common/js/adKit.min.js?1310244804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

554f51b62b5284f614efc5e3621dbf116d73b08690524ffa70aa3f6bd209bb45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "416 / 744 of 1000 / last-modified: 1580409148"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16245
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 25ms
24ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1580661971796&de=850714497390&m=0&ar=a7a25cc1c32-clean&iw=c699ca9&q=9&cb=0&ym=0&cu=1580661971796&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745327422%3A138239368367&zMoatPS=top&zMoatPT=article&zMoatW=641&zMoatH=321&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=641x321&zMoatSZPS=641x321%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=176572&na=404397090&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:11 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame C184 109 B
778 B 41ms
21ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C184 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020012701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C184 167 KB
61 KB 31ms
31ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

d1c7f856b2634d01853b4e1496651fb5a7cd9c95ad90f6dfc8959e415268c240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jan 2020 14:06:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62184
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H2 200 643320211519523817
tpc.googlesyndication.com/simgad/ Frame 3C4A 33 KB
33 KB 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/643320211519523817?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qknSYLuDP0NGPgopj6jllc4n48ONA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf68490f4470cd1d7bf9e914cda7e5f550fa8e8f18ca152f9a25538af762fe49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 22:40:02 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Dec 2019 09:29:04 GMT
server: sffe
age: 842769
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 33315
x-xss-protection: 0
expires: Fri, 22 Jan 2021 22:40:02 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3C4A 2 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sat, 01 Feb 2020 23:33:42 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 61949
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sun, 02 Feb 2020 23:33:42 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3C4A 295 B
355 B 7ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sat, 01 Feb 2020 21:53:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 67970
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 02 Feb 2020 21:53:21 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 30ms
29ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1580661971805&de=596553815726&m=0&ar=a7a25cc1c32-clean&iw=c699ca9&q=14&cb=0&ym=0&cu=1580661971805&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745189935%3A138239344472&zMoatPS=top&zMoatPT=article&zMoatW=11&zMoatH=11&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=11x11&zMoatSZPS=11x11%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=176572&na=1539098740&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:11 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 6183 79 KB
29 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: optimized-by.rubiconproject.com
URL: https://optimized-by.rubiconproject.com/a/9818/59604/283812-2.js?&cb=0.20802681109868826&tk_st=1&rf=https%3A//www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=59604_2&rp_secure=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40dc40a98679b3773c07c59efa01664e9b7d2fb1dc7e413e31532518bbd481e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29245
x-xss-protection: 0
server: cafe
etag: 7925124043931200393
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H/1.1 200
OK a670350c-d239-428f-9332-1c307d793eca
beacon-eu2.rubiconproject.com/beacon/d/ Frame 6183 43 B
268 B 127ms
38ms Image
image/webp 69.173.144.153
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon-eu2.rubiconproject.com/beacon/d/a670350c-d239-428f-9332-1c307d793eca?oo=51&accountId=9818&siteId=59604&zoneId=283812&sizeId=2&e=6A1E40E384DA563BE66ABBE9BFE009AF5BE58ACBBCF5E2E3C7407F0154D44E512EDC9A91F7AD8F84DBFC20F60B5A1CE6172DB22D3B21A9B5A1C9A9DCDCE83F8CA19B21E41228B52C3A7D0F4B29A162671C45189F33B502F0956270D897C40F9B96B8F425CDA5648290E385F9572B9DD5BB4F33CDE214CF90
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.153 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:11 GMT
Cache-Control: private, max-age=0, no-cache
Expires: 01 Jan 1970 10:00:00 GMT
Server: Rubicon Project
Content-Length: 43
Content-Type: image/webp

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 25ms
25ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1580661971872&de=871452904568&m=0&ar=a7a25cc1c32-clean&iw=c699ca9&q=19&cb=0&ym=0&cu=1580661971872&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4825966980%3A138247024569&zMoatPS=top&zMoatPT=article&zMoatW=371&zMoatH=771&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=371x771&zMoatSZPS=371x771%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=176572&na=1650334587&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:11 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C184 30 KB
7 KB 93ms
93ms XHR
text/plain 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2929004088839290&correlator=2132602170033651&output=ldjh&impl=fifs&adsid=NT&eid=21062833%2C21062889%2C21065202%2C21065392&vrg=2020012701&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200202&iu_parts=8264%2Cuk-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=372x142%2C372x142&prev_scp=env%3Dprod%26session%3Dh%26subses%3D2%26ptype%3Darticle%26vguid%3D31dc7330-59cb-4366-80df-116f0d0a5cd2%7Cenv%3Dprod%26session%3Dh%26subses%3D2%26ptype%3Darticle%26vguid%3D31dc7330-59cb-4366-80df-116f0d0a5cd2&cookie=ID%3D380c90459ca23df0%3AT%3D1580661970%3AS%3DALNI_Man1R9g_1_aReZ3ebLVXbxk98qCmw&cdm=www.zdnet.com&bc=31&abxe=1&lmt=1580661971&dt=1580661971962&dlt=1580661971607&idt=343&frm=23&biw=1585&bih=1200&isw=371&ish=771&oid=3&adxs=-12245933%2C-12245933&adys=-12245933%2C-12245933&adks=3261246841%2C3261246840&ucis=23nbpm4kuzow%7Crbkdevprcgx3&ifi=1&ifk=3571964195&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&top=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&dssz=15&icsg=10888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0%7C0x0&msz=0x0%7C0x0&ga_vid=1202904828.1580661972&ga_sid=1580661972&ga_hid=1382973143&fws=256%2C256&ohw=0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

1f02b60e50cc4dcf86b7ac6db07106e0a7ec1e87255c1e2038575f055f9bb52e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Origin: https://www.zdnet.com

Response headers

date: Sun, 02 Feb 2020 16:46:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7287
x-xss-protection: 0
google-lineitem-id: 4746066197,4746066197
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138239479696,138239375180
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020012701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C184 66 KB
24 KB 32ms
32ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

42473182b7be1e9059b11448b00e33e0197994dd8e542fb7b58706408e02f2b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jan 2020 14:06:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24916
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame C184 0
0 6ms
5ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 6183 109 B
171 B 17ms
17ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6183 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200129/r20190131/ Frame 6183 221 KB
83 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200129/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a12d42a2e38abf1c9fc6e2ee1478a0efc50d1881c88c156d90a0e711ead610f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84598
x-xss-protection: 0
server: cafe
etag: 3851552657224823009
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Feb 2020 16:46:11 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200129/r20190131/ Frame 1A3B 0
0 10ms
10ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200129/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200129/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmekLW2n1SKuENMzGd_IsOc7nGw7vMxmlmYjD8pVDsvikOwm74M5JKKeDwd; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 30 Jan 2020 01:41:19 GMT
expires: Thu, 13 Feb 2020 01:41:19 GMT
content-type: text/html; charset=UTF-8
etag: 4350393549794053402
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6578
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 313492
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame B648 0
0 78ms
29ms Document
text/html 23.37.55.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=be
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-55-184.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Fri, 31 Jan 2020 17:16:13 GMT
Content-Encoding: gzip
Content-Length: 7777
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=11575
Expires: Sun, 02 Feb 2020 19:59:07 GMT
Date: Sun, 02 Feb 2020 16:46:12 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 6183 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3ce011978786a231f13e2faae55c7bc3f8fa3578a8014e85fe0ab8f48f93b7c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 24ms
24ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1580661971996&de=738460208020&m=0&ar=a7a25cc1c32-clean&iw=c699ca9&q=23&cb=0&ym=0&cu=1580661971996&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25299489%3A251370729%3A241984809%3A138271463474&zMoatPS=top&zMoatPT=article&zMoatW=728&zMoatH=90&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatSZPS=728x90%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=176572&na=1253912880&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 75ms
18ms Image
image/gif 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=3&fi=1&apd=6&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=241984809&L4id=138271463474&S1id=23605329&S2id=23619609&ord=1580661971996&r=738460208020&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatPS=top&zMoatPT=article&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 75ms
19ms Image
image/gif 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=3&fi=1&apd=6&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=241984809&L4id=138271463474&S1id=23605329&S2id=23619609&ord=1580661971996&r=738460208020&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatPS=top&zMoatPT=article&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 75ms
19ms Image
image/gif 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=3&fi=1&apd=6&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=241984809&L4id=138271463474&S1id=23605329&S2id=23619609&ord=1580661971996&r=738460208020&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatPS=top&zMoatPT=article&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK 1x1.png
secure-assets.rubiconproject.com/static/psa/blank/ Frame C480 156 B
484 B 72ms
25ms Image
image/png 2.19.38.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-assets.rubiconproject.com/static/psa/blank/1x1.png
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.38.84 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-38-84.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 02 Feb 2020 16:46:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Oct 2019 16:53:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155

GET
DATA 200
OK truncated
/ Frame C480 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cbd293135cc41aaf6add3a4e1952582750a505f8a75af7488e67791ae23581a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 57ms
19ms Image
image/gif 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=2&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=138271463540&S1id=23605329&S2id=23619609&ord=1580661972031&r=642541693027&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatPS=bottom&zMoatPT=article&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 57ms
19ms Image
image/gif 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=2&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=138271463540&S1id=23605329&S2id=23619609&ord=1580661972031&r=642541693027&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatPS=bottom&zMoatPT=article&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame B7AC 79 KB
29 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: optimized-by.rubiconproject.com
URL: https://optimized-by.rubiconproject.com/a/9818/59604/283812-15.js?&cb=0.13976147390717952&tk_st=1&rf=https%3A//www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=59604_15&rp_secure=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40dc40a98679b3773c07c59efa01664e9b7d2fb1dc7e413e31532518bbd481e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29245
x-xss-protection: 0
server: cafe
etag: 7925124043931200393
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK 3502fc62-99f2-49b7-ab8f-f35846d1c66b
beacon-eu2.rubiconproject.com/beacon/d/ Frame B7AC 43 B
268 B 53ms
38ms Image
image/webp 69.173.144.153
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon-eu2.rubiconproject.com/beacon/d/3502fc62-99f2-49b7-ab8f-f35846d1c66b?oo=51&accountId=9818&siteId=59604&zoneId=283812&sizeId=15&e=6A1E40E384DA563BC558E17CE082B9C6D0502C7C01A6698913C79E7CDE4F344AEC22CAE64D9C69146EF02D7CB0AE17F5E4A9AFA6E089EF8420988F42E6A7164CECFD0097416F4F913570ECD3831C9446AC237D6FA0EBFC9A6240B348FC26EBCFEB2496EFCC5E65F183009FDB9DE7981633F8630F2FDB6069
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.153 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:11 GMT
Cache-Control: private, max-age=0, no-cache
Expires: 01 Jan 1970 10:00:00 GMT
Server: Rubicon Project
Content-Length: 43
Content-Type: image/webp

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3CA6 0
0 334ms
334ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1991679624331369&output=html&h=90&slotname=3084619100&adk=2606246846&adf=52413248&w=728&npa=1&guci=1.2.0.0.2.1.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1580661971975&bpp=16&bdt=424&fdt=78&idt=78&shv=r20200129&cbv=r20190131&ptt=5&saldr=sa&correlator=5517231888475&frm=23&ife=4&pv=2&ga_vid=136830378.1580661972&ga_sid=1580661972&ga_hid=32217454&ga_fc=0&iag=3&icsg=43368&nhd=1&dssz=18&mdo=0&mso=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=333&biw=1585&bih=1200&isw=728&ish=90&ifk=2673482249&scr_x=0&scr_y=0&eid=21065381&oid=3&pvsid=2977271144772024&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.w82c76tcxhhd&fsb=1&dtd=88

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200129/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1991679624331369&output=html&h=90&slotname=3084619100&adk=2606246846&adf=52413248&w=728&npa=1&guci=1.2.0.0.2.1.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1580661971975&bpp=16&bdt=424&fdt=78&idt=78&shv=r20200129&cbv=r20190131&ptt=5&saldr=sa&correlator=5517231888475&frm=23&ife=4&pv=2&ga_vid=136830378.1580661972&ga_sid=1580661972&ga_hid=32217454&ga_fc=0&iag=3&icsg=43368&nhd=1&dssz=18&mdo=0&mso=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=333&biw=1585&bih=1200&isw=728&ish=90&ifk=2673482249&scr_x=0&scr_y=0&eid=21065381&oid=3&pvsid=2977271144772024&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.w82c76tcxhhd&fsb=1&dtd=88
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmekLW2n1SKuENMzGd_IsOc7nGw7vMxmlmYjD8pVDsvikOwm74M5JKKeDwd; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 02 Feb 2020 16:46:12 GMT
server: cafe
content-length: 17151
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6183 74 KB
27 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200129/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

060cdd9e9505aabff86edab8e74ad408f4f643f81e9287e4bb6126dcf83eb876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28006
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 25ms
25ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=9&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fbeacon-eu2.rubiconproject.com%2Fbeacon%2Fd%2Fa670350c-d239-428f-9332-1c307d793eca&i=CBSDFPCW2&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRax%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGE%3Dh%2CqkG%24xt!9rmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soBggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&f=0&j=&t=1580661971996&de=738460208020&cu=1580661971996&m=18&ar=a7a25cc1c32-clean&iw=c699ca9&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4437&le=1&lf=0&lg=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&as=0&ag=3&an=0&gf=3&gg=0&ix=3&ic=3&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=3&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6&cd=0&ah=6&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25299489%3A251370729%3A241984809%3A138271463474&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=top&zMoatSZPS=728x90%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=728&zMoatH=90&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatSlotId=leader-plus-top&zMoatMMV_MAX=na&zMoatDfpSlotId=leader-plus-top-5e36f3d10a9ff&hv=DOMSEARCH&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=176572&na=761880088&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4F86 0
0 38ms
38ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFLttXGYwsJeulNIsJWVLFjYkjOCWd7hhKo86ZlzSFWBE6djKwlu58AFwLfv35PF9P_1mRvfKfQ5B0d2umQX4qgmt7PWl8Mgupd34njqSFSR0KtPzRKcApya2WLcGUrQbclCpe613nvbHjzx5oAvKq5CJrT9C16yR-VGPLkP-5tg7fApGiOi9H07RlCClm9UFKAVJvV94SbypHuboFUyUGfSC194Fsucy2KUW1AxQ0B77POXqy_a2S8hZX6MdyUO7Izf3wqys1&sig=Cg0ArKJSzITVoeE__px8EAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Feb 2020 16:46:12 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F86 72 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08cb302a491f30074105f1e227bfa91e66f471877fa52bb20ba76df1efb98523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27723
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 4F86 304 KB
101 KB 27ms
27ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 29773b39eab55c400e0525684dee0e6d5d4cdb215072d0fa79e7ea267cc2b565

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 02 Feb 2020 16:46:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 21:00:19 GMT
Server: AmazonS3
x-amz-request-id: B15B02FF82CA4C2E
ETag: "a8702c932f49a0dde7e1ec9bafa8851b"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=54258
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103432
x-amz-id-2: OPCAuiwmHVXHDf09pjKujY3OjKKaxWq7hUh/UdztDX2xYTA0kLbhimRBGVzRIL/GOEeeaG14ryc=

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame C184 74 KB
27 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

060cdd9e9505aabff86edab8e74ad408f4f643f81e9287e4bb6126dcf83eb876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28006
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame DCC8 0
0 34ms
34ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxsDRux6mqCkCSC7kLhnW8rboeSTUYvX5zJMjwoIobgkeCZxtx8NYi6rdCk142UKhnUeEho-JD2Oqh-YSiHctNZCBy6WB5s7YUHBbKezPHJ-5owC1nl_crdrFulRLSSak_p94NSyNpDjJNMYQYfSsAynqeP4Nxtu0URCiJhaA19QN2r7_ek0-P1P3cmvRMqQU-1UsRKRFBMMeufw92tvgZU3pk5zI4Nr7-I2wCFIk6diL1QfGlodUFDZUgSCKMCg8jOYhp5lFs&sig=Cg0ArKJSzAgH16LNxXD7EAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Feb 2020 16:46:12 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame DCC8 72 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08cb302a491f30074105f1e227bfa91e66f471877fa52bb20ba76df1efb98523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27723
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame DCC8 304 KB
101 KB 27ms
27ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 29773b39eab55c400e0525684dee0e6d5d4cdb215072d0fa79e7ea267cc2b565

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 02 Feb 2020 16:46:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 21:00:19 GMT
Server: AmazonS3
x-amz-request-id: B15B02FF82CA4C2E
ETag: "a8702c932f49a0dde7e1ec9bafa8851b"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=54258
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103432
x-amz-id-2: OPCAuiwmHVXHDf09pjKujY3OjKKaxWq7hUh/UdztDX2xYTA0kLbhimRBGVzRIL/GOEeeaG14ryc=

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 19B7 79 KB
29 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: optimized-by.rubiconproject.com
URL: https://optimized-by.rubiconproject.com/a/9818/59604/283812-15.js?&cb=0.7106730061317745&tk_st=1&rf=https%3A//www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=59604_15&rp_secure=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40dc40a98679b3773c07c59efa01664e9b7d2fb1dc7e413e31532518bbd481e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29245
x-xss-protection: 0
server: cafe
etag: 7925124043931200393
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK 244993ec-8b0c-4295-9698-d21f8de312cf
beacon-eu2.rubiconproject.com/beacon/d/ Frame 19B7 43 B
268 B 38ms
38ms Image
image/webp 69.173.144.153
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon-eu2.rubiconproject.com/beacon/d/244993ec-8b0c-4295-9698-d21f8de312cf?oo=51&accountId=9818&siteId=59604&zoneId=283812&sizeId=15&e=6A1E40E384DA563BBFA88EE34ED4DEC2E7D53498EAB479EC4715DBAB1D5AEB0731F16055397C840C5148CECA363ECEB7172DB22D3B21A9B5FDD2F7FF4A612526ECFD0097416F4F913570ECD3831C9446AC237D6FA0EBFC9A6240B348FC26EBCFEB2496EFCC5E65F183009FDB9DE7981633F8630F2FDB6069
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.153 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:11 GMT
Cache-Control: private, max-age=0, no-cache
Expires: 01 Jan 1970 10:00:00 GMT
Server: Rubicon Project
Content-Length: 43
Content-Type: image/webp

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame B7AC 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B7AC 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200129/r20190131/ Frame B7AC 221 KB
83 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200129/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a12d42a2e38abf1c9fc6e2ee1478a0efc50d1881c88c156d90a0e711ead610f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84598
x-xss-protection: 0
server: cafe
etag: 3851552657224823009
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK analytics.js Show response
s.update.rubiconproject.com/2/873648/ Frame B7AC 0
75 B 246ms
42ms Script
text/plain 18.203.131.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/873648/analytics.js?si=59604&di=www.zdnet.com&ap=&dm=15&pi=283812&ti=3502fc62-99f2-49b7-ab8f-f35846d1c66b&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&dt=8736481428691810142000
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 02 Feb 2020 16:46:11 GMT
Content-Length: 0

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 24C1 0
0 42ms
42ms Document
text/html 23.37.55.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=be
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-55-184.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Fri, 31 Jan 2020 17:16:13 GMT
Content-Encoding: gzip
Content-Length: 7777
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=11575
Expires: Sun, 02 Feb 2020 19:59:07 GMT
Date: Sun, 02 Feb 2020 16:46:12 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame B7AC 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfdaf3ae7b9d75de212f8a6d9a806d861a1d784be7468bde14ff52fa021ba1af

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 19ms
19ms Image
image/gif 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=2&fi=1&apd=3&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=241984809&L4id=138271449720&S1id=23605329&S2id=23619609&ord=1580661972119&r=426574927648&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatPS=top&zMoatPT=article&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 21ms
21ms Image
image/gif 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=2&fi=1&apd=3&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=241984809&L4id=138271449720&S1id=23605329&S2id=23619609&ord=1580661972119&r=426574927648&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatPS=top&zMoatPT=article&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 19ms
19ms Image
image/gif 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=2&fi=1&apd=3&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=241984809&L4id=138271449720&S1id=23605329&S2id=23619609&ord=1580661972119&r=426574927648&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatPS=top&zMoatPT=article&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 27ms
26ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1580661972031&de=642541693027&m=0&ar=a7a25cc1c32-clean&iw=c699ca9&q=27&cb=0&ym=0&cu=1580661972031&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25299489%3A251370729%3A253246569%3A138271463540&zMoatPS=bottom&zMoatPT=article&zMoatW=728&zMoatH=90&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&bo=23605329&bp=23619609&bd=bottom&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatSZPS=728x90%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=176572&na=1569687580&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 19B7 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 19B7 109 B
171 B 17ms
17ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200129/r20190131/ Frame 19B7 221 KB
83 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200129/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a12d42a2e38abf1c9fc6e2ee1478a0efc50d1881c88c156d90a0e711ead610f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84598
x-xss-protection: 0
server: cafe
etag: 3851552657224823009
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 306B 0
0 29ms
29ms Document
text/html 23.37.55.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=be
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-55-184.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Fri, 31 Jan 2020 17:16:13 GMT
Content-Encoding: gzip
Content-Length: 7777
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=11575
Expires: Sun, 02 Feb 2020 19:59:07 GMT
Date: Sun, 02 Feb 2020 16:46:12 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 19B7 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5668441afad86b8d118d14615e4d3819836163639e0241234203edbdabc0165f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 19ms
19ms Image
image/gif 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=3&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=138271463546&S1id=23605329&S2id=23619609&ord=1580661972187&r=391992722902&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatPS=bottom&zMoatPT=article&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 19ms
19ms Image
image/gif 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=3&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=138271463546&S1id=23605329&S2id=23619609&ord=1580661972187&r=391992722902&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatPS=bottom&zMoatPT=article&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 21ms
21ms Image
image/gif 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=228&fi=1&apd=231&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=241984809&L4id=138271463474&S1id=23605329&S2id=23619609&ord=1580661971996&r=738460208020&t=hdn&os=1&fi2=0&div1=0&ait=113&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatPS=top&zMoatPT=article&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2C60 0
0 368ms
368ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1991679624331369&output=html&h=250&slotname=8385808081&adk=418362401&adf=52413249&w=300&npa=1&guci=1.2.0.0.2.1.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1580661972107&bpp=6&bdt=548&fdt=146&idt=146&shv=r20200129&cbv=r20190131&ptt=5&saldr=sa&correlator=5517231888475&frm=23&ife=4&pv=1&ga_vid=676941768.1580661972&ga_sid=1580661972&ga_hid=714&ga_fc=0&iag=3&icsg=173464&nhd=1&dssz=20&mdo=0&mso=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1043&ady=453&biw=1585&bih=1200&isw=300&ish=250&ifk=1726391744&scr_x=0&scr_y=0&eid=21065382&oid=3&pvsid=1461875398806229&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.x2wg59gaeb53&fsb=1&dtd=151

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200129/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1991679624331369&output=html&h=250&slotname=8385808081&adk=418362401&adf=52413249&w=300&npa=1&guci=1.2.0.0.2.1.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1580661972107&bpp=6&bdt=548&fdt=146&idt=146&shv=r20200129&cbv=r20190131&ptt=5&saldr=sa&correlator=5517231888475&frm=23&ife=4&pv=1&ga_vid=676941768.1580661972&ga_sid=1580661972&ga_hid=714&ga_fc=0&iag=3&icsg=173464&nhd=1&dssz=20&mdo=0&mso=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1043&ady=453&biw=1585&bih=1200&isw=300&ish=250&ifk=1726391744&scr_x=0&scr_y=0&eid=21065382&oid=3&pvsid=1461875398806229&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.x2wg59gaeb53&fsb=1&dtd=151
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmekLW2n1SKuENMzGd_IsOc7nGw7vMxmlmYjD8pVDsvikOwm74M5JKKeDwd; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 02 Feb 2020 16:46:12 GMT
server: cafe
content-length: 21622
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B7AC 74 KB
27 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200129/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

060cdd9e9505aabff86edab8e74ad408f4f643f81e9287e4bb6126dcf83eb876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28006
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 26ms
26ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=9&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Fstatic%2Fpsa%2Fblank%2F1x1.png&i=CBSDFPCW2&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRax%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGE%3Dh%2CqkG%24xt!9rmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soBggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&f=0&j=&t=1580661972031&de=642541693027&cu=1580661972031&m=7&ar=a7a25cc1c32-clean&iw=c699ca9&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4437&le=1&lf=0&lg=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=0&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2&cd=0&ah=2&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25299489%3A251370729%3A253246569%3A138271463540&bo=23605329&bp=23619609&bd=bottom&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=bottom&zMoatSZPS=728x90%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=728&zMoatH=90&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatSlotId=leader-plus-bottom&zMoatMMV_MAX=na&zMoatDfpSlotId=leader-plus-bottom-5e36f3d10a9ff&hv=DOMSEARCH&ab=3&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-bottom&iq=na&tt=na&tu=&tp=&tc=0&fs=176572&na=431126767&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 19ms
18ms Image
image/gif 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=228&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=138271463540&S1id=23605329&S2id=23619609&ord=1580661972031&r=642541693027&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatPS=bottom&zMoatPT=article&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 05FA 0
0 360ms
359ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1991679624331369&output=html&h=250&slotname=8385808081&adk=418362401&adf=52413252&w=300&npa=1&guci=1.2.0.0.2.1.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1580661972174&bpp=7&bdt=583&fdt=103&idt=103&shv=r20200129&cbv=r20190131&ptt=5&saldr=sa&correlator=5517231888475&frm=23&ife=4&pv=1&ga_vid=2096097787.1580661972&ga_sid=1580661972&ga_hid=98193436&ga_fc=0&iag=3&icsg=43368&nhd=1&dssz=18&mdo=0&mso=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1043&ady=2662&biw=1585&bih=1200&isw=300&ish=250&ifk=840981435&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=4152916090815303&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.fr7v6exubm1m&btvi=1&fsb=1&dtd=107

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200129/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1991679624331369&output=html&h=250&slotname=8385808081&adk=418362401&adf=52413252&w=300&npa=1&guci=1.2.0.0.2.1.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1580661972174&bpp=7&bdt=583&fdt=103&idt=103&shv=r20200129&cbv=r20190131&ptt=5&saldr=sa&correlator=5517231888475&frm=23&ife=4&pv=1&ga_vid=2096097787.1580661972&ga_sid=1580661972&ga_hid=98193436&ga_fc=0&iag=3&icsg=43368&nhd=1&dssz=18&mdo=0&mso=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1043&ady=2662&biw=1585&bih=1200&isw=300&ish=250&ifk=840981435&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=4152916090815303&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.fr7v6exubm1m&btvi=1&fsb=1&dtd=107
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmekLW2n1SKuENMzGd_IsOc7nGw7vMxmlmYjD8pVDsvikOwm74M5JKKeDwd; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 02 Feb 2020 16:46:12 GMT
server: cafe
content-length: 25015
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 19B7 74 KB
27 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200129/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

060cdd9e9505aabff86edab8e74ad408f4f643f81e9287e4bb6126dcf83eb876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28006
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 29ms
29ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1580661972119&de=426574927648&m=0&ar=a7a25cc1c32-clean&iw=c699ca9&q=31&cb=0&ym=0&cu=1580661972119&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25299489%3A251370729%3A241984809%3A138271449720&zMoatPS=top&zMoatPT=article&zMoatW=300&zMoatH=250&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=176572&na=571209687&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 22ms
22ms Image
image/gif 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=197&fi=1&apd=198&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=241984809&L4id=138271449720&S1id=23605329&S2id=23619609&ord=1580661972119&r=426574927648&t=hdn&os=1&fi2=0&div1=0&ait=98&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatPS=top&zMoatPT=article&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 28ms
28ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=9&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fbeacon-eu2.rubiconproject.com%2Fbeacon%2Fd%2F3502fc62-99f2-49b7-ab8f-f35846d1c66b&i=CBSDFPCW2&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRax%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGE%3Dh%2CqkG%24xt!9rmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soBggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&f=0&j=&t=1580661972119&de=426574927648&cu=1580661972119&m=10&ar=a7a25cc1c32-clean&iw=c699ca9&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4437&le=1&lf=0&lg=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&as=0&ag=2&an=0&gf=2&gg=0&ix=2&ic=2&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=2&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25299489%3A251370729%3A241984809%3A138271449720&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=300&zMoatH=250&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatSlotId=mpu-plus-top&zMoatMMV_MAX=na&zMoatDfpSlotId=mpu-plus-top-5e36f3d10a9ff&hv=DOMSEARCH&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=mpu-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=176572&na=49855332&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 28ms
28ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1580661972187&de=391992722902&m=0&ar=a7a25cc1c32-clean&iw=c699ca9&q=35&cb=0&ym=0&cu=1580661972187&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25299489%3A251370729%3A253246569%3A138271463546&zMoatPS=bottom&zMoatPT=article&zMoatW=300&zMoatH=250&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&bo=23605329&bp=23619609&bd=bottom&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatSZPS=300x250%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=176572&na=1768225409&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 31ms
30ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=9&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fbeacon-eu2.rubiconproject.com%2Fbeacon%2Fd%2F244993ec-8b0c-4295-9698-d21f8de312cf&i=CBSDFPCW2&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRax%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGE%3Dh%2CqkG%24xt!9rmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soBggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&f=0&j=&t=1580661972187&de=391992722902&cu=1580661972187&m=9&ar=a7a25cc1c32-clean&iw=c699ca9&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4437&le=1&lf=0&lg=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=0&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25299489%3A251370729%3A253246569%3A138271463546&bo=23605329&bp=23619609&bd=bottom&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=bottom&zMoatSZPS=300x250%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=300&zMoatH=250&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatSlotId=mpu-bottom&zMoatMMV_MAX=na&zMoatDfpSlotId=mpu-bottom-5e36f3d10a9ff&hv=DOMSEARCH&ab=3&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=mpu-bottom&iq=na&tt=na&tu=&tp=&tc=0&fs=176572&na=1782439942&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 19ms
18ms Image
image/gif 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=198&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=138271463546&S1id=23605329&S2id=23619609&ord=1580661972187&r=391992722902&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatPS=bottom&zMoatPT=article&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 29ms
29ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1580661972200&de=215738234124&m=0&ar=a7a25cc1c32-clean&iw=c699ca9&q=39&cb=0&ym=0&cu=1580661972200&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4746066197%3A138239479696&zMoatPT=article&zMoatW=372&zMoatH=142&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&bo=23605329&bp=23619609&bd=-&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=372x142&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=176572&na=134485240&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 25ms
25ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1580661972209&de=223951434461&m=0&ar=a7a25cc1c32-clean&iw=c699ca9&q=43&cb=0&ym=0&cu=1580661972209&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4746066197%3A138239375180&zMoatPT=article&zMoatW=372&zMoatH=142&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&bo=23605329&bp=23619609&bd=-&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=372x142&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=176572&na=270277484&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:12 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 19B7 7 KB
6 KB 39ms
21ms XHR
application/json 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200129&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200129/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18762b7b7c3fa2d32b9719c783ed8033991be7942c35ef355df6cf10f59c47b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Origin: https://www.zdnet.com

Response headers

timing-allow-origin: *
date: Sun, 02 Feb 2020 16:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5101
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 19B7 21 KB
8 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200129/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580338855439378"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
expires: Sun, 02 Feb 2020 16:46:12 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/206/ Frame 5C75 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/206/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4624
date: Sun, 02 Feb 2020 16:05:28 GMT
expires: Mon, 01 Feb 2021 16:05:28 GMT
last-modified: Tue, 19 Nov 2019 17:13:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2444
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 19B7 0
121 B 15ms
15ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=206&t=2&li=gda_r20200129&jk=4152916090815303&bg=!0dKl0spY6g6Uru5mYxoCAAAAL1IAAAAJmQFfdMewFOLEPLaxmgVfvev11JZ8kGnCgGjvJwx59pbCpjVlgqC9NrI2X5f2XsNaqEliLQj4uU7jV4lo33z-wf0c9-PF85OQE00TxEhku-StRohPOZCzgXXCfOo-H_y2PvFsYqY8bmAc8qacn8JcV8IHT9wQjG-w67hJF2qiwBrRuv-SeAFdO6tvHlbh4yOoOj3Co_oaAKb7pt9BlmQMlCAbIoGTs1qV3-xj0q8RpBoVzlJVSvXxEuAnkMJk2u7Mup9ngWAGTmk9YMwwioiuSZcQSuaW_nrtLFr2uogdzImRY2QN2h-OvcBWADzgIa5l21wg8g0csrqsA5nYD5fc8KIhDFX6bbRgjy3b8U6q6c18US7C1EdmEF-fSmCFyNh3rT4Ib_ibF5C7i2KV_G9woi4WqssP6CyYMfqwSRDAq6-fAuqoa4BlWSKILMAmsuWqV5D0F3fIrOMuFtwBMJLSq4zO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Feb 2020 16:46:12 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 25ms
24ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&vb=9&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRax%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGE%3Dh%2CqkG%24xt!9rmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soBggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&f=0&j=&t=1580661971996&de=738460208020&cu=1580661971996&m=1041&ar=a7a25cc1c32-clean&iw=c699ca9&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4437&le=1&lf=0&lg=1&lh=26&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1034&an=3&gi=1&gf=1034&gg=3&ix=1034&ic=1034&ez=1&ck=1034&kw=836&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1034&bx=3&ci=1034&jz=836&dj=1&aa=0&ad=919&cn=0&gk=919&gl=0&ik=919&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=836&cd=6&ah=836&am=6&rf=0&re=1&ft=919&fv=0&fw=919&wb=1&cl=0&at=0&d=25299489%3A251370729%3A241984809%3A138271463474&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=top&zMoatSZPS=728x90%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=728&zMoatH=90&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatSlotId=leader-plus-top&zMoatMMV_MAX=na&zMoatDfpSlotId=leader-plus-top-5e36f3d10a9ff&hv=Domsearch%20Early&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=176572&na=1330859697&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:13 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:13 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 19ms
19ms Image
image/gif 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=836&tet=1034&fi=1&apd=1037&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=241984809&L4id=138271463474&S1id=23605329&S2id=23619609&ord=1580661971996&r=738460208020&t=iv&os=1&fi2=0&div1=1&ait=919&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatPS=top&zMoatPT=article&bedc=1&q=5&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:13 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:13 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 25ms
25ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&vb=9&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRax%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGE%3Dh%2CqkG%24xt!9rmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soBggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&f=0&j=&t=1580661971996&de=738460208020&cu=1580661971996&m=1042&ar=a7a25cc1c32-clean&iw=c699ca9&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4437&le=1&lf=0&lg=1&lh=26&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1034&an=1034&gi=1&gf=1034&gg=1034&ix=1034&ic=1034&ez=1&ck=1034&kw=836&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1034&bx=1034&ci=1034&jz=836&dj=1&aa=0&ad=919&cn=919&gk=919&gl=919&ik=919&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=836&cd=836&ah=836&am=836&rf=0&re=1&ft=919&fv=919&fw=919&wb=1&cl=0&at=0&d=25299489%3A251370729%3A241984809%3A138271463474&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=top&zMoatSZPS=728x90%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=728&zMoatH=90&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatSlotId=leader-plus-top&zMoatMMV_MAX=na&zMoatDfpSlotId=leader-plus-top-5e36f3d10a9ff&hv=Domsearch%20Early&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=176572&na=82249632&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:13 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:13 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 25ms
25ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&vb=9&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRax%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGE%3Dh%2CqkG%24xt!9rmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soBggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&f=0&j=&t=1580661971996&de=738460208020&cu=1580661971996&m=1043&ar=a7a25cc1c32-clean&iw=c699ca9&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4437&le=1&lf=0&lg=1&lh=26&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1034&an=1034&gi=1&gf=1034&gg=1034&ix=1034&ic=1034&ez=1&ck=1034&kw=836&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1034&bx=1034&ci=1034&jz=836&dj=1&aa=0&ad=919&cn=919&gk=919&gl=919&ik=919&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=836&cd=836&ah=836&am=836&rf=0&re=1&ft=919&fv=919&fw=919&wb=1&cl=0&at=0&d=25299489%3A251370729%3A241984809%3A138271463474&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=top&zMoatSZPS=728x90%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=728&zMoatH=90&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatSlotId=leader-plus-top&zMoatMMV_MAX=na&zMoatDfpSlotId=leader-plus-top-5e36f3d10a9ff&hv=Domsearch%20Early&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=176572&na=272121470&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:13 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:13 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 31ms
31ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&vb=9&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRax%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGE%3Dh%2CqkG%24xt!9rmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soBggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&f=0&j=&t=1580661972119&de=426574927648&cu=1580661972119&m=1010&ar=a7a25cc1c32-clean&iw=c699ca9&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4437&le=1&lf=0&lg=1&lh=25&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1005&an=2&gi=1&gf=1005&gg=2&ix=1005&ic=1005&ez=1&ck=1005&kw=804&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1005&bx=2&ci=1005&jz=804&dj=1&aa=0&ad=906&cn=0&gk=906&gl=0&ik=906&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=804&cd=3&ah=804&am=3&rf=0&re=1&ft=906&fv=0&fw=906&wb=1&cl=0&at=0&d=25299489%3A251370729%3A241984809%3A138271449720&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=300&zMoatH=250&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatSlotId=mpu-plus-top&zMoatMMV_MAX=na&zMoatDfpSlotId=mpu-plus-top-5e36f3d10a9ff&hv=Domsearch%20Early&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=mpu-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=176572&na=877540594&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:13 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:13 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 19ms
19ms Image
image/gif 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=804&tet=1005&fi=1&apd=1006&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=241984809&L4id=138271449720&S1id=23605329&S2id=23619609&ord=1580661972119&r=426574927648&t=iv&os=1&fi2=0&div1=1&ait=906&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatPS=top&zMoatPT=article&bedc=1&q=5&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:13 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:13 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6183 42 B
115 B 20ms
20ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvmAYOV4EpAYpbA8-dD9nK7EkkLvQVRwJ3ja4KozZhT6gMd13SPOIMsEVDv2GtGs7mpkfbFkznOafLn3nb7D8Y5EoyglDqd8f7QpYL5FM&sig=Cg0ArKJSzGDcF6fXAIszEAE&adk=3978811740&tt=-1&bs=1585%2C1200&mtos=1047,1047,1047,1047,1047&tos=1047,0,0,0,0&p=333,429,423,1157&mcvt=1047&rs=3&ht=0&tfs=111&tls=1158&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1580661971556&dlt&rpt=463&isd=0&msd=0&ext&imams=1&xdi=0&ps=1585%2C4437&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-2-10-10-0-0-0&tvt=1158&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Feb 2020 16:46:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 28ms
27ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&vb=9&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRax%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGE%3Dh%2CqkG%24xt!9rmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soBggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&f=0&j=&t=1580661972119&de=426574927648&cu=1580661972119&m=1011&ar=a7a25cc1c32-clean&iw=c699ca9&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4437&le=1&lf=0&lg=1&lh=25&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1005&an=1005&gi=1&gf=1005&gg=1005&ix=1005&ic=1005&ez=1&ck=1005&kw=804&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1005&bx=1005&ci=1005&jz=804&dj=1&aa=0&ad=906&cn=906&gk=906&gl=906&ik=906&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=804&cd=804&ah=804&am=804&rf=0&re=1&ft=906&fv=906&fw=906&wb=1&cl=0&at=0&d=25299489%3A251370729%3A241984809%3A138271449720&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=300&zMoatH=250&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatSlotId=mpu-plus-top&zMoatMMV_MAX=na&zMoatDfpSlotId=mpu-plus-top-5e36f3d10a9ff&hv=Domsearch%20Early&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=mpu-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=176572&na=829786386&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:13 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:13 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 29ms
28ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&vb=9&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRax%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGE%3Dh%2CqkG%24xt!9rmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soBggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&f=0&j=&t=1580661972119&de=426574927648&cu=1580661972119&m=1012&ar=a7a25cc1c32-clean&iw=c699ca9&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4437&le=1&lf=0&lg=1&lh=25&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1005&an=1005&gi=1&gf=1005&gg=1005&ix=1005&ic=1005&ez=1&ck=1005&kw=804&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1005&bx=1005&ci=1005&jz=804&dj=1&aa=0&ad=906&cn=906&gk=906&gl=906&ik=906&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=804&cd=804&ah=804&am=804&rf=0&re=1&ft=906&fv=906&fw=906&wb=1&cl=0&at=0&d=25299489%3A251370729%3A241984809%3A138271449720&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=300&zMoatH=250&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatSlotId=mpu-plus-top&zMoatMMV_MAX=na&zMoatDfpSlotId=mpu-plus-top-5e36f3d10a9ff&hv=Domsearch%20Early&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=mpu-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=176572&na=636997714&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:13 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:13 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 26ms
25ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&vb=9&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRax%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGE%3Dh%2CqkG%24xt!9rmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soBggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&f=0&j=&t=1580661971996&de=738460208020&cu=1580661971996&m=1248&ar=a7a25cc1c32-clean&iw=c699ca9&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4437&le=1&lf=0&lg=1&lh=26&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1238&an=1034&gi=1&gf=1238&gg=1034&ix=1238&ic=1238&ez=1&ck=1034&kw=836&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1238&bx=1034&ci=1034&jz=836&dj=1&aa=1&ad=1123&cn=919&gn=1&gk=1123&gl=919&ik=1123&co=1123&cp=1037&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1037&cd=836&ah=1037&am=836&rf=0&re=1&ft=1123&fv=919&fw=919&wb=1&cl=0&at=0&d=25299489%3A251370729%3A241984809%3A138271463474&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=top&zMoatSZPS=728x90%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=728&zMoatH=90&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatSlotId=leader-plus-top&zMoatMMV_MAX=na&zMoatDfpSlotId=leader-plus-top-5e36f3d10a9ff&hv=Domsearch%20Early&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=176572&na=1903410814&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:13 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:13 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B7AC 42 B
110 B 17ms
16ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvS64vhg3X3g5Oyvu7mmlQlw8AEGeJVv8PX7qYEJWfXUOvxt5Yr29tCR9UcfMAjPniXJztnmIItsaOnbuipX0tZ-TncXn_tDERISUf-cvc&sig=Cg0ArKJSzNJbRsS045DXEAE&adk=1729397503&tt=-1&bs=1585%2C1200&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&p=453,1043,703,1343&mcvt=1020&rs=0&ht=0&tfs=131&tls=1151&mc=1&lte=0&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1580661971563&dlt&rpt=578&isd=0&msd=0&ext&imams=1&xdi=0&ps=1585%2C4437&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1151&is=300%2C250&iframe_loc=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Feb 2020 16:46:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 25ms
25ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&vb=9&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRax%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGE%3Dh%2CqkG%24xt!9rmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soBggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&f=0&j=&t=1580661972119&de=426574927648&cu=1580661972119&m=1216&ar=a7a25cc1c32-clean&iw=c699ca9&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4437&le=1&lf=0&lg=1&lh=25&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1211&an=1005&gi=1&gf=1211&gg=1005&ix=1211&ic=1211&ez=1&ck=1005&kw=804&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1211&bx=1005&ci=1005&jz=804&dj=1&aa=1&ad=1112&cn=906&gn=1&gk=1112&gl=906&ik=1112&co=1112&cp=1006&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1006&cd=804&ah=1006&am=804&rf=0&re=1&ft=1112&fv=906&fw=906&wb=1&cl=0&at=0&d=25299489%3A251370729%3A241984809%3A138271449720&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=300&zMoatH=250&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatSlotId=mpu-plus-top&zMoatMMV_MAX=na&zMoatDfpSlotId=mpu-plus-top-5e36f3d10a9ff&hv=Domsearch%20Early&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=mpu-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=176572&na=146196852&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:13 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:13 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 25ms
24ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=9&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRax%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGE%3Dh%2CqkG%24xt!9rmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soBggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&f=0&j=&t=1580661971996&de=738460208020&cu=1580661971996&m=5127&ar=a7a25cc1c32-clean&iw=c699ca9&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4437&le=1&lf=0&lg=1&lh=26&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=5118&an=1238&gi=1&gf=5118&gg=1238&ix=5118&ic=5118&ez=1&ck=1034&kw=836&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5118&bx=1238&ci=1034&jz=836&dj=1&aa=1&ad=5003&cn=1123&gn=1&gk=5003&gl=1123&ik=5003&co=1123&cp=1037&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4911&cd=1037&ah=4911&am=1037&rf=0&re=1&ft=4898&fv=1123&fw=919&wb=2&cl=0&at=0&d=25299489%3A251370729%3A241984809%3A138271463474&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=top&zMoatSZPS=728x90%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=728&zMoatH=90&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatSlotId=leader-plus-top&zMoatMMV_MAX=na&zMoatDfpSlotId=leader-plus-top-5e36f3d10a9ff&hv=Domsearch%20Early&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=176572&na=1686638571&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:17 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:17 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 26ms
25ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=9&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRax%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGE%3Dh%2CqkG%24xt!9rmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soBggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&f=0&j=&t=1580661972119&de=426574927648&cu=1580661972119&m=5087&ar=a7a25cc1c32-clean&iw=c699ca9&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4437&le=1&lf=0&lg=1&lh=25&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=5081&an=1211&gi=1&gf=5081&gg=1211&ix=5081&ic=5081&ez=1&ck=1005&kw=804&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5081&bx=1211&ci=1005&jz=804&dj=1&aa=1&ad=4982&cn=1112&gn=1&gk=4982&gl=1112&ik=4982&co=1112&cp=1006&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4880&cd=1006&ah=4880&am=1006&rf=0&re=1&ft=4881&fv=1112&fw=906&wb=2&cl=0&at=0&d=25299489%3A251370729%3A241984809%3A138271449720&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=300&zMoatH=250&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatSlotId=mpu-plus-top&zMoatMMV_MAX=na&zMoatDfpSlotId=mpu-plus-top-5e36f3d10a9ff&hv=Domsearch%20Early&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=mpu-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=176572&na=1295433423&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:17 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:17 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 26ms
26ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=9&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRax%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGE%3Dh%2CqkG%24xt!9rmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soBggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&f=0&j=&t=1580661972031&de=642541693027&cu=1580661972031&m=5312&ar=a7a25cc1c32-clean&iw=c699ca9&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4437&le=1&lf=0&lg=1&lh=10&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5098&cd=2&ah=5098&am=2&rf=0&re=1&wb=1&cl=0&at=0&d=25299489%3A251370729%3A253246569%3A138271463540&bo=23605329&bp=23619609&bd=bottom&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=bottom&zMoatSZPS=728x90%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=728&zMoatH=90&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatSlotId=leader-plus-bottom&zMoatMMV_MAX=na&zMoatDfpSlotId=leader-plus-bottom-5e36f3d10a9ff&hv=Domsearch%20Early&ab=3&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-bottom&iq=na&tt=na&tu=&tp=&tc=0&fs=176572&na=1376328276&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:17 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:17 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 24ms
24ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=9&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRax%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGE%3Dh%2CqkG%24xt!9rmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soBggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&id=1&f=0&j=&t=1580661972187&de=391992722902&cu=1580661972187&m=5331&ar=a7a25cc1c32-clean&iw=c699ca9&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4437&le=1&lf=0&lg=1&lh=40&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5123&cd=3&ah=5123&am=3&rf=0&re=1&wb=1&cl=0&at=0&d=25299489%3A251370729%3A253246569%3A138271463546&bo=23605329&bp=23619609&bd=bottom&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=bottom&zMoatSZPS=300x250%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=300&zMoatH=250&zMoatVGUID=31dc7330-59cb-4366-80df-116f0d0a5cd2&zMoatSN=h&zMoatCURL=zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection&zMoatDev=Desktop&zMoatSlotId=mpu-bottom&zMoatMMV_MAX=na&zMoatDfpSlotId=mpu-bottom-5e36f3d10a9ff&hv=Domsearch%20Early&ab=3&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=mpu-bottom&iq=na&tt=na&tu=&tp=&tc=0&fs=176572&na=1017316002&cs=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Feb 2020 16:46:17 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 02 Feb 2020 16:46:17 GMT

POST
H/1.1 200
OK 36c1ca5070 Show response
bam.nr-data.net/events/1/ 24 B
180 B 108ms
108ms XHR
image/gif 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/36c1ca5070?a=138637741&v=1158.afc605b&to=NV1TZ0MHXxUFWxBYWQwXcFBFD14IS1kWRV8BVFRsQg9fAQhd&rst=10949&ref=https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.zdnet.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

GET
H2 200 / Show response
www.zdnet.com/homepage/xhr/ 256 KB
28 KB 176ms
176ms XHR
application/json 23.37.50.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/homepage/xhr/

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.37.50.121 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-50-121.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

67b9030d2f3d6587682a66a607acce6e3fe2af3a36fa94894a577d56338f9f7a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-NewRelic-ID: UQIHWFZXGwIDXFdRAAYDVw==
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, User-Agent
content-length: 27269
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 02 Feb 2020 15:43:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
date: Sun, 02 Feb 2020 16:46:21 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: 4d66ac80-6269-4d0f-bbd5-f4e86ea4693b
content-type: application/json
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=5400, private
accept-ranges: bytes
expires: Sun, 02 Feb 2020 17:13:50 GMT

GET
H2 200 ring.gif
zdnet2.cbsistatic.com/fly/1580334814-asset/bundles/zdnetcss/images/logos/ 16 KB
9 KB 6ms
6ms Image
image/gif 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/fly/1580334814-asset/bundles/zdnetcss/images/logos/ring.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

309e20d540054848c2bee4268a2ec8e37656da9e7d5f8084c6f66f4fd711aed6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet2.cbsistatic.com/fly/1957-fly/css/core/main-838eeec021-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326468
status: 200
strict-transport-security: max-age=31536000
content-length: 9039
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jan 2020 21:53:34 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5e31fede-3f75"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2020 22:05:06 GMT

GET
H2 200 ZDLogoMicroRed-x2.png
zdnet2.cbsistatic.com/fly/1580334814-asset/bundles/zdnetcss/images/logos/ 2 KB
2 KB 6ms
6ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/fly/1580334814-asset/bundles/zdnetcss/images/logos/ZDLogoMicroRed-x2.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

d6f28c2ecc7e7b603cead026b3febaa53ef60ef1ee17095ccaa5bfd465565e5e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet2.cbsistatic.com/fly/1957-fly/css/core/main-838eeec021-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326468
status: 200
strict-transport-security: max-age=31536000
content-length: 1513
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jan 2020 21:53:34 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5e31fede-6fa"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2020 22:05:06 GMT

GET
H2 200 ZDLogoMicroWhite-x2.png
zdnet2.cbsistatic.com/fly/1580334814-asset/bundles/zdnetcss/images/logos/ 2 KB
1 KB 6ms
5ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/fly/1580334814-asset/bundles/zdnetcss/images/logos/ZDLogoMicroWhite-x2.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1957-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

d4bf85df37940345c4a0795bcc6556e480751e36f503425c25b1993071e90c9c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet2.cbsistatic.com/fly/1957-fly/css/core/main-838eeec021-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326474
status: 200
strict-transport-security: max-age=31536000
content-length: 1398
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jan 2020 21:53:34 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5e31fede-691"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2020 22:05:00 GMT

GET
H2 200 river-time-ago-f2210a157b-rev.js Show response
zdnet4.cbsistatic.com/fly/js/components/ 753 B
583 B 6ms
5ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/js/components/river-time-ago-f2210a157b-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1957-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

2d3e9015bb665cc4e62a0aada26a74311bf87ba40e12b896724f447a98e68a89

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381948
status: 200
strict-transport-security: max-age=31536000
content-length: 426
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jan 2020 18:59:46 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5e3084a2-2f1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2020 06:40:32 GMT

GET
H2 200 tr-premium-promo-49ebdaab89-rev.js Show response
zdnet2.cbsistatic.com/fly/js/components/ 461 B
536 B 5ms
5ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/components/tr-premium-promo-49ebdaab89-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1957-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f0c8ad030a90f1ee3cdcd5910587eab25da7bb0ec6f942d979bba4d506b38380

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455013
status: 200
strict-transport-security: max-age=31536000
content-length: 287
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jan 2020 19:51:36 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5e2f3f48-1cd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2020 10:22:47 GMT

GET
H2 200 load-more-dc05f6361c-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 5 KB
2 KB 7ms
7ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/load-more-dc05f6361c-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1957-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

3de2287fb8729e557307be699642a97d5ef27c55627d663133aa8278172c9a83

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168342
status: 200
strict-transport-security: max-age=31536000
content-length: 1808
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jan 2020 21:57:46 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5e31ffda-129d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2020 18:00:38 GMT

GET
H2 200 / Show response
www.zdnet.com/newsletter/xhr/widget-login/ 2 KB
2 KB 441ms
441ms XHR
application/json 23.37.50.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/newsletter/xhr/widget-login/?topic=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.37.50.121 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-50-121.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

01b81c60cd42576eee2ea749ed870e94f204c1a0b05ee04aa4f49934341a4a9a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-NewRelic-ID: UQIHWFZXGwIDXFdRAAYDVw==
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, User-Agent
content-length: 761
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: SAMEORIGIN
date: Sun, 02 Feb 2020 16:46:21 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: ee6caf88-5331-4294-a694-7258cbc63b54
content-type: application/json
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Sun, 02 Feb 2020 16:46:21 GMT

GET
H2 200 / Show response
www.zdnet.com/components/tr-promo-asset/xhr/ 2 KB
2 KB 218ms
218ms XHR
application/json 23.37.50.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/components/tr-promo-asset/xhr/?topic=0

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.37.50.121 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-50-121.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a92fc01700b69de6600965eb4f4c74dc5e4361c7b15eb04fa7e196c1daa7f6d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-NewRelic-ID: UQIHWFZXGwIDXFdRAAYDVw==
Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, User-Agent
content-length: 637
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 02 Feb 2020 16:24:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
date: Sun, 02 Feb 2020 16:46:21 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: 73f30290-164d-4b94-88d8-4a1c8e432fa6
content-type: application/json
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=5400, private
accept-ranges: bytes
expires: Sun, 02 Feb 2020 17:54:54 GMT

GET
H2 200 load-more-1.0.js Show response
zdnet4.cbsistatic.com/fly/bundles/flyjs/js/components/ 8 KB
3 KB 6ms
5ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/bundles/flyjs/js/components/load-more-1.0.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1957-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

da52af54b0a90f89c3b6c3482a53119a588e68f99f3cb4d7af0e4460ff8e5016

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 427121
status: 200
strict-transport-security: max-age=31536000
content-length: 2472
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jan 2020 16:03:59 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5e305b6f-1f51"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2020 18:07:39 GMT

GET
H2 200 trp-promo-thumb.jpg
zdnet1.cbsistatic.com/fly/bundles/zdnetcss/images/core/ 4 KB
4 KB 6ms
6ms Image
image/jpeg 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/fly/bundles/zdnetcss/images/core/trp-promo-thumb.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

41e1b82b530a565f139da63948d96402471dadea6e3e912578cc2de4426bbe41

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7745965
status: 200
strict-transport-security: max-age=31536000
content-length: 3552
x-xss-protection: 1; mode=block
last-modified: Mon, 04 Nov 2019 19:20:35 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5dc07a03-f53"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2019 01:04:13 GMT

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.zdnet.com/	1970-01-19 07:14:26	Name: RT Value: "sl=1&ss=1580661969869&tt=881&obo=0&bcn=%2F%2F685d5b18.akstat.io%2F&sh=1580661970758%3D1%3A0%3A881&dm=zdnet.com&si=6004d238-8a4e-4e43-aa16-b88377ad7000&ld=1580661970758"
.zdnet.com/	1970-01-19 07:14:26	Name: fly_device Value: desktop
.zdnet.com/	1970-01-19 15:49:57	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Sun+Feb+02+2020+17%3A46%3A10+GMT%2B0100+(Central+European+Standard+Time)&version=5.11.0&landingPath=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fdod-contractor-suffers-ransomware-infection%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0&hosts=
.zdnet.com/	1969-12-31 23:59:59	Name: fly_default_edition Value: eu
.zdnet.com/	1969-12-31 23:59:59	Name: fly_preferred_edition Value: eu
.zdnet.com/	1970-01-19 07:14:26	Name: fly_geo Value: {"countryCode": "be"}

40 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 722) Message: ADS: queuing nav-ad-5e36f3d10a9ff for display
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 1220) Message: ADS: queuing leader-plus-top-5e36f3d10a9ff for display
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 1352) Message: ADS: queuing inpage-video-top-5e36f3d10a9ff for display
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 1362) Message: ADS: queuing sharethrough-top-5e36f3d10a9ff for display
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 1642) Message: ADS: queuing mpu-plus-top-5e36f3d10a9ff for display
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 1768) Message: ADS: queuing dynamic-showcase-top-5e36f3d10a9ff for display
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 1775) Message: ADS: queuing mpu-middle-5e36f3d10a9ff for display
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 2004) Message: ADS: queuing mpu-bottom-5e36f3d10a9ff for display
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 2021) Message: ADS: queuing leader-plus-bottom-5e36f3d10a9ff for display
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 174) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: _injectQueryStringGCP functional
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 174) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_chartbeat performance
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 174) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_tealium functional
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 30) Message: Loading iframes
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 39) Message: Ads loaded, npa flag: 1
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 174) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_urban_airship targeting
console-api	log	URL: https://zdnet3.cbsistatic.com/fly/1957-fly/js/main.default.js(Line 55) Message: Enabling services and refreshing ads
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 174) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 174) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_sharebar social
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 174) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 174) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_sharebar social
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 174) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_taboola targeting
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 174) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 174) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 174) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_async_load targeting
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 174) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 174) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	(Line 71) Message: blank creative loaded: 138239360627 (7 x 7, pos=nav, slot=nav-ad-5e36f3d10a9ff)
console-api	log	(Line 71) Message: blank creative loaded: 138239344472 (11 x 11, pos=top, slot=sharethrough-top-5e36f3d10a9ff)
console-api	log	(Line 71) Message: blank creative loaded: 138239368367 (641 x 321, pos=top, slot=inpage-video-top-5e36f3d10a9ff)
console-api	info	URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js(Line 409) Message: Powered by AMP ⚡ HTML – Version 2001251659540 https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 164) Message: Dynamic Showcase Center container ::: creative id = 138247024569
console-api	log	(Line 71) Message: blank creative loaded: 138239479696 (372 x 142, pos=, slot=dynamic_showcase__0)
console-api	log	(Line 71) Message: blank creative loaded: 138239375180 (372 x 142, pos=, slot=dynamic_showcase__1)
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 174) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 174) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_taboola targeting
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 174) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 174) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 174) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 174) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_async_load targeting
console-api	log	URL: https://www.zdnet.com/article/dod-contractor-suffers-ransomware-infection/(Line 174) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

685d5b18.akstat.io
ads.rubiconproject.com
adservice.google.be
adservice.google.com
adservice.google.de
bam.nr-data.net
beacon-eu2.rubiconproject.com
c.go-mpulse.net
cbsdfp5832910442.s.moatpixel.com
cdn.ampproject.org
cdn.cookielaw.org
eus.rubiconproject.com
geo.moatads.com
geolocation.onetrust.com
googleads.g.doubleclick.net
js-agent.newrelic.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
production-cmp.isgprivacy.cbsi.com
px.moatads.com
rev.cbsi.com
s.update.rubiconproject.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
urs.zdnet.com
vidtech.cbsinteractive.com
www.google.com
www.googletagservices.com
www.zdnet.com
z.moatads.com
zdnet1.cbsistatic.com
zdnet2.cbsistatic.com
zdnet3.cbsistatic.com
zdnet4.cbsistatic.com
151.101.114.110
151.101.14.133
152.195.132.202
162.247.242.19
18.203.131.238
2.19.38.84
216.58.207.34
23.0.36.169
23.210.250.213
23.37.50.121
23.37.55.184
2606:4700:10::6814:b844
2a00:1450:4001:808::2002
2a00:1450:4001:819::2002
2a00:1450:4001:81a::2004
2a00:1450:4001:820::2001
2a02:26f0:6c00:184::11a6
2a02:26f0:6c00:19c::11a6
2a04:4e42:1b::444
2a04:4e42:3::444
3.9.36.140
35.190.38.167
69.173.144.140
69.173.144.153
95.100.197.246
95.101.193.124
005414ad9d93e4cb677b5e4f87112b0ff6d3731b414bc425bfa1bb94c99a081a
01b81c60cd42576eee2ea749ed870e94f204c1a0b05ee04aa4f49934341a4a9a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
060cdd9e9505aabff86edab8e74ad408f4f643f81e9287e4bb6126dcf83eb876
08cb302a491f30074105f1e227bfa91e66f471877fa52bb20ba76df1efb98523
0b2b82ba31f5d420a68664c3d7276effda59946d491a56236c1fbfe358fcbe79
0b5750f7319cd68234a9fdf91a6baaeaa48bff4a591d4fce5ffbf95bd5721f2c
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e247324f306f5533e1494da4fb16b44a6ddab36c999d225fb91400eac2c0ec3
14c7ac41b04134472bac3befb13a91f561bf0bb036623b7e301a1088bc70814f
1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c
18762b7b7c3fa2d32b9719c783ed8033991be7942c35ef355df6cf10f59c47b5
1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9
1cf9158dbeb0d88a6ab5c79109a04535bed9cc1bc09608f400505fe37ccdc370
1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b
1eb54021fbb030bfc591775cffc57521d8f1b2ecaf07280fa7cde0cf6e8adf9b
1f02b60e50cc4dcf86b7ac6db07106e0a7ec1e87255c1e2038575f055f9bb52e
29773b39eab55c400e0525684dee0e6d5d4cdb215072d0fa79e7ea267cc2b565
299880654ed93f867a634ba355fdec61d2ac6e7cd39a8adec4c313a709fc814e
2bf78db102c9d6e84c8e86cd2bd6134383688ae866a991028728b62f482358ab
2d3e9015bb665cc4e62a0aada26a74311bf87ba40e12b896724f447a98e68a89
306086b53671e06145e11f18034b237d0776d15f56e03e003e70eb69874d47bd
309e20d540054848c2bee4268a2ec8e37656da9e7d5f8084c6f66f4fd711aed6
30f825366b29e0c783fd4416f9729fec0e5900cf115de79d2a628fb21d7df7b4
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
385bf60b00ac86347e623110798bf340dac6a124146c034cf58ff596525f38a3
3bc86d36b5a74ad0122fbb2b9553faaaf657bc486b3752eb58f9b95bc1351e7d
3c049ea432cb3c95043ef58d76b7635592b2a4cd8e0fb6ef5b4bd5cbef573923
3d9b3b58b8f6c0bda9432d03a5d6b95da39d5bb05b55b47dd281b3f637f0c9f9
3de2287fb8729e557307be699642a97d5ef27c55627d663133aa8278172c9a83
40dc40a98679b3773c07c59efa01664e9b7d2fb1dc7e413e31532518bbd481e0
41e1b82b530a565f139da63948d96402471dadea6e3e912578cc2de4426bbe41
42473182b7be1e9059b11448b00e33e0197994dd8e542fb7b58706408e02f2b9
43869e57b9339b03aecd3da7938097421e238ae9bdfd42a64035cc17c86399e0
43e79dee5f35e8b66e77913784a0c4c7234a4deeb621beb54018513bd9379fd9
440bb2b47f38e8ccd8efa209bc1531f763dec549cb03733cc6182197295c4703
4d565f67641c732365c3180ec1e37c7a987825faad3e8632de8a07a9101feedd
554f51b62b5284f614efc5e3621dbf116d73b08690524ffa70aa3f6bd209bb45
5668441afad86b8d118d14615e4d3819836163639e0241234203edbdabc0165f
58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5ecc6a93ec2939faa8dbf80084346c7d940f5a2181ee69343810da52902eb92d
601e3b02efbc6fcef221c14fe5abaa44423b907cddf2928c37fb6ac7b7b936b2
628756d718cc0179ab2870df9202208cd1d5808add1dda0177c5ab812d0f2ce2
66ef1b7581d8ef7b82bfe2ca363a612a479d89b808e2241f68d3e8c75f4f06d4
67b9030d2f3d6587682a66a607acce6e3fe2af3a36fa94894a577d56338f9f7a
69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c
69eb943dcff21a1685a8be08ca46dec994d6d7d6c4d0e5019f47352cdb3c1e62
6cbd293135cc41aaf6add3a4e1952582750a505f8a75af7488e67791ae23581a
6ddff44c65569a0a29464311596a792ab164077cd831192e3ae2c2b0e62738da
6de73873dd441f953668e77030299f082e0f3e6335bf944d88d44978162e6609
763fa0bd7eff816d0a5f8c3e4075f9173a5cebf51a1e2c0d1174f841de10b9dd
76ece7717e62eed8809e2a21aacd89e529e37f2141669448a62acd31c3a16005
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
89790a2e62536760a6c186e8bd311507c8704cd923153b2f5e7dd7a271e3b29e
8a12d42a2e38abf1c9fc6e2ee1478a0efc50d1881c88c156d90a0e711ead610f
8b6bc420f36a7ee19030f08310711c5cf3a841e55c2be554622221f25e6ce8fa
94c7b36de45dbddd51b2f347ca10201824be98f58e8db04c652f14dc2949ee1e
98355fec3e55c17b6d1b4bca3207fc9f41291d97ab760f570c6c7b5baf1a3db7
9c3c4cff97345d34610704580b4634771d2ec0f8f7c640e510e3d830e4a4ea0a
9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0
9db8bd3e641dc88d54edf476a148e75e29b4e8ccd040cb340404d557578dcfbd
9e226827a0d6dd483a9c39cb0ac1a4f76797fb43852bd84e2dbfea3bf697980e
9f67fdd7b170902493042bacfa38d2673cede0444d6248db8c19d5d46ff013f2
a297c2012a5551b345c91c7a54956db9117646f429c33c68a17d8d624f854086
a3ce011978786a231f13e2faae55c7bc3f8fa3578a8014e85fe0ab8f48f93b7c
a79d2f486c2f4985ebc84bd7dc2faf0c101799262b9082eb8058bbd34785ec00
a900ad46d7ea2be2cc6dad73f5a6034d654bde612bd99942a253bc351689e092
a92fc01700b69de6600965eb4f4c74dc5e4361c7b15eb04fa7e196c1daa7f6d5
aaaa7031fe55da54504dd94d2fb35be1e7699dbb11d3b93cbbb965c9bb281125
ae7ffa9357fbd52d24ec1fe9a3fa10a65ef98ca2eb073ef80be613a8ae3fa17e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2af083b0a1531d23eacfafb7b770be943f2008819f66f9392cca06054642525
ba2fa15976662b87f31dccdd53d415b927f2118760fdafc4ac21dd2c1b234ff3
c01d825e8f03f4125b38f630b84c7a88201c319b4f94e5a6a787cd86b89543f0
c1f050d746352edfeb7b8651a16b62799161a08198ac01873c75bf9f5e33b684
cda09677337093b10da14ba0ecbed2ea647ecec1f327ff794a046e3a71083fd4
ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf68490f4470cd1d7bf9e914cda7e5f550fa8e8f18ca152f9a25538af762fe49
d1c7f856b2634d01853b4e1496651fb5a7cd9c95ad90f6dfc8959e415268c240
d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41
d37c6ae9a90caed510bd467a4db90c10220e7e8cf417455df545e270f41c6f69
d4bf85df37940345c4a0795bcc6556e480751e36f503425c25b1993071e90c9c
d6f28c2ecc7e7b603cead026b3febaa53ef60ef1ee17095ccaa5bfd465565e5e
d77c91886d1e648a5549f9a6a58dbf8e930bf633b7184fefedb0568722b926a2
da2906ff5051c96edac625db8d76b8773a240dc563b3965f3c08680d3e851df0
da52af54b0a90f89c3b6c3482a53119a588e68f99f3cb4d7af0e4460ff8e5016
dbafb5370a578219d5063bed09622dbed9ee3b0c9690dd40874c98e216b56d93
dc0d3b44a4cbe769eca3a48f9470f911bf3f4e65f1650b2eecea7ed2942eada6
dfdaf3ae7b9d75de212f8a6d9a806d861a1d784be7468bde14ff52fa021ba1af
e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fc31f7ff4e172cf230a99559537672d43115f6b69e5c0900c625ecfaac8e6a
e548c1ce78f73067beca7f7e2bb284f7a79a0e537c7ebb48266560290fcfbe66
ed00176d19bfead49bb296f7961559f70b7de511350ca1dbef08d578010685e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c8ad030a90f1ee3cdcd5910587eab25da7bb0ec6f942d979bba4d506b38380
f2aa076f22fd2f3b52ba1cc2f9def788f778227d7158ea620905b18074c61433
f59e3ec4da38bc4c12680811e9741bb91aecd62e79fcc795c461dc75d0c3986b
f6914cddfb8fcc3e7d99864e104ebdb47934a357ef08d90f9e0acdf48433d6c9
f92514f4e39c16da9037f964148a09a79419744b77d611860ffc81c86aeace0a
f96f203f5605c9f56e7f6f97caf6ea84f122872ec3c5ac1f9037a1b508c706ee
ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097
ffaeeea8b8a09eda9e1eb2f2dc2c9ae055afb7fdbd4d88f57f324f8cad1d4ac5

www.zdnet.com Open in urlscan Pro 23.37.50.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

217 Requests

100 %HTTPS

35 %IPv6

20 Domains

35 Subdomains

26 IPs

6 Countries

3595 kBTransfer

10486 kBSize

6 Cookies

33 Outgoing links

Redirected requests

217 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.zdnet.com Open in urlscan Pro
23.37.50.121 Public Scan

Screenshot
Live screenshot

Full Image

217
Requests

100 %
HTTPS

35 %
IPv6

20
Domains

35
Subdomains

26
IPs

6
Countries

3595 kB
Transfer

10486 kB
Size

6
Cookies

217 HTTP transactions
10 data transactions