www.techradar.com Open in urlscan Pro
185.113.25.50  Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set ryuk-ransomware-targets-big-businesses Show response www.techradar.com/news/	179 KB 49 KB	188ms 66ms	Document text/html	185.113.25.50 FUTURE
General Check archive.org Show headers Download Go to Full URL https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.113.25.50 , United Kingdom, ASN20596 (FUTURE, GB), Reverse DNS vif15.web.future.net.uk Software / Resource Hash 427230b31c2e9dd586b3b9e537f6a2c77a903c35184aa90e6955204cd39ac659 Request headers Host www.techradar.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 21:04:52 GMT Content-Type text/html; charset=UTF-8 X-FTR-Request-ID 32658bd6-4bba-4f9c-b294-beb720af2bfa 00000000:A43A_00000000:01BB_5F752434_BA1151:37F4 Last-Modified Wed, 30 Sep 2020 21:04:52 GMT X-TraceId eab82f1ce06718b1 Xkey techradar-platform-responsive techradar-article-YjcwHPQ73QStChanQRUkmd techradar-articletype-news techradar-articletemplate-standard techradar-article-age-ancient techradar-region-US techradar-language-en techradar-author-7mgQv8SNay7k3EBExM79hM techradar-tag-ePwDVFQDuuC4YhTucNxXYX techradar-tag-VCX6mgBfC9P7ukBrTxd9rc techradar-tag-dcmNycHDocPiwbpbhg2fJZ techradar-tag-YhTJeVk2MNAdQ3ZFZKWpLC techradar-tag-SHubAVGL4WLFFbSPPoKR7f techradar-tag-xqCSQ2QPVFhQa2LJx2rMPe techradar-tag-B7eKw6M8qyKqYgBububwiE techradar-tag-VzzjSDVQWgq2RgbLQnxhhk techradar-version-27.1.2 techradar-server-ftefrontprodred Content-Encoding gzip Vary Accept-Encoding Age 12608 X-Country-Code DK X-FTR-Cache-Status HIT X-FTR-Expires Fri, 02 Oct 2020 21:04:52 GMT Expires Thu, 01 Oct 2020 00:40:00 GMT Cache-Control max-age=300,public Set-Cookie FTR_Country_Code=DK; path=/; domain=www.techradar.com X-Country-Code-Real DK Accept-Ranges bytes Content-Length 48810 X-FTR-Balancer fteproxy-185-113-25-48 X-FTR-Backend www-live-sites-varnish X-FTR-Backend-Server ftevarnishprodgreen
GET H/1.1	200 OK	OpenSans.woff2 vanilla.futurecdn.net/techradar/210198/media/fonts/	10 KB 11 KB	158ms 58ms	Font application/octet-stream	67.27.235.252 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://vanilla.futurecdn.net/techradar/210198/media/fonts/OpenSans.woff2 Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 67.27.235.252 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software Footprint Distributor V6.1.1162 / Resource Hash 5de4d39b298a975f2e5e8ba914ed1dd280b93506e7e1e6d74f7157dad088cef3 Request headers Origin https://www.techradar.com Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 11:37:06 GMT Content-Encoding gzip Age 46674 X-FTR-Backend-Server ftefrontprodblue.core.future.net.uk X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend www-live-sites Connection keep-alive Content-Length 10220 X-FTR-Balancer webproxyprodred X-FTR-Request-ID 00000000:4E65_00000000:0050_5F746DE2_2D4CAF:32B5 Last-Modified Wed, 30 Sep 2020 10:55:49 GMT Server Footprint Distributor V6.1.1162 ETag W/"5f746435-2844" Access-Control-Allow-Methods GET Content-Type text/plain; charset=utf-8 access-control-allow-origin * Cache-Control max-age=2592000 Access-Control-Allow-Credentials true Accept-Ranges bytes access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Expires Fri, 30 Oct 2020 11:37:06 GMT
GET H/1.1	200 OK	OpenSans-Semibold.woff2 vanilla.futurecdn.net/techradar/210198/media/fonts/	10 KB 11 KB	150ms 48ms	Font application/octet-stream	67.27.235.252 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://vanilla.futurecdn.net/techradar/210198/media/fonts/OpenSans-Semibold.woff2 Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 67.27.235.252 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software Footprint Distributor V6.1.1162 / Resource Hash 3b5c9d3b1a69cfa4ef54ad04e4a8c1725d0c487e5192f200fbfd5c2f96258192 Request headers Origin https://www.techradar.com Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 11:37:06 GMT Content-Encoding gzip Age 46674 X-FTR-Backend-Server ftefrontprodblue.core.future.net.uk X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend www-live-sites Connection keep-alive Content-Length 10389 X-FTR-Balancer webproxyprodred X-FTR-Request-ID 00000000:8163_00000000:0050_5F746DE2_BEBA7:32B2 Last-Modified Wed, 30 Sep 2020 10:55:49 GMT Server Footprint Distributor V6.1.1162 ETag W/"5f746435-28a4" Access-Control-Allow-Methods GET Content-Type text/plain; charset=utf-8 access-control-allow-origin * Cache-Control max-age=2592000 access-control-allow-credentials true Accept-Ranges bytes Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Expires Fri, 30 Oct 2020 11:37:28 GMT
GET H/1.1	200 OK	responsive.js Show response hawk.techradar.com/js/w/	107 KB 30 KB	268ms 70ms	Script application/javascript	185.113.25.53 FUTURE
General Check archive.org Show headers Download Go to Full URL https://hawk.techradar.com/js/w/responsive.js Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 185.113.25.53 , United Kingdom, ASN20596 (FUTURE, GB), Reverse DNS vif10.web.future.net.uk Software / Resource Hash 6e34b0c93bc983942e641edb8c36db078cd93e776ede3ef9e925e22fe32d00c3 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 01 Oct 2020 00:30:57 GMT Content-Encoding gzip X-Hawk-Country Xkey asset-type-fie-widgets Age 243 X-Hawk-Area DK X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend fie-assets X-FTR-Cache-Status HIT Content-Length 30146 X-FTR-Expires Thu, 01 Oct 2020 01:00:57 GMT X-FTR-Balancer hawkproxyprodblue X-FTR-Request-ID 00000000:D87E_00000000:01BB_5F752434_531A9BB:1860 Last-Modified Wed, 30 Sep 2020 10:22:58 GMT X-Country-Code-Real DK ETag "5f745c82-1abbb" Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 X-FTR-Backend-Server fievarnishprodwhite Cache-Control max-age=3600 Accept-Ranges bytes Access-Control-Allow-Origin * Expires Thu, 01 Oct 2020 01:30:57 GMT
GET H2	200	bordeaux.js Show response bordeaux.futurecdn.net/	658 KB 184 KB	92ms 31ms	Script application/javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://bordeaux.futurecdn.net/bordeaux.js Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.19.0 / Resource Hash a69eb3c4403f6543bd121b538a3e7b25d904c9472c297d4daea2b5c46cc73f15 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Origin https://www.techradar.com Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 01 Oct 2020 00:35:00 GMT content-encoding gzip last-modified Wed, 30 Sep 2020 15:27:05 GMT server nginx/1.19.0 status 200 etag W/"5f74a3c9-a48d0" strict-transport-security max-age=15724800; includeSubDomains x-hw 1601512500.cds046.sk1.hn,1601512500.cds022.sk1.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=535 accept-ranges bytes bordeaux-version 3.22.2 content-length 188121
GET H2	200	choice.js Show response quantcast.mgr.consensu.org/choice/uer8ZPXHG8WDU/www.techradar.com/	3 KB 2 KB	55ms 17ms	Script application/javascript	2600:9000:206e:c200:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/choice/uer8ZPXHG8WDU/www.techradar.com/choice.js?timestamp=1601512500824 Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206e:c200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a8a0ed608f7c0573bdb1e865cc3c5c9f13e16b1e09fc1ff57c3a9ba36592dc82 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 01 Oct 2020 00:34:53 GMT content-encoding br etag "bc194ed9526b38f1ce5c49f793e5243f" last-modified Wed, 19 Aug 2020 08:25:39 GMT server AmazonS3 age 23 x-amz-server-side-encryption AES256 vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=UTF-8 status 200 x-amz-cf-pop VIE50-C1 x-amz-cf-id A1a8AWlqQZG2DQnoslq07NyZBXi76rDnVcFzaF-O3pcqsNV3OhtEpw== via 1.1 8041ecf6e768a41bc9c64e0c75dc923d.cloudfront.net (CloudFront)
GET H/1.1	200 OK	techradar.woff vanilla.futurecdn.net/techradar/210198/media/fonts/	9 KB 10 KB	141ms 47ms	Font application/font-woff	67.27.235.252 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://vanilla.futurecdn.net/techradar/210198/media/fonts/techradar.woff Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 67.27.235.252 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software Footprint Distributor V6.1.1162 / Resource Hash b7e8da239a40419bc9cfc62724366ed9e85c142883106ca758dc9a65d2fe8ab3 Request headers Origin https://www.techradar.com Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 11:37:06 GMT Age 46674 X-FTR-Backend-Server ftefrontprod-172-20-9-86 X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend www-live-sites Connection keep-alive Content-Length 9640 X-FTR-Balancer webproxyprod01 X-FTR-Request-ID 00000000:A875_00000000:0050_5F746DE2_8C59C:0201 Last-Modified Wed, 30 Sep 2020 10:55:49 GMT Server Footprint Distributor V6.1.1162 ETag "5f746435-25a8" Access-Control-Allow-Methods GET Content-Type application/font-woff Access-Control-Allow-Origin * Cache-Control max-age=2592000 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Expires Fri, 30 Oct 2020 11:37:20 GMT
GET H2	200	OneSignalSDK.js Show response cdn.onesignal.com/sdks/	8 KB 3 KB	29ms 12ms	Script application/javascript	2606:4700::6812:e234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalSDK.js Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 01 Oct 2020 00:35:00 GMT content-encoding gzip cf-cache-status HIT server cloudflare age 2614 etag W/"af07e3bccd7885748057bb532c526ac5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=43200 cf-ray 5db219ea5d172b95-FRA cf-request-id 05832e867400002b95598bf200000001 expires Thu, 01 Oct 2020 12:35:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	45 KB 18 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:821::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 09 Sep 2020 01:50:37 GMT server Golfe2 age 4761 date Wed, 30 Sep 2020 23:15:39 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18650 expires Thu, 01 Oct 2020 01:15:39 GMT
GET H/1.1	200 OK	KNuiSqpPz8yXiQ6Q3WVVxX-650-80.jpg.webp cdn.mos.cms.futurecdn.net/	34 KB 35 KB	156ms 56ms	Image image/webp	8.241.79.124 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mos.cms.futurecdn.net/KNuiSqpPz8yXiQ6Q3WVVxX-650-80.jpg.webp Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 8.241.79.124 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx/1.19.0 / Resource Hash 4b33e68e91baefc52783b9e58103e8fa03f00e46271c1b56ca0e0ce3cca16ee9 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 04 Sep 2020 07:55:04 GMT X-Backend default Age 2306397 X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend mos_kodiak Connection keep-alive X-FTR-Cache-Status MISS Content-Length 35316 X-FTR-Balancer bulkproxyprodred X-FTR-Request-ID 00000000:893D_00000000:0050_5F51F2D8_129BF4:6BDB Server nginx/1.19.0 X-Served-By kodiak-varnish-7965878cb7-4nnhm Content-Type image/webp X-FTR-Backend-Server kube Cache-Control max-age=5184000 Accept-Ranges bytes Expires Mon, 23 Nov 2020 00:54:06 GMT
GET H/1.1	200 OK	missing-image.svg vanilla.futurecdn.net/techradar/media/img/	3 KB 3 KB	195ms 47ms	Image image/svg+xml	67.27.235.252 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://vanilla.futurecdn.net/techradar/media/img/missing-image.svg Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 67.27.235.252 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software Footprint Distributor V6.1.1162 / Resource Hash 131423a5b0117aa6fddbde39abed88048b2ee6a147ade1fbf040b551614ab2d2 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 02 Sep 2020 09:00:42 GMT Age 2475259 X-FTR-Backend-Server ftefrontprodred.core.future.net.uk X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend www-live-sites Connection keep-alive Content-Length 2667 X-FTR-Balancer webproxyprodred X-FTR-Request-ID 00000000:EA16_00000000:0050_5F4F5F3A_4DD600E:7F21 Last-Modified Thu, 27 Aug 2020 11:24:33 GMT Server Footprint Distributor V6.1.1162 ETag "5f4797f1-a6b" access-control-allow-methods GET Content-Type image/svg+xml access-control-allow-origin * Cache-Control max-age=2592000 access-control-allow-credentials true Accept-Ranges bytes access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Expires Mon, 19 Oct 2020 19:38:14 GMT
GET H/1.1	200 OK	hawklinks.js Show response hawk.techradar.com/hl/	137 KB 42 KB	110ms 63ms	Script application/javascript	185.113.25.53 FUTURE
General Check archive.org Show headers Download Go to Full URL https://hawk.techradar.com/hl/hawklinks.js Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 185.113.25.53 , United Kingdom, ASN20596 (FUTURE, GB), Reverse DNS vif10.web.future.net.uk Software / Resource Hash 632fd68ff3840f4f7f940e40eab0cdb9a5393ab5efc50c65bd9c0c0980a9319e Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 01 Oct 2020 00:12:53 GMT Content-Encoding gzip X-Hawk-Country Xkey asset-type-fie-hawklinks Age 1327 X-Hawk-Area DK X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend fie-assets X-FTR-Cache-Status HIT Content-Length 41974 X-FTR-Expires Thu, 01 Oct 2020 00:42:53 GMT X-FTR-Balancer hawkproxyprodblue X-FTR-Request-ID 00000000:D872_00000000:01BB_5F752434_43724D1:185F Last-Modified Wed, 30 Sep 2020 11:02:29 GMT X-Country-Code-Real DK ETag "5f7465c5-222e4" Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 X-FTR-Backend-Server fievarnishprodwhite Cache-Control max-age=3600 Accept-Ranges bytes Access-Control-Allow-Origin * Expires Thu, 01 Oct 2020 01:12:53 GMT
GET H2	200	p.js Show response cdn.parsely.com/keys/techradar.com/	48 KB 19 KB	146ms 59ms	Script application/x-javascript	99.86.246.38 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.parsely.com/keys/techradar.com/p.js Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.246.38 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-246-38.vie50.r.cloudfront.net Software nginx / Resource Hash a78fd35e8afff22e72a55015aa54ad045f829f3380927d0c88363d324b8d55c2 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Wed, 30 Sep 2020 09:44:24 GMT content-encoding gzip last-modified Thu, 02 Apr 2020 00:28:36 GMT server nginx age 53412 etag "5e8531b4-c07c" x-cache Hit from cloudfront content-type application/x-javascript status 200 cache-control max-age=86400, public x-amz-cf-pop VIE50-C1 x-amz-cf-id ileJZicwMAXTI-5IXHOZBGdJLU2mWOuVC32gt5aA6SQN_c71QQo6iQ== via 1.1 87459a7837f980cdc57ba8a2c23a55ae.cloudfront.net (CloudFront) expires Thu, 01 Oct 2020 09:44:24 GMT
POST H2	200	publisher:getClientId Show response ampcid.google.com/v1/	74 B 565 B	34ms 14ms	XHR application/json	2a00:1450:4001:81b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Thu, 01 Oct 2020 00:35:00 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF status 200 x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://www.techradar.com access-control-expose-headers content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 94 x-xss-protection 0
GET H2	200	cmp2.js Show response quantcast.mgr.consensu.org/tcfv2/	235 KB 57 KB	24ms 23ms	Script text/javascript	2600:9000:206e:c200:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/tcfv2/cmp2.js Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/choice/uer8ZPXHG8WDU/www.techradar.com/choice.js?timestamp=1601512500824 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206e:c200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 24827e8b89b890731f23b88537b15d69a6f6c0e176e727d2b791c6cae00f3eda Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Thu, 01 Oct 2020 00:35:00 GMT content-encoding br last-modified Wed, 23 Sep 2020 20:33:56 GMT server AmazonS3 x-amz-cf-pop VIE50-C1 etag "57daa148551cee8d96138d67ec09dc46" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript;charset=UTF-8 status 200 x-amz-meta-qc-ineu True x-amz-cf-id E3FhjEHafkDaRUOK0admXEqYYRI6It4VyTTOrPCfRUX79RebMxHoBw== via 1.1 8041ecf6e768a41bc9c64e0c75dc923d.cloudfront.net (CloudFront)
GET H/1.1	200 OK	main.min.js Show response vanilla.futurecdn.net/techradar/210198/media/js/	1 MB 219 KB	147ms 49ms	Script application/javascript	67.27.235.252 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://vanilla.futurecdn.net/techradar/210198/media/js/main.min.js Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 67.27.235.252 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software Footprint Distributor V6.1.1162 / Resource Hash 3dd19dbc62a1a10ab38c0ecc2dfea10e3eab1abb223ce6c095f32051766d354c Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 11:37:07 GMT Content-Encoding gzip Age 46674 X-FTR-Backend-Server ftefrontprod-172-20-9-85 X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend www-live-sites Connection keep-alive Content-Length 223879 X-FTR-Balancer webproxyprod01 X-FTR-Request-ID 00000000:E628_00000000:0050_5F746DE3_8C59F:0201 Last-Modified Wed, 30 Sep 2020 10:55:49 GMT Server Footprint Distributor V6.1.1162 ETag W/"5f746435-108258" Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=2592000 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Expires Fri, 30 Oct 2020 11:37:07 GMT
GET H/1.1	200 OK	techradar.min.css vanilla.futurecdn.net/techradar/210198/media/css/	379 KB 53 KB	79ms 36ms	Stylesheet text/css	67.27.235.252 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://vanilla.futurecdn.net/techradar/210198/media/css/techradar.min.css Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 67.27.235.252 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software Footprint Distributor V6.1.1162 / Resource Hash 1e89403265d5f889395130e19a9a46ab9714fd8a70b9c26075b4fa65b16cb7fc Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 11:37:07 GMT Content-Encoding gzip Age 46674 X-FTR-Backend-Server ftefrontprodred.core.future.net.uk X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend www-live-sites Connection keep-alive Content-Length 53206 X-FTR-Balancer webproxyprod01 X-FTR-Request-ID 00000000:6100_00000000:0050_5F746DE3_C8005:0202 Last-Modified Wed, 30 Sep 2020 10:55:49 GMT Server Footprint Distributor V6.1.1162 ETag W/"5f746435-5eb76" access-control-allow-methods GET Content-Type text/css access-control-allow-origin * Cache-Control max-age=2592000 access-control-allow-credentials true Accept-Ranges bytes access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Expires Fri, 30 Oct 2020 11:37:20 GMT
POST H2	200	publisher:getClientId Show response ampcid.google.de/v1/	3 B 494 B	34ms 14ms	XHR application/json	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Thu, 01 Oct 2020 00:35:00 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF status 200 x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://www.techradar.com access-control-expose-headers content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 23 x-xss-protection 0
GET H2	200	cmp-list.json Show response test.quantcast.mgr.consensu.org/GVL-v2/	6 KB 2 KB	54ms 17ms	XHR application/json	2600:9000:206e:c400:3:a4cd:8380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206e:c400:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 63b22db1e8752f177ea74b73bf1e6eef45e4f382ce4ce92e014e5deaf731c98c Request headers Accept application/json, text/plain, */* Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Sep 2020 19:52:33 GMT content-encoding br age 16949 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront status 200 access-control-max-age 3000 access-control-allow-origin * last-modified Sat, 26 Sep 2020 19:52:29 GMT server AmazonS3 etag "afe7227f2b56f675cfb7f8979d515ce5" vary Accept-Encoding access-control-allow-methods GET content-type application/json via 1.1 c2756f406c0dc2bb176f6e2181d7607e.cloudfront.net (CloudFront) cache-control max-age:1296000 x-amz-cf-pop VIE50-C1 x-amz-cf-id G550IBSB0OYBdd8HuLkY5XQ1-fqzWXoCuvmh-3VTIUeIYGXBC2GVvQ==
GET H2	200	desktop-article-layout-responsive.eed27ed8bb5434abcabf.js Show response bordeaux.futurecdn.net/	7 KB 2 KB	86ms 29ms	Script application/javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://bordeaux.futurecdn.net/desktop-article-layout-responsive.eed27ed8bb5434abcabf.js Requested by Host: bordeaux.futurecdn.net URL: https://bordeaux.futurecdn.net/bordeaux.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.19.0 / Resource Hash ccd85b68b6f6229beeb261dafb64785752384ef9aa749305290c07490328d360 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 01 Oct 2020 00:35:01 GMT content-encoding gzip last-modified Wed, 30 Sep 2020 15:27:05 GMT server nginx/1.19.0 status 200 etag W/"5f74a3c9-1c20" strict-transport-security max-age=15724800; includeSubDomains x-hw 1601512501.cds072.sk1.hn,1601512501.cds069.sk1.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=54517 accept-ranges bytes bordeaux-version 3.22.2 content-length 1812
GET H2	200	n-format-format-responsive.eed27ed8bb5434abcabf.js Show response bordeaux.futurecdn.net/	11 KB 4 KB	86ms 30ms	Script application/javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://bordeaux.futurecdn.net/n-format-format-responsive.eed27ed8bb5434abcabf.js Requested by Host: bordeaux.futurecdn.net URL: https://bordeaux.futurecdn.net/bordeaux.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.19.0 / Resource Hash 3d7948fed54220626ab15a136d37a5c00764831d7323c34bd9d6e864432ce38d Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 01 Oct 2020 00:35:01 GMT content-encoding gzip last-modified Wed, 30 Sep 2020 15:27:05 GMT server nginx/1.19.0 status 200 etag W/"5f74a3c9-2bea" strict-transport-security max-age=15724800; includeSubDomains x-hw 1601512501.cds072.sk1.hn,1601512501.cds012.sk1.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=54517 accept-ranges bytes bordeaux-version 3.22.2 content-length 3817
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 88 B	16ms 15ms	XHR text/plain	2a00:1450:400c:c0c::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-48894329-1&cid=1336910999.1601512501&jid=1037549268&gjid=623156832&_gid=1901145817.1601512501&_u=YGBAgEABBAQCAE~&z=2061664963 Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Thu, 01 Oct 2020 00:35:01 GMT status 200 content-type text/plain access-control-allow-origin https://www.techradar.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	collect www.google-analytics.com/	35 B 392 B	27ms 13ms	Image image/gif	2a00:1450:4001:821::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j86&a=684749612&t=pageview&_s=1&dl=https%3A%2F%2Fwww.techradar.com%2Fnews%2Fryuk-ransomware-targets-big-businesses&ul=en-us&de=UTF-8&dt=Ryuk%20ransomware%20targets%20big%20businesses%20%7C%20TechRadar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABBAQC~&jid=1037549268&gjid=623156832&cid=1336910999.1601512501&tid=UA-48894329-1&_gid=1901145817.1601512501&cd57=null&cd40=Ransomware&cd41=Ryuk%7CRansom%7CMalware%7CFireEye%7CCybercrime&cd42=FireEye&cd43=CrowdStrike%7CBoeing&cd45=Ransomware&cd46=Internet&cd47=Ryuk_ransomware_targets_big_businesses&cd50=5&cd51=false&cd58=Internet&cd74=&cd13=false&cd10=EN-US&cd1=news&cd2=computing&cd3=internet&cd4=tech_techradar%2F&cd5=YjcwHPQ73QStChanQRUkmd&cd6=%7Cransomware%7Cryuk%7Csamsam%7Ccrowdstrike%7Cfireeye%7Cransomware%7Cryuk%7Csamsam%7Ccrowdstrike%7Cfireeye%7Ccomputing%7Ctrbc%7Cnewstrack%7Cexclude-from-homepage%7Csecurity-channel%7Ctrbc%7Cnewstrack%7Cexclude-from-homepage%7Csecurity-channel%7Cserversidehawk&cd7=anthony_spadafora&cd8=14-01-2019&cd9=1&cd27=210198&cd95=news&cd106=0&cd126=en&cd127=GB%7CUS%7CAU%7CSG%7CIN%7CAE%7CNZ&cd128=14-01-2019&cd31=10&cd30=4g&z=45824892 Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 30 Sep 2020 14:28:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 36396 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	vendor-list.json Show response quantcast.mgr.consensu.org/GVL-v2/	156 KB 23 KB	56ms 21ms	XHR application/json	2600:9000:206e:c200:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206e:c200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 499ce406b8510ba9b06022ec718b897f52e92138d902b7c0976d8e6cb94ebf4a Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Sep 2020 09:35:41 GMT content-encoding br vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method age 53961 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront status 200 access-control-allow-origin * last-modified Thu, 24 Sep 2020 23:59:10 GMT server AmazonS3 etag W/"14d7f574ec8aeba519d341a710964796" access-control-max-age 3000 access-control-allow-methods GET content-type application/json via 1.1 aa98922692c099827cdae6a16b894745.cloudfront.net (CloudFront) cache-control max-age:518400 access-control-allow-credentials true x-amz-cf-pop VIE50-C1 x-amz-cf-id UWzSADeeAtQvdCjA5S6O9XIs6FYlNmE-WeUqyJlb-N84AnFnowtnpQ==
GET H2	200	ga-audiences www.google.com/ads/	42 B 106 B	18ms 17ms	Image image/gif	2a00:1450:4001:824::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-48894329-1&cid=1336910999.1601512501&jid=1037549268&_u=YGBAgEABBAQCAE~&z=1843520099 Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 01 Oct 2020 00:35:01 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 106 B	17ms 16ms	Image image/gif	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-48894329-1&cid=1336910999.1601512501&jid=1037549268&_u=YGBAgEABBAQCAE~&z=1843520099 Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 01 Oct 2020 00:35:01 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	/ srv-2020-10-01-00.pixel.parsely.com/plogger/	43 B 229 B	452ms 112ms	Image image/gif	54.174.225.42 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://srv-2020-10-01-00.pixel.parsely.com/plogger/?rand=1601512501160&plid=59981071&idsite=techradar.com&url=https%3A%2F%2Fwww.techradar.com%2Fnews%2Fryuk-ransomware-targets-big-businesses&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.techradar.com%2Fnews%2Fryuk-ransomware-targets-big-businesses&sref=&sts=1601512501154&slts=0&title=Ryuk+ransomware+targets+big+businesses+%7C+TechRadar&date=Thu+Oct+01+2020+02%3A35%3A01+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=6220052&u=pid%3D43616d18be4ac7cb3a4b2e9567da1390 Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.174.225.42 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-174-225-42.compute-1.amazonaws.com Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 01 Oct 2020 00:35:01 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	OpenSans-Light.woff2 vanilla.futurecdn.net/techradar/210198/media/fonts/	10 KB 11 KB	36ms 36ms	Font application/octet-stream	67.27.235.252 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://vanilla.futurecdn.net/techradar/210198/media/fonts/OpenSans-Light.woff2 Requested by Host: vanilla.futurecdn.net URL: https://vanilla.futurecdn.net/techradar/210198/media/css/techradar.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 67.27.235.252 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software Footprint Distributor V6.1.1162 / Resource Hash 5ab98030547ba1fa51f2f239fc0e4268c4c93b774d888edcf2ccb14a05f466df Request headers Origin https://www.techradar.com Referer https://vanilla.futurecdn.net/techradar/210198/media/css/techradar.min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 11:37:07 GMT Content-Encoding gzip Age 46674 X-FTR-Backend-Server ftefrontprod-172-20-9-85 X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend www-live-sites Connection keep-alive Content-Length 10161 X-FTR-Balancer webproxyprod01 X-FTR-Request-ID 00000000:93F0_00000000:0050_5F746DE3_605CD:0200 Last-Modified Wed, 30 Sep 2020 10:55:49 GMT Server Footprint Distributor V6.1.1162 ETag W/"5f746435-27e0" Access-Control-Allow-Methods GET Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=2592000 access-control-allow-credentials true Accept-Ranges bytes Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Expires Fri, 30 Oct 2020 11:37:16 GMT
GET H/1.1	200 OK	OpenSans-Bold.woff2 vanilla.futurecdn.net/techradar/210198/media/fonts/	10 KB 11 KB	37ms 37ms	Font application/octet-stream	67.27.235.252 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://vanilla.futurecdn.net/techradar/210198/media/fonts/OpenSans-Bold.woff2 Requested by Host: vanilla.futurecdn.net URL: https://vanilla.futurecdn.net/techradar/210198/media/css/techradar.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 67.27.235.252 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software Footprint Distributor V6.1.1162 / Resource Hash 89e89a88516b28a3f5735f8dc6ef9937b2fe9584982bce4cbddb60ff67389b15 Request headers Origin https://www.techradar.com Referer https://vanilla.futurecdn.net/techradar/210198/media/css/techradar.min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 11:37:07 GMT Content-Encoding gzip Age 46674 X-FTR-Backend-Server ftefrontprodblue.core.future.net.uk X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend www-live-sites Connection keep-alive Content-Length 10278 X-FTR-Balancer webproxyprodred X-FTR-Request-ID 00000000:8E53_00000000:0050_5F746DE3_1B41F8:32B4 Last-Modified Wed, 30 Sep 2020 10:55:49 GMT Server Footprint Distributor V6.1.1162 ETag W/"5f746435-2840" Access-Control-Allow-Methods GET Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=2592000 access-control-allow-credentials true Accept-Ranges bytes Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Expires Fri, 30 Oct 2020 11:37:16 GMT
GET H2	200	smart.js Show response www.ultimedia.com/js/common/	40 KB 8 KB	127ms 38ms	Script application/javascript	51.210.215.109 OVH
General Check archive.org Show headers Download Go to Full URL https://www.ultimedia.com/js/common/smart.js Requested by Host: vanilla.futurecdn.net URL: https://vanilla.futurecdn.net/techradar/210198/media/js/main.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.210.215.109 , France, ASN16276 (OVH, FR), Reverse DNS dtk-lb-gra04.dginfra.net Software nginx/1.10.3 (Ubuntu) / Resource Hash ab0392b691d0326eb200e753184da2899fde1f20f72aea022b466d21cad7a8a8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 01 Oct 2020 00:35:01 GMT content-encoding gzip last-modified Thu, 06 Aug 2020 13:33:04 GMT server nginx/1.10.3 (Ubuntu) etag W/"5f2c0690-a055" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=2678400 strict-transport-security max-age=31536000; includeSubDomains expires Sun, 01 Nov 2020 00:35:01 GMT
GET H/1.1	200 OK	US.svg vanilla.futurecdn.net/techradar/media/shared/img/flags/	3 KB 1 KB	32ms 32ms	Image image/svg+xml	67.27.235.252 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://vanilla.futurecdn.net/techradar/media/shared/img/flags/US.svg Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 67.27.235.252 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software Footprint Distributor V6.1.1162 / Resource Hash a715e6b25ddd72ca18758cc80de0f3d56c9168743069ace7490be62ff13a16df Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 09 Sep 2020 08:58:39 GMT Content-Encoding gzip Age 1870582 X-FTR-Backend-Server ftefrontprodblue.core.future.net.uk Transfer-Encoding chunked X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend www-live-sites Connection keep-alive X-FTR-Balancer webproxyprodred X-FTR-Request-ID 00000000:7518_00000000:0050_5F58993F_9BAF0D:0D5B Last-Modified Tue, 08 Sep 2020 15:42:08 GMT Server Footprint Distributor V6.1.1162 ETag W/"5f57a650-a56" Access-Control-Allow-Methods GET Content-Type image/svg+xml access-control-allow-origin * Cache-Control max-age=2592000 access-control-allow-credentials true Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Expires Fri, 09 Oct 2020 08:58:39 GMT
GET H2	200	cmp2ui-en.js Show response quantcast.mgr.consensu.org/tcfv2/13/	441 KB 115 KB	19ms 18ms	Script text/javascript	2600:9000:206e:c200:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/tcfv2/13/cmp2ui-en.js Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206e:c200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 026487255aac1cc874ba7c26cbcbc621410e5b9197cb8d8f43d9fa7e96807c83 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Sep 2020 20:34:00 GMT content-encoding br age 14462 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront status 200 access-control-max-age 604800 access-control-allow-origin * last-modified Wed, 23 Sep 2020 20:33:29 GMT server AmazonS3 etag "30acc15731cb331e0711bd04025446af" vary Accept-Encoding access-control-allow-methods GET content-type text/javascript;charset=UTF-8 via 1.1 8041ecf6e768a41bc9c64e0c75dc923d.cloudfront.net (CloudFront) cache-control max-age=604800 x-amz-cf-pop VIE50-C1 x-amz-cf-id R2_CT0O96Gj-9BQeR2kxjt9OTTjd6WbKccqT-Q4dSzSoZaKWsdTNig==
GET H/1.1	200 OK	YHzQGB6Z2DRiEspjRrMd6o-1024-80.jpg.webp cdn.mos.cms.futurecdn.net/	29 KB 30 KB	37ms 37ms	Image image/webp	8.241.79.124 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mos.cms.futurecdn.net/YHzQGB6Z2DRiEspjRrMd6o-1024-80.jpg.webp Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 8.241.79.124 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx/1.19.0 / Resource Hash 59ec82ec8f397cd4baa439432676ae5d798418a33bca123be9bf4d5e8dd3aa5e Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 28 Sep 2020 10:03:22 GMT X-Backend default Age 225099 X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend mos_kodiak Connection keep-alive X-FTR-Cache-Status MISS Content-Length 29694 X-FTR-Balancer bulkproxyprodred X-FTR-Request-ID 00000000:56A9_00000000:0050_5F71B4E7_2FFAA4:4379 Server nginx/1.19.0 X-Served-By kodiak-varnish-7965878cb7-4nnhm Content-Type image/webp X-FTR-Backend-Server kube Cache-Control max-age=5184000 Accept-Ranges bytes Expires Fri, 27 Nov 2020 10:04:08 GMT
GET H/1.1	200 OK	merchant-domains.php Show response search-api.fie.future.net.uk/	197 KB 43 KB	180ms 61ms	Fetch application/json	185.113.25.52 FUTURE
General Check archive.org Show headers Download Go to Full URL https://search-api.fie.future.net.uk/merchant-domains.php?site=TRD Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 185.113.25.52 , United Kingdom, ASN20596 (FUTURE, GB), Reverse DNS vif13.web.future.net.uk Software / Resource Hash 70087d14b6b87f1ad98d7a018f993c0c19a1e165767f5ddef07b4cc2fb528b91 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 01 Oct 2020 00:07:50 GMT Content-Encoding gzip X-Hawk-Country Age 1630 X-Hawk-Area DK X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend fie-api X-FTR-Cache-Status HIT Content-Length 42869 X-FTR-Expires Thu, 01 Oct 2020 00:37:50 GMT X-FTR-Balancer hawk-proxy-185-113-25-36 X-FTR-Request-ID 00000000:B6CA_00000000:01BB_5F752435_67B4FB7:02B3 X-Country-Code-Real DK Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/json; charset=utf-8; X-FTR-Backend-Server fievarnishprodwhite Cache-Control max-age=300,public Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Origin * Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area Expires Thu, 01 Oct 2020 00:40:01 GMT
GET H2	200	/ Show response audit-tcfv2.quantcast.mgr.consensu.org/	80 B 506 B	131ms 43ms	XHR text/html	99.86.243.92 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22uer8ZPXHG8WDU%22%2C%22publisher%22%3A%22TechRadar%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.13%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%225Ky%2FulGQNDtll96vr8g7Mw%22%2C%22clientTimestamp%22%3A1601512501456%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-jbc9k3n1w1v1dqnqqgsv%22%7D Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.243.92 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-243-92.vie50.r.cloudfront.net Software AmazonS3 / Resource Hash 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb Request headers Accept application/json, text/plain, */* Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Sep 2020 19:37:43 GMT via 1.1 2a3d03f915cb6d29f35b8f9edd3b1956.cloudfront.net (CloudFront) vary Origin age 17839 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront status 200 content-length 80 last-modified Tue, 26 Nov 2019 14:21:44 GMT server AmazonS3 etag "0614149d8033903db5de46d6c184bbfd" access-control-max-age 3000 access-control-allow-methods GET content-type text/html access-control-allow-origin * x-amz-cf-pop VIE50-C1 accept-ranges bytes x-amz-cf-id VmbTeSUPFniMKphYd4GMlBvSXZwlipO92Krh17ZidHg_T0UlKymONA==
GET H2	200	2 Show response www.ultimedia.com/api/widget/getwidget/mdtk/02312367/zone/	136 B 332 B	154ms 78ms	XHR application/json	51.210.215.109 OVH
General Check archive.org Show headers Download Go to Full URL https://www.ultimedia.com/api/widget/getwidget/mdtk/02312367/zone/2?url=https%3A%2F%2Fwww.techradar.com%2Fnews%2Fryuk-ransomware-targets-big-businesses&meta_breadcrumb=&meta_tag= Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.210.215.109 , France, ASN16276 (OVH, FR), Reverse DNS dtk-lb-gra04.dginfra.net Software nginx/1.10.3 (Ubuntu) / Resource Hash e78f56276c04b58863c43424709892edc08c45c7eb17bdc289d3cdd2a060fb1e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Thu, 01 Oct 2020 00:35:01 GMT server nginx/1.10.3 (Ubuntu) access-control-allow-origin * strict-transport-security max-age=31536000; includeSubDomains content-type application/json
GET H2	200	visible_player.js Show response www.ultimedia.com/js/common/	27 KB 9 KB	42ms 42ms	Script application/javascript	51.210.215.109 OVH
General Check archive.org Show headers Download Go to Full URL https://www.ultimedia.com/js/common/visible_player.js?v=1601510400000 Requested by Host: www.ultimedia.com URL: https://www.ultimedia.com/js/common/smart.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.210.215.109 , France, ASN16276 (OVH, FR), Reverse DNS dtk-lb-gra04.dginfra.net Software nginx/1.10.3 (Ubuntu) / Resource Hash ab816f53ee1bd31e219a93c152599e74e86e7e124862f02ed46f60be5157135d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 01 Oct 2020 00:35:01 GMT content-encoding gzip last-modified Wed, 12 Aug 2020 12:12:56 GMT server nginx/1.10.3 (Ubuntu) etag W/"5f33dcc8-6d53" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=2678400 strict-transport-security max-age=31536000; includeSubDomains expires Sun, 01 Nov 2020 00:35:01 GMT
GET H2	200	notification.js Show response www.ultimedia.com/js/common/	5 KB 2 KB	43ms 42ms	Script application/javascript	51.210.215.109 OVH
General Check archive.org Show headers Download Go to Full URL https://www.ultimedia.com/js/common/notification.js?v=1601510400000 Requested by Host: www.ultimedia.com URL: https://www.ultimedia.com/js/common/smart.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.210.215.109 , France, ASN16276 (OVH, FR), Reverse DNS dtk-lb-gra04.dginfra.net Software nginx/1.10.3 (Ubuntu) / Resource Hash 780396b361c35383795d3d1fb3e71e8c1e57e717973f3a4599ec4f11ba75f84e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 01 Oct 2020 00:35:01 GMT content-encoding gzip last-modified Thu, 06 Aug 2020 13:33:03 GMT server nginx/1.10.3 (Ubuntu) etag W/"5f2c068f-129f" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=2678400 strict-transport-security max-age=31536000; includeSubDomains expires Sun, 01 Nov 2020 00:35:01 GMT
GET H2	200	visibilityStat.js Show response www.ultimedia.com/js/common/	2 KB 1 KB	43ms 43ms	Script application/javascript	51.210.215.109 OVH
General Check archive.org Show headers Download Go to Full URL https://www.ultimedia.com/js/common/visibilityStat.js?v=1601510400000 Requested by Host: www.ultimedia.com URL: https://www.ultimedia.com/js/common/smart.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.210.215.109 , France, ASN16276 (OVH, FR), Reverse DNS dtk-lb-gra04.dginfra.net Software nginx/1.10.3 (Ubuntu) / Resource Hash 675ab0a24f0160c73eaa7dde430b9f5ee68a54dc0c0c8d7d2bd0a811f30f6fd5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 01 Oct 2020 00:35:01 GMT content-encoding gzip last-modified Thu, 06 Aug 2020 13:33:04 GMT server nginx/1.10.3 (Ubuntu) etag W/"5f2c0690-701" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=2678400 strict-transport-security max-age=31536000; includeSubDomains expires Sun, 01 Nov 2020 00:35:01 GMT
GET H/1.1	200 OK	TRD_logo.svg vanilla.futurecdn.net/techradar/media/img/	2 KB 2 KB	33ms 33ms	Image image/svg+xml	67.27.235.252 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://vanilla.futurecdn.net/techradar/media/img/TRD_logo.svg Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 67.27.235.252 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software Footprint Distributor V6.1.1162 / Resource Hash 00240dd415cb220cb1d31088ce0d50cecb96b497ba040cfdc90e423922d03683 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 12 Sep 2020 21:34:24 GMT Content-Encoding gzip Age 1566037 X-FTR-Backend-Server ftefrontprod-172-20-9-86 X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend www-live-sites Connection keep-alive Content-Length 779 X-FTR-Balancer webproxyprodred X-FTR-Request-ID 00000000:AC73_00000000:0050_5F5D3EE0_C21329:0D5B Last-Modified Fri, 11 Sep 2020 15:07:11 GMT Server Footprint Distributor V6.1.1162 ETag W/"5f5b929f-769" Access-Control-Allow-Methods GET Content-Type image/svg+xml Access-Control-Allow-Origin * Cache-Control max-age=2592000 access-control-allow-credentials true Accept-Ranges bytes Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Expires Tue, 13 Oct 2020 13:00:36 GMT
GET H/1.1	200 OK	translations.php Show response hawk.techradar.com/	29 KB 10 KB	182ms 48ms	Fetch application/json	185.113.25.53 FUTURE
General Check archive.org Show headers Download Go to Full URL https://hawk.techradar.com/translations.php?language=en-DK Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 185.113.25.53 , United Kingdom, ASN20596 (FUTURE, GB), Reverse DNS vif10.web.future.net.uk Software / Resource Hash 9e37891834fee9e876a0d0e9d9b229f85f61b09d2d4d64a8be01276718ba52a3 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 01 Oct 2020 00:34:48 GMT Content-Encoding gzip X-Hawk-Country Age 13 X-Hawk-Area DK X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend fie-api X-FTR-Cache-Status HIT Content-Length 9711 X-FTR-Expires Thu, 01 Oct 2020 01:04:48 GMT X-FTR-Balancer hawkproxyprodblue X-FTR-Request-ID 00000000:D898_00000000:01BB_5F752435_2F2122E:185E X-Country-Code-Real DK Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/json; charset=utf-8; X-FTR-Backend-Server fievarnishprodred Cache-Control max-age=300,public Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Origin * Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area Expires Thu, 01 Oct 2020 00:40:01 GMT
GET H2	200	smart Show response www.ultimedia.com/api/widget/	75 KB 10 KB	84ms 83ms	Script application/javascript	51.210.215.109 OVH
General Check archive.org Show headers Download Go to Full URL https://www.ultimedia.com/api/widget/smart?j=new&t=1601512501513&exclude=&meta_description=The%20Ryuk%20ransomware%20performs%20reconnaissance%20before%20infecting%20large%20enterprises%20with%20deep%20pockets.&meta_ogtitle=Ryuk%20ransomware%20targets%20big%20businesses%20&meta_ogdescription=New%20ransomware%20group%20waits%20and%20gathers%20intel%20before%20attacking%20large%20enterprises&meta_twittertitle=Ryuk%20ransomware%20targets%20big%20businesses%20&meta_twitterdescription=New%20ransomware%20group%20waits%20and%20gathers%20intel%20before%20attacking%20large%20enterprises&meta_title=Ryuk%20ransomware%20targets%20big%20businesses%20%7C%20TechRadar&meta_h1=Ryuk%20ransomware%20targets%20big%20businesses%20&meta_h2=Dwell%20time&meta_datepublished=2019-01-14T16%3A33%3A41Z&url=https%3A%2F%2Fwww.techradar.com%2Fnews%2Fryuk-ransomware-targets-big-businesses&mdtk=02312367&zone=2&layout=&otherplayer=0&target=ultimedia_wrapper Requested by Host: www.ultimedia.com URL: https://www.ultimedia.com/js/common/smart.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.210.215.109 , France, ASN16276 (OVH, FR), Reverse DNS dtk-lb-gra04.dginfra.net Software nginx/1.10.3 (Ubuntu) / Resource Hash b7588e96eae7fbf00d39f4613198f37950fcb2d6fac37659b2b3fa14825aff90 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Thu, 01 Oct 2020 00:35:01 GMT content-encoding gzip vary Accept-Encoding server nginx/1.10.3 (Ubuntu) strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset="utf-8"
GET H2	200	responsivev3.js Show response www.ultimedia.com/widgets/js/	108 KB 43 KB	46ms 46ms	Script application/javascript	51.210.215.109 OVH
General Check archive.org Show headers Download Go to Full URL https://www.ultimedia.com/widgets/js/responsivev3.js?v=2.0.2.7537 Requested by Host: www.ultimedia.com URL: https://www.ultimedia.com/api/widget/smart?j=new&t=1601512501513&exclude=&meta_description=The%20Ryuk%20ransomware%20performs%20reconnaissance%20before%20infecting%20large%20enterprises%20with%20deep%20pockets.&meta_ogtitle=Ryuk%20ransomware%20targets%20big%20businesses%20&meta_ogdescription=New%20ransomware%20group%20waits%20and%20gathers%20intel%20before%20attacking%20large%20enterprises&meta_twittertitle=Ryuk%20ransomware%20targets%20big%20businesses%20&meta_twitterdescription=New%20ransomware%20group%20waits%20and%20gathers%20intel%20before%20attacking%20large%20enterprises&meta_title=Ryuk%20ransomware%20targets%20big%20businesses%20%7C%20TechRadar&meta_h1=Ryuk%20ransomware%20targets%20big%20businesses%20&meta_h2=Dwell%20time&meta_datepublished=2019-01-14T16%3A33%3A41Z&url=https%3A%2F%2Fwww.techradar.com%2Fnews%2Fryuk-ransomware-targets-big-businesses&mdtk=02312367&zone=2&layout=&otherplayer=0&target=ultimedia_wrapper Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.210.215.109 , France, ASN16276 (OVH, FR), Reverse DNS dtk-lb-gra04.dginfra.net Software nginx/1.10.3 (Ubuntu) / Resource Hash 99e39599d9a8292c712094b6114233d19961923037fc0e2d9441c773f654b98a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 01 Oct 2020 00:35:01 GMT content-encoding gzip last-modified Thu, 06 Aug 2020 13:33:03 GMT server nginx/1.10.3 (Ubuntu) etag W/"5f2c068f-1ae39" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=2678400 strict-transport-security max-age=31536000; includeSubDomains expires Sun, 01 Nov 2020 00:35:01 GMT
GET H2	200	/ Show response r.skimresources.com/api/	149 B 406 B	115ms 56ms	Fetch application/json	35.190.59.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r.skimresources.com/api/?persistence=1&xguid=01BT2SNRZKMTD96W8181AS0KKC&data={%22pubcode%22:%2292X363%22,%22domains%22:[%22techradar.com%22,%22facebook.com%22,%22twitter.com%22,%22youtube.com%22,%22futureplc.com%22,%22send%22,%22pinterest.com%22,%22%22,%22arstechnica.com%22,%22futureus.com%22],%22page%22:%22https%3A%2F%2Fwww.techradar.com%2Fnews%2Fryuk-ransomware-targets-big-businesses%22}&checksum=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 101.59.190.35.bc.googleusercontent.com Software openresty/1.11.2.5 / Resource Hash e3311d6358f29c81855b0a308ea2dcc445a03e18d43afdc26e9581c4eefbe6f2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 01 Oct 2020 00:35:01 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.11.2.5 status 200 vary Accept-Encoding p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin https://www.techradar.com access-control-allow-credentials true strict-transport-security max-age=31536000 content-type application/json alt-svc clear via 1.1 google
GET H2	200	iframe www.ultimedia.com/deliver/generic/ Frame 724B	0 0	201ms 200ms	Document text/html	51.210.215.109 OVH
General Check archive.org Show headers Download Go to Full URL https://www.ultimedia.com/deliver/generic/iframe?mdtk=02312367&zone=2&type_player=0&sendstats=0&src=fm35v0&width=452&height=300&urlfacebook=https%3A%2F%2Fwww.techradar.com%2Fnews%2Fryuk-ransomware-targets-big-businesses&ad=1&autoplay=yes&fstart=1&title=Samsung+Galaxy+Z+Fold+2+%7C+Everything+You+Need+To+Know+In+1+Minute&endMessage=um_ultimedia_wrapper_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_&tagparam=&tagparamdecoded=&visible=&gdprconsentstring= Requested by Host: www.ultimedia.com URL: https://www.ultimedia.com/api/widget/smart?j=new&t=1601512501513&exclude=&meta_description=The%20Ryuk%20ransomware%20performs%20reconnaissance%20before%20infecting%20large%20enterprises%20with%20deep%20pockets.&meta_ogtitle=Ryuk%20ransomware%20targets%20big%20businesses%20&meta_ogdescription=New%20ransomware%20group%20waits%20and%20gathers%20intel%20before%20attacking%20large%20enterprises&meta_twittertitle=Ryuk%20ransomware%20targets%20big%20businesses%20&meta_twitterdescription=New%20ransomware%20group%20waits%20and%20gathers%20intel%20before%20attacking%20large%20enterprises&meta_title=Ryuk%20ransomware%20targets%20big%20businesses%20%7C%20TechRadar&meta_h1=Ryuk%20ransomware%20targets%20big%20businesses%20&meta_h2=Dwell%20time&meta_datepublished=2019-01-14T16%3A33%3A41Z&url=https%3A%2F%2Fwww.techradar.com%2Fnews%2Fryuk-ransomware-targets-big-businesses&mdtk=02312367&zone=2&layout=&otherplayer=0&target=ultimedia_wrapper Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.210.215.109 , France, ASN16276 (OVH, FR), Reverse DNS dtk-lb-gra04.dginfra.net Software nginx/1.10.3 (Ubuntu) / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers :method GET :authority www.ultimedia.com :scheme https :path /deliver/generic/iframe?mdtk=02312367&zone=2&type_player=0&sendstats=0&src=fm35v0&width=452&height=300&urlfacebook=https%3A%2F%2Fwww.techradar.com%2Fnews%2Fryuk-ransomware-targets-big-businesses&ad=1&autoplay=yes&fstart=1&title=Samsung+Galaxy+Z+Fold+2+%7C+Everything+You+Need+To+Know+In+1+Minute&endMessage=um_ultimedia_wrapper_ultimediaEndRoll&widgetPrefix=um_ultimedia_wrapper_&tagparam=&tagparamdecoded=&visible=&gdprconsentstring= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Response headers status 200 server nginx/1.10.3 (Ubuntu) date Thu, 01 Oct 2020 00:35:02 GMT content-type text/html; charset=UTF-8 cache-control private, must-revalidate access-control-allow-origin * access-control-allow-credentials true pragma no-cache expires -1 vary Accept-Encoding content-encoding gzip set-cookie STICKY=6568859c5889ea5e5dd82f7a51d0cbe1; path=/; HttpOnly strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	sprit_10.png www.ultimedia.com/img/widget/	3 KB 3 KB	38ms 38ms	Image image/png	51.210.215.109 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://www.ultimedia.com/img/widget/sprit_10.png Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.210.215.109 , France, ASN16276 (OVH, FR), Reverse DNS dtk-lb-gra04.dginfra.net Software nginx/1.10.3 (Ubuntu) / Resource Hash 232e2107e9ebb4adaae34e5aa7f8eba38b819ed4a735bac8f26d41106635c97c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 01 Oct 2020 00:35:01 GMT last-modified Thu, 06 Aug 2020 13:33:03 GMT server nginx/1.10.3 (Ubuntu) etag "5f2c068f-b9d" strict-transport-security max-age=31536000; includeSubDomains content-type image/png status 200 cache-control max-age=2678400 accept-ranges bytes content-length 2973 expires Sun, 01 Nov 2020 00:35:01 GMT
GET H2	200	sprit_6.png www.ultimedia.com/img/widget/	3 KB 3 KB	39ms 38ms	Image image/png	51.210.215.109 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://www.ultimedia.com/img/widget/sprit_6.png Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.210.215.109 , France, ASN16276 (OVH, FR), Reverse DNS dtk-lb-gra04.dginfra.net Software nginx/1.10.3 (Ubuntu) / Resource Hash 43fc744dc9f9bdd26ba499a6e1840b548740e7ce2b63e7c986d997d2bcae496e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 01 Oct 2020 00:35:01 GMT last-modified Thu, 06 Aug 2020 13:33:03 GMT server nginx/1.10.3 (Ubuntu) etag "5f2c068f-d0e" strict-transport-security max-age=31536000; includeSubDomains content-type image/png status 200 cache-control max-age=2678400 accept-ranges bytes content-length 3342 expires Sun, 01 Nov 2020 00:35:01 GMT
GET H2	200	/ Show response www.ultimedia.com/deliver/statistiques/widgetdisplay/	0 211 B	39ms 39ms	Script text/html	51.210.215.109 OVH
General Check archive.org Show headers Download Go to Full URL https://www.ultimedia.com/deliver/statistiques/widgetdisplay/?mdtk=02312367&zone=2&url=https%3A%2F%2Fwww.techradar.com%2Fnews%2Fryuk-ransomware-targets-big-businesses&autoplay=1&widget_type=videolist&result=2&params=%7B%22nb_videos%22%3A6%2C%22search%22%3A%22q5sm8f%22%2C%22index%22%3A%22%22%2C%22limit%22%3A1547483621%2C%22videos_results%22%3A%22%22%2C%22first_video_id%22%3A%225438943%22%2C%22first_video_id_content%22%3A%2221%22%2C%22click_to_play%22%3A0%7D Requested by Host: www.ultimedia.com URL: https://www.ultimedia.com/api/widget/smart?j=new&t=1601512501513&exclude=&meta_description=The%20Ryuk%20ransomware%20performs%20reconnaissance%20before%20infecting%20large%20enterprises%20with%20deep%20pockets.&meta_ogtitle=Ryuk%20ransomware%20targets%20big%20businesses%20&meta_ogdescription=New%20ransomware%20group%20waits%20and%20gathers%20intel%20before%20attacking%20large%20enterprises&meta_twittertitle=Ryuk%20ransomware%20targets%20big%20businesses%20&meta_twitterdescription=New%20ransomware%20group%20waits%20and%20gathers%20intel%20before%20attacking%20large%20enterprises&meta_title=Ryuk%20ransomware%20targets%20big%20businesses%20%7C%20TechRadar&meta_h1=Ryuk%20ransomware%20targets%20big%20businesses%20&meta_h2=Dwell%20time&meta_datepublished=2019-01-14T16%3A33%3A41Z&url=https%3A%2F%2Fwww.techradar.com%2Fnews%2Fryuk-ransomware-targets-big-businesses&mdtk=02312367&zone=2&layout=&otherplayer=0&target=ultimedia_wrapper Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.210.215.109 , France, ASN16276 (OVH, FR), Reverse DNS dtk-lb-gra04.dginfra.net Software nginx/1.10.3 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 01 Oct 2020 00:35:01 GMT content-encoding gzip server nginx/1.10.3 (Ubuntu) status 200 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin * strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	fm35v0-X.jpg medialb.ultimedia.com/multi/3ukkz/	8 KB 8 KB	124ms 92ms	Image image/jpeg	51.210.215.109 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://medialb.ultimedia.com/multi/3ukkz/fm35v0-X.jpg Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.210.215.109 , France, ASN16276 (OVH, FR), Reverse DNS dtk-lb-gra04.dginfra.net Software nginx/1.10.3 (Ubuntu) / Resource Hash 7fedfe5020fe9e82f47f0fa340b4b2ebaa2448e2fec8ebd74a8a9768d39dc920 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Thu, 01 Oct 2020 00:35:02 GMT last-modified Mon, 14 Sep 2020 11:45:08 GMT server nginx/1.10.3 (Ubuntu) etag "5f5f57c4-1e01" status 200 content-type image/jpeg access-control-allow-origin * cache-control public accept-ranges bytes content-length 7681 expires 7d
GET H2	200	fkuu38-X.jpg medialb.ultimedia.com/multi/3uk8z/	8 KB 8 KB	102ms 71ms	Image image/jpeg	51.210.215.109 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://medialb.ultimedia.com/multi/3uk8z/fkuu38-X.jpg Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.210.215.109 , France, ASN16276 (OVH, FR), Reverse DNS dtk-lb-gra04.dginfra.net Software nginx/1.10.3 (Ubuntu) / Resource Hash a77698f8006861b1ad0abdac54ddf1eb0a9bdf955ad18173628f025e3bbf453d Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Thu, 01 Oct 2020 00:35:02 GMT last-modified Tue, 01 Sep 2020 13:38:15 GMT server nginx/1.10.3 (Ubuntu) etag "5f4e4ec7-1f23" status 200 content-type image/jpeg access-control-allow-origin * cache-control public accept-ranges bytes content-length 7971 expires 7d
GET H2	200	fvzpf8-X.jpg medialb.ultimedia.com/multi/3ukll/	7 KB 8 KB	107ms 76ms	Image image/jpeg	51.210.215.109 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://medialb.ultimedia.com/multi/3ukll/fvzpf8-X.jpg Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.210.215.109 , France, ASN16276 (OVH, FR), Reverse DNS dtk-lb-gra04.dginfra.net Software nginx/1.10.3 (Ubuntu) / Resource Hash 22214f85442b829f702882f15b443ba83fae371f05c0b711304ba94afd57c71e Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Thu, 01 Oct 2020 00:35:02 GMT last-modified Mon, 17 Aug 2020 16:36:06 GMT server nginx/1.10.3 (Ubuntu) etag "5f3ab1f6-1ddb" status 200 content-type image/jpeg access-control-allow-origin * cache-control public accept-ranges bytes content-length 7643 expires 7d
GET H2	200	fvzp3k-X.jpg medialb.ultimedia.com/multi/3ukll/	10 KB 10 KB	104ms 73ms	Image image/jpeg	51.210.215.109 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://medialb.ultimedia.com/multi/3ukll/fvzp3k-X.jpg Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.210.215.109 , France, ASN16276 (OVH, FR), Reverse DNS dtk-lb-gra04.dginfra.net Software nginx/1.10.3 (Ubuntu) / Resource Hash df0d3844ad9a4cc56f478cf937162544dd9d28d3a4b2d4c728b133a5f32de4c2 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Thu, 01 Oct 2020 00:35:02 GMT last-modified Mon, 17 Aug 2020 15:26:06 GMT server nginx/1.10.3 (Ubuntu) etag "5f3aa18e-272a" status 200 content-type image/jpeg access-control-allow-origin * cache-control public accept-ranges bytes content-length 10026 expires 7d
GET H2	200	f80q33-X.jpg medialb.ultimedia.com/multi/3uvvm/	8 KB 9 KB	108ms 77ms	Image image/jpeg	51.210.215.109 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://medialb.ultimedia.com/multi/3uvvm/f80q33-X.jpg Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.210.215.109 , France, ASN16276 (OVH, FR), Reverse DNS dtk-lb-gra04.dginfra.net Software nginx/1.10.3 (Ubuntu) / Resource Hash 0fb0eef3a9902e0118b7ae55cace0e02659498cbf88c4b84e1d0c38278934713 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Thu, 01 Oct 2020 00:35:02 GMT last-modified Mon, 10 Aug 2020 12:50:45 GMT server nginx/1.10.3 (Ubuntu) etag "5f3142a5-21b2" status 200 content-type image/jpeg access-control-allow-origin * cache-control public accept-ranges bytes content-length 8626 expires 7d
GET H2	200	fr8580-X.jpg medialb.ultimedia.com/multi/3uk0f/	7 KB 8 KB	121ms 90ms	Image image/jpeg	51.210.215.109 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://medialb.ultimedia.com/multi/3uk0f/fr8580-X.jpg Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.210.215.109 , France, ASN16276 (OVH, FR), Reverse DNS dtk-lb-gra04.dginfra.net Software nginx/1.10.3 (Ubuntu) / Resource Hash 0ea061f020ad9ca24a9bead3b6316ba47bff2d576952f7015226ab630ed882d2 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Thu, 01 Oct 2020 00:35:02 GMT last-modified Mon, 10 Aug 2020 12:50:45 GMT server nginx/1.10.3 (Ubuntu) etag "5f3142a5-1d43" status 200 content-type image/jpeg access-control-allow-origin * cache-control public accept-ranges bytes content-length 7491 expires 7d
GET H/1.1	200 OK	hawk.min.css hawk.techradar.com/css/14.26.5-26c09fac1c1a199201f16b2bd7e7e2ebcb851b2f/	19 KB 3 KB	43ms 42ms	Stylesheet text/css	185.113.25.53 FUTURE
General Check archive.org Show headers Download Go to Full URL https://hawk.techradar.com/css/14.26.5-26c09fac1c1a199201f16b2bd7e7e2ebcb851b2f/hawk.min.css Requested by Host: hawk.techradar.com URL: https://hawk.techradar.com/js/w/responsive.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 185.113.25.53 , United Kingdom, ASN20596 (FUTURE, GB), Reverse DNS vif10.web.future.net.uk Software / Resource Hash 705e12185826ff5c7f200660d97a87c6f9af1ab6d4c8242c5ecaa4294a2a0810 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 01 Oct 2020 00:30:59 GMT Content-Encoding gzip X-Hawk-Country Xkey asset-type-fie-widgets Age 242 X-Hawk-Area DK X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend fie-assets X-FTR-Cache-Status HIT Content-Length 2256 X-FTR-Expires Thu, 01 Oct 2020 01:00:59 GMT X-FTR-Balancer hawkproxyprodblue X-FTR-Request-ID 00000000:D87E_00000000:01BB_5F752435_531A9C2:1860 Last-Modified Wed, 30 Sep 2020 10:22:58 GMT X-Country-Code-Real DK ETag "5f745c82-4a58" Vary Accept-Encoding Content-Type text/css X-FTR-Backend-Server fievarnishprodwhite Cache-Control max-age=3600 Accept-Ranges bytes Access-Control-Allow-Origin * Expires Thu, 01 Oct 2020 01:30:59 GMT
GET H/1.1	200 OK	hawk.js Show response hawk.techradar.com/js/w/6af9b59bd94460c8251a/	232 KB 73 KB	69ms 68ms	Script application/javascript	185.113.25.53 FUTURE
General Check archive.org Show headers Download Go to Full URL https://hawk.techradar.com/js/w/6af9b59bd94460c8251a/hawk.js Requested by Host: hawk.techradar.com URL: https://hawk.techradar.com/js/w/responsive.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 185.113.25.53 , United Kingdom, ASN20596 (FUTURE, GB), Reverse DNS vif10.web.future.net.uk Software / Resource Hash 1350eea7f12b047d7d8ef9188ebbd1c917fe5663528b75c83c73dc41e34546f4 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 01 Oct 2020 00:31:30 GMT Content-Encoding gzip X-Hawk-Country Xkey asset-type-fie-widgets Age 210 X-Hawk-Area DK X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend fie-assets X-FTR-Cache-Status HIT Content-Length 73965 X-FTR-Expires Thu, 01 Oct 2020 01:01:30 GMT X-FTR-Balancer hawkproxyprodblue X-FTR-Request-ID 00000000:D872_00000000:01BB_5F752434_43724D5:185F Last-Modified Wed, 30 Sep 2020 10:22:58 GMT X-Country-Code-Real DK ETag "5f745c82-39ecd" Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 X-FTR-Backend-Server fievarnishprodwhite Cache-Control max-age=3600 Accept-Ranges bytes Access-Control-Allow-Origin * Expires Thu, 01 Oct 2020 01:31:30 GMT
GET H/1.1	200 OK	trd.min.css hawk.techradar.com/css/	4 KB 2 KB	78ms 42ms	Stylesheet text/css	185.113.25.53 FUTURE
General Check archive.org Show headers Download Go to Full URL https://hawk.techradar.com/css/trd.min.css Requested by Host: hawk.techradar.com URL: https://hawk.techradar.com/js/w/responsive.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 185.113.25.53 , United Kingdom, ASN20596 (FUTURE, GB), Reverse DNS vif10.web.future.net.uk Software / Resource Hash c24bf8acd544bfbfb956baf8496af91ea22bd940054d3805eef180855e56a40a Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 01 Oct 2020 00:32:47 GMT Content-Encoding gzip X-Hawk-Country Xkey asset-type-fie-widgets Age 134 X-Hawk-Area DK X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend fie-assets X-FTR-Cache-Status HIT Content-Length 1361 X-FTR-Expires Thu, 01 Oct 2020 01:02:47 GMT X-FTR-Balancer hawkproxyprodblue X-FTR-Request-ID 00000000:D87E_00000000:01BB_5F752435_531AA64:1860 Last-Modified Wed, 30 Sep 2020 10:22:58 GMT X-Country-Code-Real DK ETag "5f745c82-e3a" Vary Accept-Encoding Content-Type text/css X-FTR-Backend-Server fievarnishprodred Cache-Control max-age=3600 Accept-Ranges bytes Access-Control-Allow-Origin * Expires Thu, 01 Oct 2020 01:32:47 GMT
GET H/1.1	200 OK	widget.php Show response hawk.techradar.com/	249 B 1014 B	45ms 45ms	Fetch application/json	185.113.25.53 FUTURE
General Check archive.org Show headers Download Go to Full URL https://hawk.techradar.com/widget.php?model_name=Ransomware&article_type=news&article_category=retail&language=en-DK&site=TRD&deals_per_model=1&multi=1&related_models=1&filter_product_types=deals&rows=4 Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 185.113.25.53 , United Kingdom, ASN20596 (FUTURE, GB), Reverse DNS vif10.web.future.net.uk Software / Resource Hash 9c49c0e5887d9d36904c516fe5ec6d5f14d8d78c6018d3fc10d6c87cb8361318 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 17:36:11 GMT Content-Encoding gzip X-Hawk-Country Age 25130 X-Hawk-Area DK X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend fie-api X-FTR-Cache-Status HIT Content-Length 180 X-FTR-Balancer hawkproxyprodblue X-FTR-Request-ID 00000000:D898_00000000:01BB_5F752435_2F21230:185E X-Country-Code-Real DK Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/json; charset=utf-8; X-FTR-Backend-Server fievarnishprodred Cache-Control max-age=300,public Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Origin * Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area Expires Thu, 01 Oct 2020 00:40:02 GMT
GET H/1.1	200 OK	widget.php Show response hawk.techradar.com/	3 KB 2 KB	85ms 41ms	Fetch application/json	185.113.25.53 FUTURE
General Check archive.org Show headers Download Go to Full URL https://hawk.techradar.com/widget.php?model_name=TechRadar%20Magazines&article_type=news&article_category=retail&language=en-DK&site=TRD&ignore_buy_similar=1&filter_product_types=deals&rows=1 Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 185.113.25.53 , United Kingdom, ASN20596 (FUTURE, GB), Reverse DNS vif10.web.future.net.uk Software / Resource Hash ac6527b46ed5c2df8a1af18267060754dfc89fdb2892c9e71c98d08cb6e2615f Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 01 Oct 2020 00:15:49 GMT Content-Encoding gzip X-Hawk-Country Xkey model-id-783095 Age 1152 X-Hawk-Area DK X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend fie-api X-FTR-Cache-Status HIT Content-Length 709 X-FTR-Expires Thu, 01 Oct 2020 00:45:49 GMT X-FTR-Balancer hawkproxyprodblue X-FTR-Request-ID 00000000:D898_00000000:01BB_5F752436_2F2124D:185E X-Country-Code-Real DK Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/json; charset=utf-8; X-FTR-Backend-Server fievarnishprodred Cache-Control max-age=300,public Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Origin * Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area Expires Thu, 01 Oct 2020 00:40:02 GMT
GET H/1.1	200 OK	seasonal.php Show response hawk.techradar.com/	72 B 959 B	117ms 41ms	Fetch application/json	185.113.25.53 FUTURE
General Check archive.org Show headers Download Go to Full URL https://hawk.techradar.com/seasonal.php?article_type=news&article_category=retail&language=en-DK&site=TRD Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 185.113.25.53 , United Kingdom, ASN20596 (FUTURE, GB), Reverse DNS vif10.web.future.net.uk Software / Resource Hash 00bb369fec6dd561bc0858251ffe1cc3e06db6779e853542ad15cceace07c168 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 01 Oct 2020 00:14:22 GMT Content-Encoding gzip X-Hawk-Country Age 1239 X-Hawk-Area DK X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend fie-api X-FTR-Cache-Status HIT Content-Length 79 X-FTR-Expires Thu, 01 Oct 2020 00:44:22 GMT X-FTR-Balancer hawkproxyprodblue X-FTR-Request-ID 00000000:D8A2_00000000:01BB_5F752436_2F21256:185E X-Country-Code-Real DK Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/json; charset=utf-8; X-FTR-Backend-Server fievarnishprodwhite Cache-Control max-age=300,public Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Origin * Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area Expires Thu, 01 Oct 2020 00:40:02 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	4 B 128 B	13ms 13ms	XHR text/plain	2a00:1450:4001:821::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j86&a=684749612&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.techradar.com%2Fnews%2Fryuk-ransomware-targets-big-businesses&ul=en-us&de=UTF-8&dt=Ryuk%20ransomware%20targets%20big%20businesses%20%7C%20TechRadar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Affiliates&ea=FEP%20TOP%20widget%20missing&el=Ransomware&_u=6GDAAEABBAQCAG~&jid=890459347&gjid=1656417925&cid=1336910999.1601512501&tid=UA-48894329-1&_gid=1901145817.1601512501&_r=1&_slc=1&cd10=EN-US&cd1=news&cd2=computing&cd3=internet&cd4=tech_techradar%2F&cd5=YjcwHPQ73QStChanQRUkmd&cd6=%7Cransomware%7Cryuk%7Csamsam%7Ccrowdstrike%7Cfireeye%7Cransomware%7Cryuk%7Csamsam%7Ccrowdstrike%7Cfireeye%7Ccomputing%7Ctrbc%7Cnewstrack%7Cexclude-from-homepage%7Csecurity-channel%7Ctrbc%7Cnewstrack%7Cexclude-from-homepage%7Csecurity-channel%7Cserversidehawk&cd7=anthony_spadafora&cd8=14-01-2019&cd9=1&cd27=210198&cd95=news&cd106=0&cd126=en&cd127=GB%7CUS%7CAU%7CSG%7CIN%7CAE%7CNZ&cd128=14-01-2019&cd31=10&cd30=4g&cd12=null&cd14=null&cd16=null&cd17=0&cd25=null&cd37=null&cd48=null&cd53=null&cd60=null&cd62=0&cd73=null&cd75=null&cd76=null&cd84=null&cd90=9380091143941652000&cd105=null&cd111=null&cd115=null&cd116=null&cd117=null&cd118=null&cd124=null&cd125=null&cm1=1523&cm24=0&cm27=2838&cm28=1282&cd70=SIGNUP%20-%20Side%20Bar%3A1&z=1833794164 Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 01 Oct 2020 00:35:02 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type text/plain access-control-allow-origin https://www.techradar.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-Q050	200	collect www.google-analytics.com/	35 B 57 B	13ms 13ms	Other image/gif	2a00:1450:4001:821::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 01 Oct 2020 00:35:02 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://www.techradar.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-Q050	200	collect Show response stats.g.doubleclick.net/j/	4 B 433 B	41ms 14ms	XHR text/plain	2a00:1450:400c:c0c::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-48894329-1&cid=1336910999.1601512501&jid=890459347&gjid=1656417925&_gid=1901145817.1601512501&_u=6GDAAEABBAQCAG~&z=890566597 Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Thu, 01 Oct 2020 00:35:02 GMT status 200 content-type text/plain access-control-allow-origin https://www.techradar.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	ga-audiences www.google.com/ads/	42 B 491 B	38ms 24ms	Image image/gif	2a00:1450:4001:824::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-48894329-1&cid=1336910999.1601512501&jid=890459347&_u=6GDAAEABBAQCAG~&z=1612019055 Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 01 Oct 2020 00:35:02 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	ga-audiences www.google.de/ads/	42 B 491 B	39ms 24ms	Image image/gif	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-48894329-1&cid=1336910999.1601512501&jid=890459347&_u=6GDAAEABBAQCAG~&z=1612019055 Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 01 Oct 2020 00:35:02 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	atechradar-gb.js Show response vanilla.futurecdn.net/techradar/210198/media/shared/js/	332 KB 72 KB	150ms 150ms	Script application/javascript	67.27.235.252 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://vanilla.futurecdn.net/techradar/210198/media/shared/js/atechradar-gb.js Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 67.27.235.252 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software Footprint Distributor V6.1.1162 / Resource Hash f414c6c2a7af37d10afc4d4a65377216199319ad3dcf9a3378cc1cc38e0f47df Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 11:37:10 GMT Content-Encoding gzip Age 46672 X-FTR-Backend-Server ftefrontprodblue.core.future.net.uk X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend www-live-sites Connection keep-alive Content-Length 72556 X-FTR-Balancer webproxyprod01 X-FTR-Request-ID 00000000:93F0_00000000:0050_5F746DE3_605CE:0200 Last-Modified Wed, 30 Sep 2020 10:55:49 GMT Server Footprint Distributor V6.1.1162 ETag W/"5f746435-52f4a" Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 access-control-allow-origin * Cache-Control max-age=2592000 access-control-allow-credentials true Accept-Ranges bytes Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Expires Fri, 30 Oct 2020 11:37:20 GMT
GET H/1.1	200 OK	btechradar-gb.js Show response vanilla.futurecdn.net/techradar/210198/media/shared/js/	6 KB 2 KB	147ms 147ms	Script application/javascript	67.27.235.252 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://vanilla.futurecdn.net/techradar/210198/media/shared/js/btechradar-gb.js Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 67.27.235.252 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software Footprint Distributor V6.1.1162 / Resource Hash 9d1edce9b427c9853d98a71b4bf00cee076aeab478760b4101ec5dc6b3c7d1d1 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 11:37:10 GMT Content-Encoding gzip Age 46672 X-FTR-Backend-Server ftefrontprod-172-20-9-85 X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend www-live-sites Connection keep-alive Content-Length 1702 X-FTR-Balancer webproxyprodred X-FTR-Request-ID 00000000:4F2D_00000000:0050_5F746DE6_1B4205:32B4 Last-Modified Wed, 30 Sep 2020 10:55:49 GMT Server Footprint Distributor V6.1.1162 ETag W/"5f746435-1671" Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=2592000 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Expires Fri, 30 Oct 2020 11:37:13 GMT
GET H2	200	get_site_data Show response orionis.techradar.com/	18 B 252 B	132ms 32ms	XHR text/plain	18.195.207.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://orionis.techradar.com/get_site_data?account_id=200&href=https%3A%2F%2Fwww.techradar.com%2Fnews%2Fryuk-ransomware-targets-big-businesses&requestUUID=ba06ad2b-b962-4745-92d7-67a2059047e4-1601512502885 Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.207.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-207-27.eu-central-1.compute.amazonaws.com Software Jetty(9.4.2.v20170220) / Resource Hash 6cddc935bfd70130ff535506925990fa432ff5dbf670134a9d5829cf8fa0374d Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 01 Oct 2020 00:35:03 GMT x-sp-mms-node mms-b32.node.fra.consul server Jetty(9.4.2.v20170220) status 200 access-control-allow-methods GET content-type text/plain access-control-allow-origin https://www.techradar.com cache-control max-age=2592000 access-control-allow-credentials true
GET H2	200	;ord=1601512502889 ad.doubleclick.net/ddm/ad/uzjqqdeztfs/ls/	43 B 640 B	153ms 53ms	Image image/gif	216.58.208.38 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/ad/uzjqqdeztfs/ls/;ord=1601512502889? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s12-in-f38.1e100.net Software cafe / Resource Hash 9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 01 Oct 2020 00:35:03 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	get_loaders Show response orionis.techradar.com/mms/	2 B 238 B	97ms 32ms	XHR application/json	18.195.207.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://orionis.techradar.com/mms/get_loaders?href=https%3A%2F%2Fwww.techradar.com%2Fnews%2Fryuk-ransomware-targets-big-businesses&account_id=200&requestUUID=ba06ad2b-b962-4745-92d7-67a2059047e4-1601512502885 Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.207.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-207-27.eu-central-1.compute.amazonaws.com Software Jetty(9.4.2.v20170220) / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 01 Oct 2020 00:35:03 GMT x-sp-mms-node mms-ayc.node.fra.consul server Jetty(9.4.2.v20170220) status 200 access-control-allow-methods GET content-type application/json access-control-allow-origin https://www.techradar.com cache-control max-age=10800 access-control-allow-credentials true
GET H2	200	bcn www.summerhamster.com/	43 B 182 B	104ms 32ms	Image image/gif	52.59.84.250 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.summerhamster.com/bcn?fe=1601512503202&y=2.0.1196&elg=535497463&flg=200&x=zzz.whfkudgdu.frp%2Fqhzv%2Fubxn-udqvrpzduh-wdujhwv-elj-exvlqhvvhv&vqwo=1&deo=0&hu=0&g2=0%3A%3A0%3A%3A0%3A%3A0%3A%3A0&requestUUID=ba06ad2b-b962-4745-92d7-67a2059047e4-1601512502885 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.59.84.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-59-84-250.eu-central-1.compute.amazonaws.com Software Jetty(9.2.10.v20150310) / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Thu, 01 Oct 2020 00:35:03 GMT server Jetty(9.2.10.v20150310) access-control-allow-origin * content-length 43 access-control-allow-methods * content-type image/gif
GET H2	200	aawLnwsUH17LHUrISx7dSIrVS5TRzx3eXknLSYsdSF6U0hGRjx3eChTfHckK3s8Knt8eyoqeypTPCt7KyshJyZ1Knt8eyoqeypTPCt7KyshJyZ1JXsrK3d9e3V5Jy0mLFNGPCIuU0hERkRHR09MPHl6eVMvISZ6Jy9EdSsodUQlK31EdSEmLHsqJnckRHl6eUc8fi... Show response orionis.techradar.com/	1 KB 2 KB	34ms 33ms	Script application/javascript	18.195.207.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://orionis.techradar.com/aawLnwsUH17LHUrISx7dSIrVS5TRzx3eXknLSYsdSF6U0hGRjx3eChTfHckK3s8Knt8eyoqeypTPCt7KyshJyZ1Knt8eyoqeypTPCt7KyshJyZ1JXsrK3d9e3V5Jy0mLFNGPCIuU0hERkRHR09MPHl6eVMvISZ6Jy9EdSsodUQlK31EdSEmLHsqJnckRHl6eUc8fip7fFN-LCwoKztJVztIXDtIXC8vL0Qse3l-Knd6dypEeSclO0hcJnsvKztIXCoxLSNDKncmKyclL3cqe0Msdyp9eywrQ3ghfUN4LSshJnsrK3srPHknJit7Jixra19aUy0ment8ISZ7ejwqeykteyssa2tfWlN4d0ZMd3pIeEN4T0xIQ0pNSktDT0h6TUNMTXdIRktPRkpNe0pDR0xGR0tHSEtGSE5OSzwsO0tYd3p1LSYhLDtLWlNHRktHTk9ITztIXCx7eX51LHt5fip3encqO0hcLCooKic7SFwhJix7KiZ7LDwsO0tYJCEue3V3enUtJiEsO0taU0dGS0dOT0hPO0hcLHt5fnUse3l-Knd6dyo7SFw8LDtLWCx7Kyx1d3p1LSYhLDtLWlNHRktHTk9ITztIXCx7eX51LHt5fip3encqdSx7Kyw7SFw8LDtLWCp7eScueyoxdXd6dS0mISw7S1pTPCw7S1gqe3knLnsqMXUseyssdXd6dS0mISw7S1pTPCw7S1grISx7dSgkdyx8JyolO0taUy53JiEkJHc8LDtLWCwheHsqIS0rO0taUywqLXs8LDtLWCwheHsqIS0rdSUnens7S1pTJ3x8PCw7S1gjezEvJyp6KztLWlNqaFhZO0hZZHsvKywqd3kjO0hZezB5JC16e0N8KiclQ34nJXsod317O0hZK3t5LSohLDFDeX53JiZ7JDtIWSt7Ki57Kishent-dy8jO0hZWSclKC0sISZ9O0hZaHcmKyclL3cqeztIWWgxLSM7SFlpdyVpdyU7SFl5KicveissKiEjeztIWVwhKntbMXs8LDtLWHcqLCF5JHt1IXo7S1pTbyJ5L15mZ01JZ2ksWX53JmdoayMlejwsO0tYLncmISQkd3V3KiwheSR7dSF6O0taU28ieS9eZmdNSWdpLFl-dyZnaGsjJXo8LDtLWCh3fXt1LDEoeztLWlMmey8rPCw7S1goKid6LXksdXgqdyZ6O0taUzwsO0tYKConei15LHV5dyx7fScqMTtLWlM8LDtLWCgqJ3oteSw7S1pTPCw7S1gueyosIXl3JDtLWlN5JyUoLSwhJn08LDtLWCsnLSp5eztLWlM8LDtLWCgqJy57KiwheXckO0taUyEmLHsqJnssPCw7S1giLygkdzF7KjtLWlN5dyonLSt7JDwsO0tYfXckJHsqMXUqe3wqeyt-dSEmLHsqLnckO0taU0g8LDtLWCx3fSs7S1pTaHcmKyclL3cqeztIWWgxLSM7SFlpdyVpdyU7SFl5KicveissKiEjeztIWVwhKntbMXs7SFlodyYrJyUvdyp7O0hZaDEtIztIWWl3JWl3JTtIWXkqJy96KywqISN7O0hZXCEqe1sxeztIWVknJSgtLCEmfTwsO0tYeSQteHUkJ319e3ohJjtLWlN8dyQrew== Requested by Host: vanilla.futurecdn.net URL: https://vanilla.futurecdn.net/techradar/210198/media/shared/js/atechradar-gb.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.207.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-207-27.eu-central-1.compute.amazonaws.com Software Jetty(9.4.2.v20170220) / Resource Hash 07626cb221775a497561bf1535715e8a8234ee40f16de060ab10c4236816f11c Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 01 Oct 2020 00:35:03 GMT x-sp-mms-node mms-at2.node.fra.consul server Jetty(9.4.2.v20170220) access-control-allow-methods GET content-type application/javascript status 200 cache-control no-store, no-cache, private access-control-allow-credentials true x-sp-mms-env 1 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	138526d18ff94de4b84a3a11ec020ede_1.js Show response targetemsecure.blob.core.windows.net/138526d1-8ff9-4de4-b84a-3a11ec020ede/	8 KB 3 KB	134ms 35ms	Script application/javascript	52.239.242.148 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://targetemsecure.blob.core.windows.net/138526d1-8ff9-4de4-b84a-3a11ec020ede/138526d18ff94de4b84a3a11ec020ede_1.js Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.239.242.148 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 2a69e9fbbf0884d3138686f735a9543aac059f5305a323cb62f2e5fee4e05bda Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Thu, 01 Oct 2020 00:35:03 GMT Content-Encoding gzip Last-Modified Wed, 30 Sep 2020 02:45:29 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 SgJH78nrJpPQ4FOzhbbJlQ== ETag 0x8D864EAE46FC834 Content-Type application/javascript x-ms-request-id 51bbe21a-401e-00a8-5f8a-97631c000000 Cache-Control public x-ms-version 2009-09-19 Content-Length 2363
GET H/1.1	200 OK	138526d18ff94de4b84a3a11ec020ede_2_1591645858.js Show response targetemsecure.blob.core.windows.net/138526d1-8ff9-4de4-b84a-3a11ec020ede/	134 KB 41 KB	43ms 42ms	Script application/javascript	52.239.242.148 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://targetemsecure.blob.core.windows.net/138526d1-8ff9-4de4-b84a-3a11ec020ede/138526d18ff94de4b84a3a11ec020ede_2_1591645858.js Requested by Host: targetemsecure.blob.core.windows.net URL: https://targetemsecure.blob.core.windows.net/138526d1-8ff9-4de4-b84a-3a11ec020ede/138526d18ff94de4b84a3a11ec020ede_1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.239.242.148 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash f9302ea396b2770c3dd53cc1f71395cea35ce0ba24e880b3d5fdf391469bde8c Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Thu, 01 Oct 2020 00:35:03 GMT Content-Encoding gzip Last-Modified Mon, 28 Sep 2020 21:15:57 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 Lo0Rz4k1QKvf8sIR8Jio5A== ETag 0x8D863F3B12B92A6 Content-Type application/javascript x-ms-request-id 51bbe241-401e-00a8-048a-97631c000000 Cache-Control public, max-age=86400 x-ms-version 2009-09-19 Content-Length 41222
GET H2	200	3de79d73135a4d.js Show response offer.slgnt.eu/3394eaaa6fea48f2a5b7a406f56c3faf/	29 KB 10 KB	133ms 43ms	Script application/javascript	35.233.20.168 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://offer.slgnt.eu/3394eaaa6fea48f2a5b7a406f56c3faf/3de79d73135a4d.js?v=0c6e8d50c5b7c641ede3baedb286285c Requested by Host: targetemsecure.blob.core.windows.net URL: https://targetemsecure.blob.core.windows.net/138526d1-8ff9-4de4-b84a-3a11ec020ede/138526d18ff94de4b84a3a11ec020ede_1.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.233.20.168 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 168.20.233.35.bc.googleusercontent.com Software / Resource Hash 95f1d8e0e75700d6fa5bbfd1cacd484bcd585309fe1cbe8ea3959802b4106797 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 01 Oct 2020 00:35:03 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 25 Feb 2020 16:23:17 GMT etag W/"5e5549f5-72a9" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=2592000, public strict-transport-security max-age=15724800; includeSubDomains x-xss-protection 1; mode=block expires Sat, 31 Oct 2020 00:35:03 GMT
GET H2	200	polyfill.min.js Show response cdn.polyfill.io/v3/	72 B 513 B	8ms 6ms	Script text/javascript	2a04:4e42:1b::621 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.polyfill.io/v3/polyfill.min.js?features=es6&gated=true Requested by Host: targetemsecure.blob.core.windows.net URL: https://targetemsecure.blob.core.windows.net/138526d1-8ff9-4de4-b84a-3a11ec020ede/138526d18ff94de4b84a3a11ec020ede_2_1591645858.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; preload content-encoding br x-content-type-options nosniff content-type text/javascript; charset=utf-8 age 10190234 detected-user-agent Chrome Mobile/83.0.4103 status 200 request_came_from_shield HHN server-timing HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1 content-length 74 referrer-policy origin-when-cross-origin last-modified Thu, 04 Jun 2020 02:15:40 GMT date Thu, 01 Oct 2020 00:35:03 GMT access-control-allow-methods GET,HEAD,OPTIONS normalized-user-agent chrome/83.0.0 access-control-allow-origin * cache-control public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800 accept-ranges bytes timing-allow-origin *
OPTIONS H2	200	track siteeuwest.slgnt.eu/ Frame	0 0	63ms 42ms	Other text/html	2001:4860:4802:36::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://siteeuwest.slgnt.eu/track Protocol H2 Server 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://www.techradar.com Sec-Fetch-Mode cors Response headers status 200 access-control-allow-origin https://www.techradar.com access-control-allow-methods GET, POST access-control-allow-credentials true access-control-allow-headers content-type x-cloud-trace-context c645d2fa94b7bd8ea1798a747e0cada2 date Thu, 01 Oct 2020 00:35:03 GMT content-type text/html server Google Frontend content-length 0
POST H2	200	track Show response siteeuwest.slgnt.eu/	1 KB 1 KB	80ms 79ms	Fetch application/json	2001:4860:4802:36::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://siteeuwest.slgnt.eu/track Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 6b5ebd09722963b2bc719c1ee43885fcd5d797e7cb1847d612c1f78f870774ca Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 content-type application/json Response headers date Thu, 01 Oct 2020 00:35:04 GMT content-encoding gzip server Google Frontend status 200 vary Accept-Encoding p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin https://www.techradar.com x-cloud-trace-context aad4b272a11fd1081fd4fcd5d8d19bef cache-control private access-control-allow-credentials true content-type application/json;charset=utf-8 content-length 924 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	cookie.html offer.slgnt.eu/sdstatic/ Frame C4ED	0 0	42ms 42ms	Document text/html	35.233.20.168 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://offer.slgnt.eu/sdstatic/cookie.html Requested by Host: offer.slgnt.eu URL: https://offer.slgnt.eu/3394eaaa6fea48f2a5b7a406f56c3faf/3de79d73135a4d.js?v=0c6e8d50c5b7c641ede3baedb286285c Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.233.20.168 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 168.20.233.35.bc.googleusercontent.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority offer.slgnt.eu :scheme https :path /sdstatic/cookie.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Response headers status 200 date Thu, 01 Oct 2020 00:35:04 GMT content-type text/html last-modified Fri, 17 Jul 2020 12:56:33 GMT vary Accept-Encoding etag W/"5f11a001-210" expires Sat, 31 Oct 2020 00:35:04 GMT cache-control max-age=2592000 public content-encoding gzip strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	aHR0cHM6Ly93d3cudGVjaHJhZGFyLmNvbS9uZXdzL3J5dWstcmFuc29td2FyZS10YXJnZXRzLWJpZy1idXNpbmVzc2Vz Show response offer.slgnt.eu/api/db4a8f7d7191408280a85206a47e4bd6/iv/	27 B 553 B	43ms 43ms	XHR text/html	35.233.20.168 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://offer.slgnt.eu/api/db4a8f7d7191408280a85206a47e4bd6/iv/aHR0cHM6Ly93d3cudGVjaHJhZGFyLmNvbS9uZXdzL3J5dWstcmFuc29td2FyZS10YXJnZXRzLWJpZy1idXNpbmVzc2Vz?sid=29318004-3dae-4592-be04-25dbc71a8a5a Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.233.20.168 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 168.20.233.35.bc.googleusercontent.com Software / Resource Hash 03cfe943563047d9804114f133087f320377cbe1ecc4c3c026c1146371a5a3a4 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Thu, 01 Oct 2020 00:35:04 GMT x-content-type-options nosniff status 200 strict-transport-security max-age=15724800; includeSubDomains p3p policyref="http://www.tastehit.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT CNT PRE" access-control-allow-origin https://www.techradar.com access-control-allow-credentials true content-type text/html; charset=utf-8 content-length 27 x-xss-protection 1; mode=block
GET H/1.1	200 OK	app.js Show response vanilla.futurecdn.net/techradar/210198/media/shared/js/	328 KB 91 KB	34ms 34ms	Script application/javascript	67.27.235.252 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://vanilla.futurecdn.net/techradar/210198/media/shared/js/app.js Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 67.27.235.252 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software Footprint Distributor V6.1.1162 / Resource Hash a5900bd1315c2415ce53433dfb6acb20dbc5ae1e40ac9d00a7904bed39b11dd6 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 11:37:12 GMT Content-Encoding gzip Age 46672 X-FTR-Backend-Server ftefrontprodblue.core.future.net.uk X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend www-live-sites Connection keep-alive Content-Length 92689 X-FTR-Balancer webproxyprodred X-FTR-Request-ID 00000000:6C5E_00000000:0050_5F746DE8_2D4CD3:32B5 Last-Modified Wed, 30 Sep 2020 10:55:49 GMT Server Footprint Distributor V6.1.1162 ETag W/"5f746435-51f03" Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=2592000 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Expires Fri, 30 Oct 2020 11:37:19 GMT
GET H/1.1	200 OK	related Show response api.vanilla.futurecdn.net/article/v3/	2 KB 2 KB	210ms 44ms	Fetch application/json	185.113.25.61 FUTURE
General Check archive.org Show headers Download Go to Full URL https://api.vanilla.futurecdn.net/article/v3/related?articleTerritory=US&count=3&site=techradar Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 185.113.25.61 , United Kingdom, ASN20596 (FUTURE, GB), Reverse DNS vif02.web.future.net.uk Software / Resource Hash 8348670d21aa6ebbcce5f48dbb1224c794141196ce75ef0c0f97625c6829c1a5 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 01 Oct 2020 00:35:04 GMT Content-Encoding gzip Xkey techradar-article, techradar-article-latest, techradar-article-api-77bf4f4d54-9bgrq Age 745 Transfer-Encoding chunked X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend van-prod X-Backend default X-FTR-Cache-Status HIT X-FTR-Balancer apiproxyprodred X-FTR-Request-ID 00000000:E7A2_00000000:01BB_5F752438_3869BB1:4120 X-Served-By cache-api-79cb4f9fbc-q4qz7 Vary Accept-Encoding, Origin Content-Type application/json; charset=utf-8 X-FTR-Backend-Server http.van-prod Cache-Control public,max-age=900 Access-Control-Allow-Origin https://www.techradar.com Expires Thu, 1 Oct 2020 00:37:39 UTC
GET H/1.1	200 OK	related Show response api.vanilla.futurecdn.net/article/v3/	12 KB 4 KB	226ms 60ms	Fetch application/json	185.113.25.61 FUTURE
General Check archive.org Show headers Download Go to Full URL https://api.vanilla.futurecdn.net/article/v3/related?articleTerritory=US&articleVerticalHandle=computing&count=15&site=techradar Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 185.113.25.61 , United Kingdom, ASN20596 (FUTURE, GB), Reverse DNS vif02.web.future.net.uk Software / Resource Hash 79e6785bbadbdec55609df0e05058f28d2b62ebdb4aa195e483f5b6062fa83f2 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 01 Oct 2020 00:35:04 GMT Content-Encoding gzip Xkey techradar-article, techradar-article-latest, techradar-article-api-77bf4f4d54-hcn76 Age 740 Transfer-Encoding chunked X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend van-prod X-Backend default X-FTR-Cache-Status HIT X-FTR-Balancer apiproxyprodred X-FTR-Request-ID 00000000:E7A0_00000000:01BB_5F752438_4069A60:4121 X-Served-By cache-api-79cb4f9fbc-q4qz7 Vary Accept-Encoding, Origin Content-Type application/json; charset=utf-8 X-FTR-Backend-Server http.van-prod Cache-Control public,max-age=900 Access-Control-Allow-Origin https://www.techradar.com Expires Thu, 1 Oct 2020 00:37:44 UTC
GET H/1.1	200 OK	missing-image.svg vanilla.futurecdn.net/techradar/media/img/	3 KB 3 KB	38ms 37ms	Image image/svg+xml	67.27.235.252 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://vanilla.futurecdn.net/techradar/media/img/missing-image.svg Requested by Host: www.techradar.com URL: https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 67.27.235.252 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software Footprint Distributor V6.1.1162 / Resource Hash 131423a5b0117aa6fddbde39abed88048b2ee6a147ade1fbf040b551614ab2d2 Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 02 Sep 2020 09:00:42 GMT Age 2475263 X-FTR-Backend-Server ftefrontprodred.core.future.net.uk X-FTR-DC IX X-FTR-Realm pip X-FTR-Backend www-live-sites Connection keep-alive Content-Length 2667 X-FTR-Balancer webproxyprodred X-FTR-Request-ID 00000000:EA16_00000000:0050_5F4F5F3A_4DD600E:7F21 Last-Modified Thu, 27 Aug 2020 11:24:33 GMT Server Footprint Distributor V6.1.1162 ETag "5f4797f1-a6b" access-control-allow-methods GET Content-Type image/svg+xml access-control-allow-origin * Cache-Control max-age=2592000 access-control-allow-credentials true Accept-Ranges bytes access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Expires Mon, 19 Oct 2020 19:38:14 GMT
GET H3-Q050	200	analytics.js Show response www.google-analytics.com/	45 KB 18 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:821::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: vanilla.futurecdn.net URL: https://vanilla.futurecdn.net/techradar/210198/media/shared/js/app.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 09 Sep 2020 01:50:37 GMT server Golfe2 age 4766 date Wed, 30 Sep 2020 23:15:39 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18650 expires Thu, 01 Oct 2020 01:15:39 GMT
GET H3-Q050	200	collect www.google-analytics.com/	35 B 62 B	6ms 6ms	Image image/gif	2a00:1450:4001:821::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j86&a=684749612&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.techradar.com%2Fnews%2Fryuk-ransomware-targets-big-businesses&ul=en-us&de=UTF-8&dt=Ryuk%20ransomware%20targets%20big%20businesses%20%7C%20TechRadar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Performance%20Metrics&ea=TTI&el=2282&ev=2282&_u=6GDAgEABBAQCAG~&jid=&gjid=&cid=1336910999.1601512501&tid=UA-48894329-1&_gid=1901145817.1601512501&cd57=null&cd40=Ransomware&cd41=Ryuk%7CRansom%7CMalware%7CFireEye%7CCybercrime&cd42=FireEye&cd43=CrowdStrike%7CBoeing&cd45=Ransomware&cd46=Internet&cd47=Ryuk_ransomware_targets_big_businesses&cd50=5&cd51=false&cd58=Internet&cd74=&cd13=false&cd10=US&cd5=YjcwHPQ73QStChanQRUkmd&cm1=7090&cm29=376&z=279622386 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.techradar.com/news/ryuk-ransomware-targets-big-businesses User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 30 Sep 2020 14:28:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 36402 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT