www.csoonline.com Open in urlscan Pro
151.101.130.165 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Submission Tags: falconsandbox
Submission: On August 14 via api (August 14th 2024, 5:00:42 am UTC) from US — Scanned from US

Summary HTTP 293 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 82 IPs in 3 countries across 51 domains to perform 293 HTTP transactions. The main IP is 151.101.130.165, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.csoonline.com. The Cisco Umbrella rank of the primary domain is 294234.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q4 on January 3rd 2024. Valid for: a year.

This is the only time www.csoonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	151.101.130.165 151.101.130.165	54113 (FASTLY) (FASTLY)
1	95.217.4.138 95.217.4.138	24940 (HETZNER-AS) (HETZNER-AS)
3	2606:4700:10:... 2606:4700:10::6816:28db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.238.58.225 18.238.58.225	16509 (AMAZON-02) (AMAZON-02)
5	2600:1408:c40... 2600:1408:c400:29::17da:da49	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2607:f8b0:400... 2607:f8b0:400d:c03::8a	15169 (GOOGLE) (GOOGLE)
2	2600:1408:c40... 2600:1408:c400:29::17da:da44	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4004:c21::61	15169 (GOOGLE) (GOOGLE)
10	108.138.106.103 108.138.106.103	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4004:c17::6a	15169 (GOOGLE) (GOOGLE)
2	44.215.116.28 44.215.116.28	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1408:c40... 2600:1408:c400:9::17cd:6986	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.167.56.102 3.167.56.102	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:45bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	34.195.18.232 34.195.18.232	14618 (AMAZON-AES) (AMAZON-AES)
3	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	188.40.115.112 188.40.115.112	24940 (HETZNER-AS) (HETZNER-AS)
2	142.251.163.106 142.251.163.106	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::8b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0e::71	15169 (GOOGLE) (GOOGLE)
1	23.212.249.74 23.212.249.74	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	172.217.197.154 172.217.197.154	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1e20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.84.191.112 99.84.191.112	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:220... 2600:9000:2209:9c00:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:1408:c40... 2600:1408:c400:5::17c7:3719	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.40.157 146.75.40.157	54113 (FASTLY) (FASTLY)
3	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
2	18.238.4.35 18.238.4.35	16509 (AMAZON-02) (AMAZON-02)
3	44.198.21.138 44.198.21.138	14618 (AMAZON-AES) (AMAZON-AES)
2	18.164.96.105 18.164.96.105	16509 (AMAZON-02) (AMAZON-02)
1	142.251.163.97 142.251.163.97	15169 (GOOGLE) (GOOGLE)
1	35.174.91.202 35.174.91.202	14618 (AMAZON-AES) (AMAZON-AES)
2	54.245.213.2 54.245.213.2	16509 (AMAZON-02) (AMAZON-02)
2	35.166.134.118 35.166.134.118	16509 (AMAZON-02) (AMAZON-02)
4	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	38.75.194.109 38.75.194.109	394005 (DEN-AS) (DEN-AS)
2	34.224.230.83 34.224.230.83	14618 (AMAZON-AES) (AMAZON-AES)
3	108.138.115.149 108.138.115.149	16509 (AMAZON-02) (AMAZON-02)
5	20.40.202.2 20.40.202.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:1408:c40... 2600:1408:c400:9::17cd:69b0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	173.194.68.157 173.194.68.157	15169 (GOOGLE) (GOOGLE)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
2 8	68.67.181.211 68.67.181.211	29990 (ASN-APPNEX) (ASN-APPNEX)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
1	172.253.62.154 172.253.62.154	15169 (GOOGLE) (GOOGLE)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
4	172.253.63.113 172.253.63.113	15169 (GOOGLE) (GOOGLE)
2	72.21.81.130 72.21.81.130	15133 (EDGECAST) (EDGECAST)
18	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
34	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.36.224.135 52.36.224.135	16509 (AMAZON-02) (AMAZON-02)
2	204.236.230.97 204.236.230.97	14618 (AMAZON-AES) (AMAZON-AES)
3	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	172.217.197.155 172.217.197.155	15169 (GOOGLE) (GOOGLE)
1	108.138.106.59 108.138.106.59	16509 (AMAZON-02) (AMAZON-02)
2	108.138.127.64 108.138.127.64	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:400d:c07::5f	15169 (GOOGLE) (GOOGLE)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:400d:c0e::84	15169 (GOOGLE) (GOOGLE)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
4	3.216.221.176 3.216.221.176	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:400d:c00::9c	15169 (GOOGLE) (GOOGLE)
5	142.251.174.155 142.251.174.155	15169 (GOOGLE) (GOOGLE)
1	209.85.232.156 209.85.232.156	15169 (GOOGLE) (GOOGLE)
7	23.62.165.161 23.62.165.161	16625 (AKAMAI-AS) (AKAMAI-AS)
7	23.212.251.11 23.212.251.11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:400d:c01::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c07::95	15169 (GOOGLE) (GOOGLE)
4	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
1	192.0.66.19 192.0.66.19	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2600:9000:25c... 2600:9000:25c8:1e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.90.135.135 3.90.135.135	14618 (AMAZON-AES) (AMAZON-AES)
15	2600:1f18:1ac... 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919	14618 (AMAZON-AES) (AMAZON-AES)
293	82

34 151.101.130.165 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.csoonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.4.138 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.138.4.217.95.clients.your-server.de

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:28db (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.subscribers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.58.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-58-225.jfk52.r.cloudfront.net

z-na.associates-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1408:c400:29::17da:da49 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c03::8a (Morganton, United States)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:c400:29::17da:da44 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c21::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 108.138.106.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-103.jfk50.r.cloudfront.net

cmpv2.csoonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::6a (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.215.116.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-116-28.compute-1.amazonaws.com

assoc-na.associates-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:9::17cd:6986 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

functions.adnami.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.167.56.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-56-102.iad61.r.cloudfront.net

w.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:45bf (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.195.18.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-18-232.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.40.115.112 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.112.115.40.188.clients.your-server.de

tt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.106 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::8b (Washington, United States)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0e::71 (Morganton, United States)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.249.74 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-249-74.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.197.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f154.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1e20 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.191.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-112.iad89.r.cloudfront.net

cdn.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2209:9c00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:5::17c7:3719 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.40.157 (Seattle, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.238.4.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-35.phl51.r.cloudfront.net

distribution-cdn.askmiso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.198.21.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-21-138.compute-1.amazonaws.com

mau.idgesg.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.96.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-105.jfk50.r.cloudfront.net

t1.csoonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.174.91.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-91-202.compute-1.amazonaws.com

intent.csoonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.245.213.2 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-245-213-2.us-west-2.compute.amazonaws.com

twin-iq.kickfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.166.134.118 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-134-118.us-west-2.compute.amazonaws.com

api.kickfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.75.194.109 (Greenwood Village, United States)

ASN394005 (DEN-AS, US)

amd.sellingsimplified.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.224.230.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-230-83.compute-1.amazonaws.com

tribl.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.115.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-115-149.jfk50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.40.202.2 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

collector.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:9::17cd:69b0 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

macro.adnami.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.68.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f157.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

f5b3be27-f789-4ef1-8867-37c67da5b361.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 68.67.181.211 (North Bergen, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.63.113 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f113.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.81.130 (United States)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.36.224.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-224-135.us-west-2.compute.amazonaws.com

postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.236.230.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-204-236-230-97.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.197.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f155.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-59.jfk50.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.127.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-127-64.jfk50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c07::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

psb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0e::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

7be0a8f11b852a586f893d2a3e92860a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.216.221.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-221-176.compute-1.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c00::9c (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.174.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f155.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.232.156 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f156.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.62.165.161 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-165-161.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.212.251.11 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-251-11.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c01::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c07::95 (Morganton, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.66.19 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

b2b-contenthub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:25c8:1e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.90.135.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-90-135-135.compute-1.amazonaws.com

l.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	csoonline.com www.csoonline.com — Cisco Umbrella Rank: 294234 cmpv2.csoonline.com — Cisco Umbrella Rank: 987816 t1.csoonline.com intent.csoonline.com	653 KB
34	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	21 KB
23	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 1139 static.adsafeprotected.com — Cisco Umbrella Rank: 1040 dt.adsafeprotected.com — Cisco Umbrella Rank: 974	125 KB
18	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1356	2 KB
12	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 363 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 1000	223 KB
11	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1198 psb.taboola.com — Cisco Umbrella Rank: 9372 trc.taboola.com — Cisco Umbrella Rank: 1123 pips.taboola.com — Cisco Umbrella Rank: 2305 cds.taboola.com — Cisco Umbrella Rank: 2605 trc-events.taboola.com — Cisco Umbrella Rank: 3272	34 KB
10	google.com cse.google.com — Cisco Umbrella Rank: 5849 www.google.com — Cisco Umbrella Rank: 10 clients1.google.com — Cisco Umbrella Rank: 693 ampcid.google.com — Cisco Umbrella Rank: 4317	167 KB
8	googlesyndication.com 7be0a8f11b852a586f893d2a3e92860a.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 tpc.googlesyndication.com — Cisco Umbrella Rank: 203	77 KB
8	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 383 secure.adnxs.com — Cisco Umbrella Rank: 764	8 KB
7	evidon.com c.evidon.com — Cisco Umbrella Rank: 2906	18 KB
7	moatads.com z.moatads.com — Cisco Umbrella Rank: 1247 px.moatads.com — Cisco Umbrella Rank: 1015	118 KB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669 www.linkedin.com — Cisco Umbrella Rank: 914 px4.ads.linkedin.com — Cisco Umbrella Rank: 7330	5 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	22 KB
7	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 3983 collector.brandmetrics.com — Cisco Umbrella Rank: 4257	23 KB
7	typekit.net use.typekit.net — Cisco Umbrella Rank: 1178 p.typekit.net — Cisco Umbrella Rank: 1499	179 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 394 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 999 aax.amazon-adsystem.com — Cisco Umbrella Rank: 501	84 KB
6	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 4688	10 KB
4	kickfire.com twin-iq.kickfire.com — Cisco Umbrella Rank: 75325 api.kickfire.com — Cisco Umbrella Rank: 193385	2 KB
3	permutive.com api.permutive.com — Cisco Umbrella Rank: 3370	810 B
3	postrelease.com postrelease.com — Cisco Umbrella Rank: 1375 jadserve.postrelease.com — Cisco Umbrella Rank: 1508	2 KB
3	idgesg.net mau.idgesg.net — Cisco Umbrella Rank: 197689	99 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	76 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	319 KB
3	associates-amazon.com z-na.associates-amazon.com — Cisco Umbrella Rank: 20343 assoc-na.associates-amazon.com — Cisco Umbrella Rank: 21843	11 KB
3	subscribers.com cdn.subscribers.com — Cisco Umbrella Rank: 75246	48 KB
2	gstatic.com fonts.gstatic.com	37 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 353	32 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
2	t.co t.co — Cisco Umbrella Rank: 979	626 B
2	reddit.com pixel-config.reddit.com — Cisco Umbrella Rank: 3241 alb.reddit.com — Cisco Umbrella Rank: 1969	761 B
2	tribl.io tribl.io — Cisco Umbrella Rank: 108341	8 KB
2	askmiso.com distribution-cdn.askmiso.com — Cisco Umbrella Rank: 237962	127 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1561	13 KB
2	adnami.io functions.adnami.io — Cisco Umbrella Rank: 20307 macro.adnami.io — Cisco Umbrella Rank: 14661	28 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 4519 pixel.wp.com — Cisco Umbrella Rank: 4225	3 KB
2	onthe.io cdn.onthe.io — Cisco Umbrella Rank: 37187 tt.onthe.io — Cisco Umbrella Rank: 30049	17 KB
1	betrad.com l.betrad.com — Cisco Umbrella Rank: 10461	121 B
1	b2b-contenthub.com b2b-contenthub.com	14 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 449	11 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	7 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 505	149 B
1	prmutv.co f5b3be27-f789-4ef1-8867-37c67da5b361.prmutv.co — Cisco Umbrella Rank: 298044	384 B
1	sellingsimplified.net amd.sellingsimplified.net — Cisco Umbrella Rank: 225429	4 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1253	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	14 KB
1	jwplayer.com cdn.jwplayer.com — Cisco Umbrella Rank: 3714	45 KB
1	blueconic.net cdn.blueconic.net — Cisco Umbrella Rank: 21513 idg.blueconic.net Failed	41 KB
1	permutive.app cdn.permutive.app — Cisco Umbrella Rank: 7840	165 KB
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 5974	179 KB
1	soundcloud.com w.soundcloud.com — Cisco Umbrella Rank: 37132	4 KB
0	intellitxt.com Failed k.intellitxt.com Failed
293	51

	Domain	Requested by
34	www.facebook.com	www.csoonline.com
34	www.csoonline.com	www.csoonline.com
18	analytics.twitter.com	www.csoonline.com
15	dt.adsafeprotected.com	www.csoonline.com
10	cmpv2.csoonline.com	www.csoonline.com cmpv2.csoonline.com
9	securepubads.g.doubleclick.net	www.csoonline.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
7	c.evidon.com	www.csoonline.com c.evidon.com
7	secure.adnxs.com	2 redirects www.csoonline.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.csoonline.com
6	px.moatads.com	www.csoonline.com
6	tags.srv.stackadapt.com	www.csoonline.com tags.srv.stackadapt.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	px.ads.linkedin.com	3 redirects snap.licdn.com
5	collector.brandmetrics.com	cdn.brandmetrics.com www.csoonline.com
5	www.google.com	cse.google.com www.google.com www.csoonline.com
5	use.typekit.net	www.csoonline.com use.typekit.net
4	static.adsafeprotected.com	pixel.adsafeprotected.com www.csoonline.com
4	trc-events.taboola.com	cdn.taboola.com
4	pixel.adsafeprotected.com	www.csoonline.com
3	api.permutive.com	cdn.permutive.app
3	c.amazon-adsystem.com	www.csoonline.com c.amazon-adsystem.com
3	cdn.taboola.com	www.csoonline.com cdn.taboola.com
3	mau.idgesg.net	www.csoonline.com mau.idgesg.net
3	connect.facebook.net	www.csoonline.com connect.facebook.net
3	www.googletagmanager.com	www.csoonline.com www.googletagmanager.com
3	cse.google.com	www.csoonline.com www.google.com
3	cdn.subscribers.com	www.csoonline.com cdn.subscribers.com
2	fonts.gstatic.com	fonts.googleapis.com
2	tpc.googlesyndication.com	www.csoonline.com tpc.googlesyndication.com
2	www.googletagservices.com	securepubads.g.doubleclick.net www.googletagservices.com
2	fonts.googleapis.com	cdn.jsdelivr.net client
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	jadserve.postrelease.com	s.ntv.io www.csoonline.com
2	t.co	www.csoonline.com
2	tribl.io	www.googletagmanager.com www.csoonline.com
2	api.kickfire.com	www.csoonline.com
2	twin-iq.kickfire.com	www.googletagmanager.com www.csoonline.com
2	t1.csoonline.com	www.csoonline.com t1.csoonline.com
2	distribution-cdn.askmiso.com	www.googletagmanager.com distribution-cdn.askmiso.com
2	www.redditstatic.com	www.csoonline.com www.redditstatic.com
2	cdn.brandmetrics.com	www.csoonline.com cdn.brandmetrics.com
2	assoc-na.associates-amazon.com	z-na.associates-amazon.com
2	p.typekit.net	www.csoonline.com use.typekit.net
1	l.betrad.com	www.csoonline.com
1	b2b-contenthub.com	www.csoonline.com
1	s0.2mdn.net	securepubads.g.doubleclick.net
1	z.moatads.com	www.csoonline.com
1	googleads4.g.doubleclick.net	www.csoonline.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	7be0a8f11b852a586f893d2a3e92860a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	trc.taboola.com	cdn.taboola.com
1	psb.taboola.com	cdn.taboola.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	cdn.jsdelivr.net	distribution-cdn.askmiso.com
1	postrelease.com	s.ntv.io
1	match.adsrvr.org	www.csoonline.com
1	cm.g.doubleclick.net	www.csoonline.com
1	alb.reddit.com	www.csoonline.com
1	pixel-config.reddit.com	www.redditstatic.com
1	ib.adnxs.com	cdn.permutive.app
1	f5b3be27-f789-4ef1-8867-37c67da5b361.prmutv.co	cdn.permutive.app
1	px4.ads.linkedin.com	www.csoonline.com
1	www.linkedin.com	1 redirects
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	macro.adnami.io	functions.adnami.io
1	amd.sellingsimplified.net	www.csoonline.com
1	intent.csoonline.com	www.csoonline.com
1	static.ads-twitter.com	www.csoonline.com
1	snap.licdn.com	www.csoonline.com
1	cdn.jwplayer.com	www.csoonline.com
1	cdn.blueconic.net	www.csoonline.com
1	cdn.permutive.app	www.csoonline.com
1	s.ntv.io	www.csoonline.com
1	ampcid.google.com	www.google-analytics.com
1	clients1.google.com	www.csoonline.com
1	tt.onthe.io	cdn.onthe.io
1	w.soundcloud.com	www.googletagmanager.com
1	functions.adnami.io	www.csoonline.com
1	pixel.wp.com	www.csoonline.com
1	stats.wp.com	www.csoonline.com
1	z-na.associates-amazon.com	www.csoonline.com
1	cdn.onthe.io	www.csoonline.com
0	idg.blueconic.net Failed	cdn.blueconic.net
0	k.intellitxt.com Failed	www.csoonline.com
293	85

This site contains links to these domains. Also see Links.

Domain
us.resources.csoonline.com
foundryco.com
www.cio.com
www.computerworld.com
www.infoworld.com
www.networkworld.com
www.linkedin.com
twitter.com
www.facebook.com
subscribers.com

Subject Issuer	Validity	Valid
*.cfoworld.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2024-01-03` - `2025-02-03`	a year	crt.sh
*.onthe.io Sectigo ECC Domain Validation Secure Server CA	`2024-05-07` - `2025-06-07`	a year	crt.sh
cdn.subscribers.com WE1	`2024-07-22` - `2024-10-20`	3 months	crt.sh
assoc-na.associates-amazon.com Amazon RSA 2048 M01	`2024-03-16` - `2025-03-13`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cmp2.channelpartner.de R11	`2024-08-05` - `2024-11-03`	3 months	crt.sh
www.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
functions.adnami.io R11	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.soundcloud.com GlobalSign GCC R3 DV TLS CA 2020	`2024-02-06` - `2025-03-09`	a year	crt.sh
brandmetrics.com WE1	`2024-06-27` - `2024-09-25`	3 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M03	`2024-08-09` - `2025-09-06`	a year	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2024-07-31` - `2025-07-31`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2024-03-05` - `2024-12-31`	10 months	crt.sh
*.blueconic.net Amazon RSA 2048 M02	`2024-05-08` - `2025-06-06`	a year	crt.sh
jwplayer.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-23` - `2024-08-21`	3 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-23` - `2024-11-18`	6 months	crt.sh
*.askmiso.com Amazon RSA 2048 M02	`2023-12-10` - `2025-01-07`	a year	crt.sh
idgesg.net Amazon RSA 2048 M01	`2023-09-20` - `2024-10-18`	a year	crt.sh
*.csoonline.com Amazon RSA 2048 M03	`2024-02-27` - `2025-03-28`	a year	crt.sh
intent.csoonline.com R11	`2024-07-29` - `2024-10-27`	3 months	crt.sh
twin-iq.kickfire.com Amazon RSA 2048 M02	`2023-11-28` - `2024-12-26`	a year	crt.sh
api.kickfire.com Amazon RSA 2048 M02	`2024-03-01` - `2025-03-30`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
amd.sellingsimplified.net Go Daddy Secure Certificate Authority - G2	`2024-06-09` - `2025-07-11`	a year	crt.sh
tribl.io R11	`2024-08-13` - `2024-11-11`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.brandmetrics.com Go Daddy Secure Certificate Authority - G2	`2024-05-13` - `2025-06-11`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
*.prmutv.co R3	`2024-05-23` - `2024-08-21`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-05-30` - `2024-11-26`	6 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-09` - `2024-11-07`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M03	`2024-07-31` - `2025-08-30`	a year	crt.sh
api.permutive.com R10	`2024-06-13` - `2024-09-11`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M03	`2024-02-28` - `2025-03-28`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
betrad.com R11	`2024-06-11` - `2024-09-09`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
b2b-contenthub.com E6	`2024-07-02` - `2024-09-30`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2024-04-25` - `2025-05-24`	a year	crt.sh
*.betrad.com Amazon RSA 2048 M03	`2024-03-13` - `2025-04-11`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M03	`2024-04-25` - `2025-05-23`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Frame ID: 7E998E453BDADC2321B752745622DFB9
Requests: 256 HTTP requests in this frame

Frame: https://postrelease.com/iframes/topics.html
Frame ID: B804BE4A16BA94B2C3E256E87DBF12FA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 9F035A9382051109A85F4F5590FD9020
Requests: 1 HTTP requests in this frame

Frame: https://t1.csoonline.com/a/ts_.htm?ver=1.1501.57&cid=c074
Frame ID: 43263244D866FF943F32994B69CAE4AD
Requests: 1 HTTP requests in this frame

Frame: https://7be0a8f11b852a586f893d2a3e92860a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0DF647B86597E31BBC999364A8DD98B9
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=8879&campId=640x480&pubId=4693602887&chanId=23054726541&placementId=6758863169&pubCreative=138452266315&pubOrder=3263717969&cb=630969462&custom=gpt-overlay&custom2=csoonline.com&adsafe_par&impId=
Frame ID: 9B880ECEB25CE91CBB441D28164EDFE2
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssimDelg31FtTAGvV6uEv2YN2BgfjDFQDzE_JcKDE6UAdcQ_WjLrasm8He3p2iX0xLPyZXfCNSn3TYuNnR5u6Ramu6BPNwQQz5oEj0wXujTQhki801K_lfl46PMFoxmWZAq3wHhR7zJrrbnQ9RR6YVtuMt21tf5VXL4R_G0TftLYu8MDwpaUEXwyDHi-valOhNRmoot-W3j8_3Zto2JOU0uK9Qa5JEN0UPL9Lg2XFmTTbdpiPSbd0kCRCLVG2rPXOrvAa8YPIgZzhN3nS-ztBqqaS_8ptjeBCnBkYUVXONGkQUVUXu6AU6Vu37Ybr_3WOWccO2-gTvlqRu8nPf-7ISKBFkHQ6i2I5F1fRuEwhPjEf1BmogEXBmTee_O&sai=AMfl-YTOzYOdFXi5w-SiQNVXOqn3hA3G7akAanXoP4Cp2JKMIo_hR6QF-0iJyvCuzaqQdAgxaE2pMVKgkd2ohF-a7l3LZGaGr6XG27Pwb0XoGUQlFBVXcgBQewpY5iYePQ&sig=Cg0ArKJSzMRDdVk3vbEbEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 4DC8496D0EC0B0D5358C5D2BEBAB9A51
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=8879&campId=728x90&pubId=4679177913&chanId=23054726541&placementId=6711811571&pubCreative=138481858096&pubOrder=3541950915&cb=1943043318&custom=ATF1&custom2=csoonline.com&adsafe_par&impId=
Frame ID: F80FF826FFCB8061C5FAA01B9C3B886B
Requests: 2 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdM-TFCiTKW-MRX7ZdLmXplPZRkiiNCuplbPKIkPj48qelT2eRJ6f9IjedFrh29ixOUe0lvVyR1ejR1BYVh2fjPcF5IIimQn0hs0H7KfAJ2VF8XinSd1FtlJ6UaN9XcmdUnyrFytDgQirPl4lcaUEnyQGydZoxYxBXFo4hCktXR5vmAsqaCqdjJKe7kST-SnHXmQNqqWWgQAvB4PZ1D0jxUR_LW1poP_zS0gKvyoo_6HdARk1jmRUa57c1r56DODvXwOLTXbZpja352UOpX6Pj9nIHeIzoiWJpeuz0ToQ2O3b6CyzRnKLElpRPICyBfqVAQCQqJGd_LxoKBW4GUkbbFixuR3phnNpOyYwa1nSMkhdaLkJn4bMPd1Li4khkGlzckh-bRNWFqKTrRlupnjwiAzwkD5rvsvG-tnU5aU4xGI2QwEWC5xfsLweT_yQhSn__bVDFsApnUKQZreQrG7c5sUXt0smW8TNUDFCtyBYP&sai=AMfl-YRCOEb0SQM_S9H0TbXxRVkiuTnSfN2xgIF0PmOnUUEwG553humla1_JBtb9eS-8jEi9--hWLoFMO83V0IsMeBRJbVTOyw7Es3zEVb76ifyBeB_4AAy2p1xqaKIlsUU&sig=Cg0ArKJSzOGXT4rDnb-PEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=
Frame ID: 1A4BEF9ED0A0C25E6DB72BE1655E0657
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 855A610A53B20CF6C9ABBD5BF497409A
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: 5CCE342C7CF7A529663510F52084B8F8
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: E373D7428DD2F7AD9CEFBDAB0460C5BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found | CSO Online

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crownpeak (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

c\.evidon\.com

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

293
Requests

95 %
HTTPS

35 %
IPv6

51
Domains

85
Subdomains

82
IPs

3
Countries

3092 kB
Transfer

10192 kB
Size

74
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://us.resources.csoonline.com/
Title: Resources

Search URL Search Domain Scan URL

URL: https://foundryco.com/our-brands/cso/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://foundryco.com/work-here/
Title: Foundry Careers

Search URL Search Domain Scan URL

URL: https://foundryco.com/terms-of-service-agreement/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.cio.com/
Title: CIO

Search URL Search Domain Scan URL

URL: https://www.computerworld.com/
Title: Computerworld

Search URL Search Domain Scan URL

URL: https://www.infoworld.com/
Title: InfoWorld

Search URL Search Domain Scan URL

URL: https://www.networkworld.com/
Title: Network World

Search URL Search Domain Scan URL

URL: https://www.networkworld.com/article/3486075/nist-finally-settles-on-quantum-safe-crypto-standards.html
Title: news NIST finally settles on quantum-safe crypto standards By Maria Korolov Aug 13, 20247 mins Encryption

Search URL Search Domain Scan URL

URL: https://foundryco.com/copyright-notice/
Title: Copyright Notice

Search URL Search Domain Scan URL

URL: https://foundryco.com/
Title: .b{fill:#fff;}

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/csoonline
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/CSOonline
Title: X

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CSOonline
Title: Facebook

Search URL Search Domain Scan URL

URL: https://subscribers.com/?utm_source=subscribers-permission-prompt
Title: subscribers

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1950162%2C929234&time=1723611633030&url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1950162%2C929234&time=1723611633030&url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1950162%252C929234%26time%3D1723611633030%26url%3Dhttps%253A%252F%252Fwww.csoonline.com%252Farticle%252F3597298%252Frevil-ransomware-explained-a-widespread-extortionoperation.html%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1950162%2C929234&time=1723611633030&url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1950162%2C929234&time=1723611633030&url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&cookiesTest=true&liSync=true&e_ipv6=AQLuB7NHKzquhwAAAZFPQlnU4InIZRnvI1Peiu4DS9qsFCz3Y1jzoPDXpsMb6XXSTDwfug

Request Chain 164

https://secure.adnxs.com/seg?add=33269982&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D33269982%26t%3D1

Request Chain 165

https://secure.adnxs.com/seg?add=35653612&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35653612%26t%3D1

293 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request revil-ransomware-explained-a-widespread-extortionoperation.html Show response
www.csoonline.com/article/3597298/ 124 KB
30 KB 841ms
361ms Document
text/html 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

31a0b7926bee63405598e19dc811e5b44946f7a086cdb30c3edda887a6673c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: private, no-store
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 14 Aug 2024 05:00:30 GMT
host-header: a9130478a60e5f9135f765b23f26593b
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=300
via: 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
x-client-httphost: www.csoonline.com
x-client-ip: 162.245.206.249
x-client-region: ?
x-cont: NA
x-frame-options: deny
x-geo: US
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-rq: bur6 123 243 443
x-served-by: cache-bur-kbur8200071-BUR
x-timer: S1723611630.794822,VS0,VE300
x-url: /article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
x-vcl-version: 92
x-via-fastly: Verdad

GET
H2 200 style.min.css
www.csoonline.com/wp-includes/css/dist/block-library/ 108 KB
14 KB 71ms
64ms Stylesheet
text/css 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.5

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-includes/css/dist/block-library/style.min.css?ver=6.4.5
x-client-httphost: www.csoonline.com
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 243 443
last-modified: Thu, 25 Jul 2024 16:57:37 GMT
server: nginx
x-timer: S1723611630.353195,VS0,VE4
etag: W/"66a28401-1ae43"
vary: Accept-Encoding
content-type: text/css
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 mediaelementplayer-legacy.min.css
www.csoonline.com/wp-includes/js/mediaelement/ 11 KB
3 KB 70ms
63ms Stylesheet
text/css 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
x-client-httphost: www.csoonline.com
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 243 443
last-modified: Thu, 25 Jul 2024 16:57:38 GMT
server: nginx
x-timer: S1723611630.353742,VS0,VE4
etag: W/"66a28402-2bf8"
vary: Accept-Encoding
content-type: text/css
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 wp-mediaelement.min.css
www.csoonline.com/wp-includes/js/mediaelement/ 4 KB
2 KB 92ms
86ms Stylesheet
text/css 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.4.5

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.4.5
x-client-httphost: www.csoonline.com
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 242 443
last-modified: Thu, 25 Jul 2024 16:57:38 GMT
server: nginx
x-timer: S1723611630.353477,VS0,VE5
etag: W/"66a28402-105a"
vary: Accept-Encoding
content-type: text/css
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 related-posts-block-styles.min.css
www.csoonline.com/wp-content/mu-plugins/search/elasticpress/dist/css/ 222 B
432 B 69ms
63ms Stylesheet
text/css 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/wp-content/mu-plugins/search/elasticpress/dist/css/related-posts-block-styles.min.css?ver=4.2.2

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/mu-plugins/search/elasticpress/dist/css/related-posts-block-styles.min.css?ver=4.2.2
x-client-httphost: www.csoonline.com
content-length: 222
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 243 443
last-modified: Tue, 23 Jul 2024 20:39:27 GMT
server: nginx
x-timer: S1723611630.353598,VS0,VE3
etag: "66a014ff-de"
content-type: text/css
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 main.css
www.csoonline.com/wp-content/client-mu-plugins/idg-editions/dist/styles/ 4 KB
1 KB 133ms
127ms Stylesheet
text/css 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/wp-content/client-mu-plugins/idg-editions/dist/styles/main.css?ver=0.1.0

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a8c6af3d0b942dc691bed5b471dd29da8c2a6cdbedf1e66577416a8f9e29c1d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/client-mu-plugins/idg-editions/dist/styles/main.css?ver=0.1.0
x-client-httphost: www.csoonline.com
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 243 443
last-modified: Tue, 13 Aug 2024 05:11:51 GMT
server: nginx
x-timer: S1723611630.353791,VS0,VE5
etag: W/"66baeb17-10a5"
vary: Accept-Encoding
content-type: text/css
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 index.css
www.csoonline.com/wp-content/client-mu-plugins/idg-third-party/dist/styles/ 3 KB
1 KB 131ms
125ms Stylesheet
text/css 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/wp-content/client-mu-plugins/idg-third-party/dist/styles/index.css?ver=1723525911

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

9ba28ff6eb9e485dd0daa798db849dbc76032a7bd25ecd769568c67e152d5233

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/client-mu-plugins/idg-third-party/dist/styles/index.css?ver=1723525911
x-client-httphost: www.csoonline.com
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 243 443
last-modified: Tue, 13 Aug 2024 05:11:51 GMT
server: nginx
x-timer: S1723611630.353808,VS0,VE5
etag: W/"66baeb17-ccb"
vary: Accept-Encoding
content-type: text/css
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 jwplayer.css
www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/styles/ 3 KB
1 KB 79ms
73ms Stylesheet
text/css 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/styles/jwplayer.css?ver=1723525911

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

18fd5dbc5db6f89e20452b891e00c02b88e54d567aee83467cab7ab4b5afba6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/themes/idg-b2b-base-theme/dist/styles/jwplayer.css?ver=1723525911
x-client-httphost: www.csoonline.com
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 242 443
last-modified: Tue, 13 Aug 2024 05:11:51 GMT
server: nginx
x-timer: S1723611630.353886,VS0,VE4
etag: W/"66baeb17-c58"
vary: Accept-Encoding
content-type: text/css
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 shared.css
www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/styles/ 4 KB
2 KB 77ms
71ms Stylesheet
text/css 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/styles/shared.css?ver=1723525911

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0f22a381d8acc6ad097c218e3febd07160c53b203f72ff46c6ee2eb6f15413ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/themes/idg-b2b-base-theme/dist/styles/shared.css?ver=1723525911
x-client-httphost: www.csoonline.com
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 242 443
last-modified: Tue, 13 Aug 2024 05:11:51 GMT
server: nginx
x-timer: S1723611630.354115,VS0,VE4
etag: W/"66baeb17-117f"
vary: Accept-Encoding
content-type: text/css
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 bundle.css
www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/styles/ 527 KB
46 KB 80ms
75ms Stylesheet
text/css 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/styles/bundle.css?ver=1723525911

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6a966b28efc1df14f92bb63c8e0728e8328e6ec3358c162c9c7c6ee13b69fbe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/themes/idg-b2b-base-theme/dist/styles/bundle.css?ver=1723525911
x-client-httphost: www.csoonline.com
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 242 443
last-modified: Tue, 13 Aug 2024 05:11:51 GMT
server: nginx
x-timer: S1723611630.353914,VS0,VE4
etag: W/"66baeb17-83b92"
vary: Accept-Encoding
content-type: text/css
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 amp.css
www.csoonline.com/wp-content/themes/cso-b2b-child-theme/dist/styles/ 94 KB
10 KB 133ms
127ms Stylesheet
text/css 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/wp-content/themes/cso-b2b-child-theme/dist/styles/amp.css?ver=1723525911

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

25302437cb6a5fdfed895161f357e2c8b9a97b3ccf3dde2ae5f7dad6afcd8801

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/themes/cso-b2b-child-theme/dist/styles/amp.css?ver=1723525911
x-client-httphost: www.csoonline.com
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 242 443
last-modified: Tue, 13 Aug 2024 05:11:51 GMT
server: nginx
x-timer: S1723611630.354689,VS0,VE5
etag: W/"66baeb17-177a1"
vary: Accept-Encoding
content-type: text/css
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 jetpack.css
www.csoonline.com/wp-content/mu-plugins/jetpack-12.8/css/ 98 KB
18 KB 152ms
147ms Stylesheet
text/css 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/wp-content/mu-plugins/jetpack-12.8/css/jetpack.css?ver=12.8.1

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

277fb30e91af19162de1bd98e6364ee78f0677257c118fd46d0255b83eeadd55

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/mu-plugins/jetpack-12.8/css/jetpack.css?ver=12.8.1
x-client-httphost: www.csoonline.com
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 243 443
last-modified: Tue, 06 Aug 2024 17:44:01 GMT
server: nginx
x-timer: S1723611630.415208,VS0,VE4
etag: W/"66b260e1-18958"
vary: Accept-Encoding
content-type: text/css
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 / Show response
www.csoonline.com/_static/ 131 KB
42 KB 147ms
142ms Script
application/javascript 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/_static/??-eJzTLy/QzcxLzilNSS3WzyrWT8ksLtEvS81LyS/SB0oV5OdUpmXm5ADVpBaV6OVm5ullFevo49FUlJqeClSbWJJfpFtUmleSmZtKjDYku/Aqz8jPzy6GqrDPtTU0NzK0NDIzM7XIAgApNEoy

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

dc6dacff9a56a6947dcf1eea394b6bbb7c4da52d6febaa470487a37450c41fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /_static/??-eJzTLy/QzcxLzilNSS3WzyrWT8ksLtEvS81LyS/SB0oV5OdUpmXm5ADVpBaV6OVm5ullFevo49FUlJqeClSbWJJfpFtUmleSmZtKjDYku/Aqz8jPzy6GqrDPtTU0NzK0NDIzM7XIAgApNEoy
x-client-httphost: www.csoonline.com
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 242 443
last-modified: Thu, 25 Jul 2024 16:57:38 GMT
server: nginx
x-timer: S1723611630.415497,VS0,VE4
vary: Accept-Encoding
content-type: application/javascript
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 i18n.min.js Show response
www.csoonline.com/wp-includes/js/dist/ 9 KB
4 KB 165ms
160ms Script
application/javascript 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
x-client-httphost: www.csoonline.com
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 243 443
last-modified: Thu, 25 Jul 2024 16:57:38 GMT
server: nginx
x-timer: S1723611630.415185,VS0,VE5
etag: W/"66a28402-24e5"
vary: Accept-Encoding
content-type: application/javascript
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 editions-front.js Show response
www.csoonline.com/wp-content/client-mu-plugins/idg-editions/dist/scripts/ 38 KB
14 KB 137ms
133ms Script
application/javascript 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/wp-content/client-mu-plugins/idg-editions/dist/scripts/editions-front.js?m=1723525911g

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c3ff6f3942ebb4beb42fceb6b50bead346a7c678f79f7f658ddb894de8b90d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/client-mu-plugins/idg-editions/dist/scripts/editions-front.js?m=1723525911g
x-client-httphost: www.csoonline.com
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 243 443
last-modified: Tue, 13 Aug 2024 05:11:51 GMT
server: nginx
x-timer: S1723611630.414899,VS0,VE4
etag: W/"66baeb17-992c"
vary: Accept-Encoding
content-type: application/javascript
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 index.js Show response
www.csoonline.com/wp-content/client-mu-plugins/idg-third-party/dist/scripts/ 119 KB
39 KB 158ms
154ms Script
application/javascript 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/wp-content/client-mu-plugins/idg-third-party/dist/scripts/index.js?ver=1723525911

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0fff1027e4e8022d21ded13079ac79ecc53b9ef9bc508f5dc065b4cf277965b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/client-mu-plugins/idg-third-party/dist/scripts/index.js?ver=1723525911
x-client-httphost: www.csoonline.com
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 243 443
last-modified: Tue, 13 Aug 2024 05:11:51 GMT
server: nginx
x-timer: S1723611630.414885,VS0,VE5
etag: W/"66baeb17-1dbde"
vary: Accept-Encoding
content-type: application/javascript
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 / Show response
www.csoonline.com/_static/ 74 KB
26 KB 165ms
161ms Script
application/javascript 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/_static/??-eJydzEEKhDAMAMAPbTZUEfEgvqU2RVNqDUlE/P36hj3NbfAWSGfz3BxT5Rc4LpB6bdwMmTbwnZVAovqDxOZoSVncsNxS45P1W+yD/zeieWWCSPZGyzGHseuHbphCKD9oKTnZ

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ab4fc03f8a6d608726673657b3b1aed10be00a333dbf84a1c8ae90ed70324620

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /_static/??-eJydzEEKhDAMAMAPbTZUEfEgvqU2RVNqDUlE/P36hj3NbfAWSGfz3BxT5Rc4LpB6bdwMmTbwnZVAovqDxOZoSVncsNxS45P1W+yD/zeieWWCSPZGyzGHseuHbphCKD9oKTnZ
x-client-httphost: www.csoonline.com
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 243 443
last-modified: Tue, 13 Aug 2024 05:11:51 GMT
server: nginx
x-timer: S1723611630.414867,VS0,VE5
vary: Accept-Encoding
content-type: application/javascript
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H/1.1 200
OK q5tUUoVcbkVv Show response
cdn.onthe.io/io.js/ 53 KB
17 KB 1111ms
484ms Script
text/javascript 95.217.4.138
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/q5tUUoVcbkVv?ver=1
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.217.4.138 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.138.4.217.95.clients.your-server.de
Software: nginx /
Resource Hash: e1ff8415a2a53b488133a562b2c5a9bab790c498801f46144d790563adf36092

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 14 Aug 2024 05:00:31 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Apr 2024 16:26:06 GMT
Server: nginx
ETag: W/"66156c1e-d26e"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Thu, 15 Aug 2024 05:00:31 GMT

GET
H2 200 / Show response
www.csoonline.com/_static/ 111 KB
38 KB 205ms
201ms Script
application/javascript 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/_static/??-eJx9jMEKAjEMRH/IbGhlEQ/it2zbsKY03bVJWfx7i3jwJAw8GN4MHjtwjaUnUswjz07t9cUkXKesJ/wngfDaFqNfOW7VqBrag2RMOK0QfICwKMGnw8RqqLHxboqxq20C0ouxUqFo4+guN3fx59nPV+fyG9JXPZA=

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e618149b0e2c5ad6df67fea6bd5a15ffb80bb83002e47571d7c2704285f3051e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /_static/??-eJx9jMEKAjEMRH/IbGhlEQ/it2zbsKY03bVJWfx7i3jwJAw8GN4MHjtwjaUnUswjz07t9cUkXKesJ/wngfDaFqNfOW7VqBrag2RMOK0QfICwKMGnw8RqqLHxboqxq20C0ouxUqFo4+guN3fx59nPV+fyG9JXPZA=
x-client-httphost: www.csoonline.com
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 243 443
last-modified: Tue, 13 Aug 2024 05:11:51 GMT
server: nginx
x-timer: S1723611630.414912,VS0,VE5
vary: Accept-Encoding
content-type: application/javascript
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 3486418-0-13221500-1723590004-clint-patterson-jCY4oEMA3o-unsplash.jpg
www.csoonline.com/wp-content/uploads/2024/08/ 4 KB
4 KB 143ms
140ms Image
image/webp 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.csoonline.com/wp-content/uploads/2024/08/3486418-0-13221500-1723590004-clint-patterson-jCY4oEMA3o-unsplash.jpg?quality=50&strip=all&w=333

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

fd6ac821aefa3d47f2e5d9084efff5d433387c9812f8cec0fe65a8e0da55bf13

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/uploads/2024/08/3486418-0-13221500-1723590004-clint-patterson-jCY4oEMA3o-unsplash.jpg?quality=50&strip=all&w=333
x-client-httphost: www.csoonline.com
content-length: 3638
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 115 120 443
last-modified: Tue, 13 Aug 2024 23:07:23 GMT
server: nginx
x-timer: S1723611630.414861,VS0,VE4
etag: "a075e078fdb5fe8b"
vary: Accept
content-type: image/webp
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes, bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 3486403-0-63057700-1723585335-quantum-computing-digital-communication-network-security-100938358-orig-100961447-orig.jpg
www.csoonline.com/wp-content/uploads/2024/08/ 18 KB
19 KB 189ms
186ms Image
image/webp 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.csoonline.com/wp-content/uploads/2024/08/3486403-0-63057700-1723585335-quantum-computing-digital-communication-network-security-100938358-orig-100961447-orig.jpg?quality=50&strip=all&w=375

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d53616d4e93a2202ae24f11a0fbffbe15782706ab58dba0deecfae5ad39e6b43

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/uploads/2024/08/3486403-0-63057700-1723585335-quantum-computing-digital-communication-network-security-100938358-orig-100961447-orig.jpg?quality=50&strip=all&w=375
x-client-httphost: www.csoonline.com
content-length: 18810
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 118 52 443
last-modified: Tue, 13 Aug 2024 21:43:31 GMT
server: nginx
x-timer: S1723611630.415728,VS0,VE4
etag: "cc6e786bf9b04a1f"
vary: Accept
content-type: image/webp
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes, bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 3486354-0-49938100-1723581225-msoffice365-100943688-orig.jpg
www.csoonline.com/wp-content/uploads/2024/08/ 7 KB
7 KB 67ms
64ms Image
image/webp 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.csoonline.com/wp-content/uploads/2024/08/3486354-0-49938100-1723581225-msoffice365-100943688-orig.jpg?quality=50&strip=all&w=444

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3120dff3a59edb79a0757d795cbb6c63908ce1baa603251d0b5af3299f15d2b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/uploads/2024/08/3486354-0-49938100-1723581225-msoffice365-100943688-orig.jpg?quality=50&strip=all&w=444
x-client-httphost: www.csoonline.com
content-length: 7452
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 115 147 443
last-modified: Tue, 13 Aug 2024 20:36:40 GMT
server: nginx
x-timer: S1723611631.510822,VS0,VE4
etag: "07441827676b8f78"
vary: Accept
content-type: image/webp
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes, bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 0-17938700-1723054243-bryan-thumb-16x9-1.jpg
www.csoonline.com/wp-content/uploads/2024/08/ 5 KB
5 KB 70ms
67ms Image
image/webp 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.csoonline.com/wp-content/uploads/2024/08/0-17938700-1723054243-bryan-thumb-16x9-1.jpg?quality=50&strip=all&w=444

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

19d23b13c156bd1ae475a1a7684fd895573c3293708914c59660bfd5db0484b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/uploads/2024/08/0-17938700-1723054243-bryan-thumb-16x9-1.jpg?quality=50&strip=all&w=444
x-client-httphost: www.csoonline.com
content-length: 4996
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 118 43 443
last-modified: Wed, 07 Aug 2024 18:12:08 GMT
server: nginx
x-timer: S1723611631.559403,VS0,VE4
etag: "ac4465d98815a2fa"
vary: Accept
content-type: image/webp
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes, bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 0-24154400-1721221590-CSO_ExecSessions_India_Susil-Meher.jpg
www.csoonline.com/wp-content/uploads/2024/07/ 6 KB
6 KB 66ms
66ms Image
image/webp 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.csoonline.com/wp-content/uploads/2024/07/0-24154400-1721221590-CSO_ExecSessions_India_Susil-Meher.jpg?quality=50&strip=all&w=444

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b9ed0efd07c05855708c9574f64d0ace6410e6c3536c2db61a2c53876fcc2db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/uploads/2024/07/0-24154400-1721221590-CSO_ExecSessions_India_Susil-Meher.jpg?quality=50&strip=all&w=444
x-client-httphost: www.csoonline.com
content-length: 5654
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 115 120 443
last-modified: Wed, 17 Jul 2024 13:12:03 GMT
server: nginx
x-timer: S1723611631.579784,VS0,VE4
etag: "709f74e502f16a27"
vary: Accept
content-type: image/webp
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes, bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 CSO_ExecSessions_India_Charanjit-Bhatia-1-1.jpg
www.csoonline.com/wp-content/uploads/2024/07/ 5 KB
6 KB 70ms
66ms Image
image/webp 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.csoonline.com/wp-content/uploads/2024/07/CSO_ExecSessions_India_Charanjit-Bhatia-1-1.jpg?quality=50&strip=all&w=444

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

eeadd821011c441007a316210ed7fc8716f642292d90f0d29afd1e5fa9239de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:31 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/uploads/2024/07/CSO_ExecSessions_India_Charanjit-Bhatia-1-1.jpg?quality=50&strip=all&w=444
x-client-httphost: www.csoonline.com
content-length: 5554
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 118 54 443
last-modified: Mon, 08 Jul 2024 18:56:39 GMT
server: nginx
x-timer: S1723611631.272681,VS0,VE4
etag: "5b15597ed6d35106"
vary: Accept
content-type: image/webp
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes, bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 3484288-0-03595300-1723053072-bryan-thumb-16x9-1.jpg
www.csoonline.com/wp-content/uploads/2024/08/ 5 KB
5 KB 71ms
68ms Image
image/webp 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.csoonline.com/wp-content/uploads/2024/08/3484288-0-03595300-1723053072-bryan-thumb-16x9-1.jpg?quality=50&strip=all&w=444

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

19d23b13c156bd1ae475a1a7684fd895573c3293708914c59660bfd5db0484b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:31 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/uploads/2024/08/3484288-0-03595300-1723053072-bryan-thumb-16x9-1.jpg?quality=50&strip=all&w=444
x-client-httphost: www.csoonline.com
content-length: 4996
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 113 214 443
last-modified: Wed, 07 Aug 2024 17:52:43 GMT
server: nginx
x-timer: S1723611631.273113,VS0,VE4
etag: "3ba6c96a82619f07"
vary: Accept
content-type: image/webp
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes, bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 2518482-0-51861200-1721200652-CSO_ExecSessions_India_Susil-Meher.jpg
www.csoonline.com/wp-content/uploads/2024/07/ 6 KB
6 KB 81ms
78ms Image
image/webp 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.csoonline.com/wp-content/uploads/2024/07/2518482-0-51861200-1721200652-CSO_ExecSessions_India_Susil-Meher.jpg?quality=50&strip=all&w=444

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b9ed0efd07c05855708c9574f64d0ace6410e6c3536c2db61a2c53876fcc2db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:31 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/uploads/2024/07/2518482-0-51861200-1721200652-CSO_ExecSessions_India_Susil-Meher.jpg?quality=50&strip=all&w=444
x-client-httphost: www.csoonline.com
content-length: 5654
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 115 120 443
last-modified: Wed, 17 Jul 2024 07:33:27 GMT
server: nginx
x-timer: S1723611631.273013,VS0,VE14
etag: "f4495e1c966f3d63"
vary: Accept
content-type: image/webp
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes, bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 Slide4.png
www.csoonline.com/wp-content/uploads/2024/07/ 36 KB
36 KB 66ms
63ms Image
image/webp 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.csoonline.com/wp-content/uploads/2024/07/Slide4.png?w=444

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

24105f3b73dd52d66291cac6af9c863087cc1b5eff5c28cc3b1dac58ffb73ad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:31 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/uploads/2024/07/Slide4.png?w=444
x-client-httphost: www.csoonline.com
content-length: 36702
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 112 213 443
last-modified: Wed, 10 Jul 2024 22:07:22 GMT
server: nginx
x-timer: S1723611631.272984,VS0,VE1
etag: "7d45066d670d61d6"
vary: Accept
content-type: image/webp
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes, bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 subscribers.js Show response
cdn.subscribers.com/assets/ 64 KB
17 KB 378ms
75ms Script
text/javascript 2606:4700:10::6816:28db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.subscribers.com/assets/subscribers.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60d66834f47ff89a3bf2f0348af0472ea73f5ea22af9ae27699e0ff31e69be5f

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 17:28:53 GMT
server: cloudflare
x-amz-request-id: CVG6MRYQCT9M4P2D
age: 985
etag: W/"5cd4403fca84258d07a6a7f2f8df1323"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 8b2e61b558052aaf-LAX
x-amz-id-2: 8f2tupHgSOFMvxFOwj2Nm3I+RF1t3nxMwwu10C1p2p5BxzdgHPPySxhyMbbOZ9dlnKzcRLHDrVs=

GET
H2 200 v2 Show response
z-na.associates-amazon.com/onetag/ 10 KB
11 KB 569ms
163ms Script
text/javascript 18.238.58.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=10622f81-ee09-465f-830a-63c3cbbab39c

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.58.225 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-58-225.jfk52.r.cloudfront.net

Software

Server /

Resource Hash

3086a8e48451fbd8324f5d7a0449942eb34dec8bf31100703924a1af10096f4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:31 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
accept-charset: UTF-8
via: 1.1 30dd3884a4b369c2dc7ffa8271e1b512.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK52-P4
x-amz-rid: 0T4QPD0T15JFPX7MMDHP
vary: accept-encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-id: 8y18HcBJw46a9E3CgIKnDirhde_ovRVAgxoJHEbwZXgkzs8mQPZewQ==

GET
H2 200 uow1hrg.css
use.typekit.net/ 20 KB
2 KB 806ms
189ms Stylesheet
text/css 2600:1408:c400:29::17da:da49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/uow1hrg.css?ver=1.0.0

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:29::17da:da49 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

4ecd1c5f5fb5d43813a0bc0eb70d057f71c826a7d317d24cff93d3526f4be232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 14 Aug 2024 05:00:31 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1892

GET
H2 200 / Show response
www.csoonline.com/_static/ 185 KB
48 KB 64ms
64ms Script
application/javascript 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/_static/??-eJylkN0KwjAMRl/IWDYZ4oX4LOmPa2fXliab7u3tdjEUHIJeBT44J18i7glUDGwCC+VdGdAPkPzQukDC6RbYuqwhYeZJaEcsSGWXmMQ1L5wGmTHoFIlB+qhu+4524kXL1vSGhKIIspagrPMalvDdhx0+fEQNLbIpG4uQNlxzr9klkcwnlRyC9uZHeO3xT4NVYsZC/WoZMU+gUNmtW74+dYkKfOnP1bE+NHVzqqruCbBJuWY=

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cd51213fe0749584c2df9387b62cd15e7faa3e636ed9f109286614071a9af007

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:31 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /_static/??-eJylkN0KwjAMRl/IWDYZ4oX4LOmPa2fXliab7u3tdjEUHIJeBT44J18i7glUDGwCC+VdGdAPkPzQukDC6RbYuqwhYeZJaEcsSGWXmMQ1L5wGmTHoFIlB+qhu+4524kXL1vSGhKIIspagrPMalvDdhx0+fEQNLbIpG4uQNlxzr9klkcwnlRyC9uZHeO3xT4NVYsZC/WoZMU+gUNmtW74+dYkKfOnP1bE+NHVzqqruCbBJuWY=
x-client-httphost: www.csoonline.com
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 243 443
last-modified: Tue, 13 Aug 2024 05:11:51 GMT
server: nginx
x-timer: S1723611631.012878,VS0,VE4
vary: Accept-Encoding
content-type: application/javascript
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 e-202433.js Show response
stats.wp.com/ 7 KB
3 KB 185ms
60ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202433.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT bur
date: Wed, 14 Aug 2024 05:00:31 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14421-1717166113545.3977
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Mon, 11 Aug 2025 08:52:32 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 9 KB
4 KB 461ms
170ms Script
text/javascript 2607:f8b0:400d:c03::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=011881588825642368632%3Ab0mgdf4z90i&ver=1

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::8a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

78116b9ead56834acdb4c129fa76dfc672b8052109998aebf21ae0d9e657d2e1

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-a_JQDzWAzCDo89ZRW1qgDw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-a_JQDzWAzCDo89ZRW1qgDw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Wed, 14 Aug 2024 05:00:31 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
permissions-policy: unload=()
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3146
x-xss-protection: 0

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 697ms
118ms Stylesheet
text/css 2600:1408:c400:29::17da:da44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=uow1hrg&ht=tk&f=39110.39113.39114.39115.47008.47011.47013.47014.47015.47018.47021.47022.47026.46740.46741.46742.46743.46746.46747.46748.46749&a=113850475&app=typekit&e=css
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/wp-content/themes/cso-b2b-child-theme/dist/styles/amp.css?ver=1723525911
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://www.csoonline.com/wp-content/themes/cso-b2b-child-theme/dist/styles/amp.css?ver=1723525911
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:31 GMT
last-modified: Sun, 02 Jun 2024 13:17:35 GMT
server: nginx
etag: "665c70ef-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 550 KB
144 KB 503ms
251ms Script
application/javascript 2607:f8b0:4004:c21::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5JGZ3LH

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0559af344180ba06fa3f419a4d7a71554ef38f663f9d7a18542123a3be9ae59f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147171
x-xss-protection: 0
last-modified: Wed, 14 Aug 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Aug 2024 05:00:31 GMT

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
cmpv2.csoonline.com/unified/ 129 KB
39 KB 550ms
142ms Script
text/javascript 108.138.106.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmpv2.csoonline.com/unified/wrapperMessagingWithoutDetection.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/wp-content/client-mu-plugins/idg-third-party/dist/scripts/index.js?ver=1723525911
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-103.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb6ab1073cde3166b6000e29997f96d96645c9cba747ba4058dfd6bdd3de5600

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 04:14:20 GMT
content-encoding: gzip
via: 1.1 472c04481f2812a974e09db484cbbc3a.cloudfront.net (CloudFront)
last-modified: Thu, 01 Aug 2024 14:41:37 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 2772
x-amz-server-side-encryption: AES256
etag: W/"733d2b8eabf5d16a3959bf362390f403"
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: o6ucMrpLGLzsR0aE7ig-h9C5O31TMJ19qnPS8_E9hk6lxF60pR9bWg==

GET
H2 200 eedeabb0-9a59-4b6b-9df3-e55745819adf.json Show response
cdn.subscribers.com/config/ 3 KB
3 KB 357ms
232ms Fetch
text/json 2606:4700:10::6816:28db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.subscribers.com/config/eedeabb0-9a59-4b6b-9df3-e55745819adf.json
Requested by: Host: cdn.subscribers.com
URL: https://cdn.subscribers.com/assets/subscribers.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13c5dc69518578853308c5551bd700706021fee677e2fb6254929a9f858243f6

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:31 GMT
cf-cache-status: DYNAMIC
x-amz-request-id: EHMEEDMWAN8QH850
x-amz-server-side-encryption: AES256
content-length: 3099
x-amz-id-2: HcGHoCPFTtsWvUt3EB7msjWCuetecwt5Jjl/vgW8b52XosQf24B8rLxxdp77zc6qFdjov4gKmhk=
last-modified: Tue, 13 Aug 2024 23:08:21 GMT
server: cloudflare
etag: "e10c79a26e09cd9bf547867fe9bbd8ad"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/json
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 8b2e61b84e740920-LAX

GET
H2 200 Graphik-Medium.woff2
www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/static/assets/fonts/ 42 KB
42 KB 67ms
65ms Font
application/font-woff2 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/static/assets/fonts/Graphik-Medium.woff2

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/styles/bundle.css?ver=1723525911

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

db233498d5eb5569ba9e43afd74e98597fe8e624fa6bc0b8992b18cedab407c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/styles/bundle.css?ver=1723525911
Origin: https://www.csoonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:31 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/themes/idg-b2b-base-theme/dist/static/assets/fonts/Graphik-Medium.woff2
x-client-httphost: www.csoonline.com
content-length: 42872
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 243 443
last-modified: Tue, 13 Aug 2024 05:11:51 GMT
server: nginx
x-timer: S1723611631.350852,VS0,VE3
etag: "66baeb17-a778"
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=300, must-revalidate
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 l
use.typekit.net/af/91ceda/00000000000000007735e9a5/30/ 43 KB
43 KB 475ms
120ms Font
application/font-woff2 2600:1408:c400:29::17da:da49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/91ceda/00000000000000007735e9a5/30/l?fvd=n4&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/wp-content/themes/cso-b2b-child-theme/dist/styles/amp.css?ver=1723525911
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da49 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 009ab6dff28f8d6cf3605b954b0dfa2d90ef0c06506f9ed7fc5b40e60debf189

Request headers

Referer: https://www.csoonline.com/
Origin: https://www.csoonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:31 GMT
server: nginx
etag: "08c3f1f15391a763953a5166ea04f9151f37cf56"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 43928

GET
H2 200 Graphik-Regular.woff2
www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/static/assets/fonts/ 38 KB
38 KB 70ms
68ms Font
application/font-woff2 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/static/assets/fonts/Graphik-Regular.woff2

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/styles/bundle.css?ver=1723525911

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d2c07312d4c7017852deb89964d6e099a9b1d65ea072c1225920cad71fa5587a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/styles/bundle.css?ver=1723525911
Origin: https://www.csoonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:31 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/themes/idg-b2b-base-theme/dist/static/assets/fonts/Graphik-Regular.woff2
x-client-httphost: www.csoonline.com
content-length: 38840
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 242 443
last-modified: Tue, 13 Aug 2024 05:11:51 GMT
server: nginx
x-timer: S1723611631.350796,VS0,VE5
etag: "66baeb17-97b8"
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=300, must-revalidate
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 Graphik-Bold.woff2
www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/static/assets/fonts/ 41 KB
42 KB 71ms
69ms Font
application/font-woff2 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/static/assets/fonts/Graphik-Bold.woff2

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/styles/bundle.css?ver=1723525911

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4b4524482e7993bc17cb8ba14f4efa1020e52ca766a389e08aee28247e916edd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/styles/bundle.css?ver=1723525911
Origin: https://www.csoonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:31 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/themes/idg-b2b-base-theme/dist/static/assets/fonts/Graphik-Bold.woff2
x-client-httphost: www.csoonline.com
content-length: 42360
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 242 443
last-modified: Tue, 13 Aug 2024 05:11:51 GMT
server: nginx
x-timer: S1723611631.350739,VS0,VE4
etag: "66baeb17-a578"
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=300, must-revalidate
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 l
use.typekit.net/af/8b9d94/00000000000000007735e9b0/30/ 45 KB
45 KB 503ms
149ms Font
application/font-woff2 2600:1408:c400:29::17da:da49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8b9d94/00000000000000007735e9b0/30/l?fvd=i5&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/wp-content/themes/cso-b2b-child-theme/dist/styles/amp.css?ver=1723525911
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da49 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1db920068f62431d3d729e1617d7817bf5d4d0f69dd3b89a302892b7ca05f1d4

Request headers

Referer: https://www.csoonline.com/
Origin: https://www.csoonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:31 GMT
server: nginx
etag: "aeefd0891e84f39af23a5eeef5065e961802e8c1"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 45908

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 119ms
118ms Stylesheet
text/css 2600:1408:c400:29::17da:da44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=uow1hrg&ht=tk&f=139.175.39110.39113.39114.39115.44428.45080.47008.47011.47013.47014.47015.47018.47021.47022.47026.46740.46741.46742.46743.46746.46747.46748.46749.51602.52001&a=113850475&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uow1hrg.css?ver=1.0.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/uow1hrg.css?ver=1.0.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:31 GMT
last-modified: Sun, 02 Jun 2024 13:17:35 GMT
server: nginx
etag: "665c70ef-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 404 roboto.css
www.csoonline.com/wp-content/themes/cso-b2b-child-theme/src/static/fonts/ 0
0 132ms
131ms Stylesheet
text/html 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/wp-content/themes/cso-b2b-child-theme/src/static/fonts/roboto.css?ver=1.0.0

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:31 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: EXPIRED, MISS
x-url: /wp-content/themes/cso-b2b-child-theme/src/static/fonts/roboto.css?ver=1.0.0
x-client-httphost: www.csoonline.com
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 243 443
server: nginx
x-timer: S1723611632.577280,VS0,VE70
vary: Accept-Encoding
content-type: text/html
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 cse.js Show response
cse.google.com/ 9 KB
3 KB 157ms
157ms Script
text/javascript 2607:f8b0:400d:c03::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=f57cd0abce1a94bb4

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/_static/??-eJylkN0KwjAMRl/IWDYZ4oX4LOmPa2fXliab7u3tdjEUHIJeBT44J18i7glUDGwCC+VdGdAPkPzQukDC6RbYuqwhYeZJaEcsSGWXmMQ1L5wGmTHoFIlB+qhu+4524kXL1vSGhKIIspagrPMalvDdhx0+fEQNLbIpG4uQNlxzr9klkcwnlRyC9uZHeO3xT4NVYsZC/WoZMU+gUNmtW74+dYkKfOnP1bE+NHVzqqruCbBJuWY=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::8a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

52afd0cfdead7aa9f9eeac06993d1bb22a37017621d1921e320e2d0d0595117a

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-spaGQO-gI1FT5AuSHvZkfg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-spaGQO-gI1FT5AuSHvZkfg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Wed, 14 Aug 2024 05:00:31 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
permissions-policy: unload=()
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3083
x-xss-protection: 0

GET
H2 200 l
use.typekit.net/af/91ceda/00000000000000007735e9a5/30/ 43 KB
43 KB 339ms
258ms Font
application/font-woff2 2600:1408:c400:29::17da:da49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/91ceda/00000000000000007735e9a5/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uow1hrg.css?ver=1.0.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da49 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 009ab6dff28f8d6cf3605b954b0dfa2d90ef0c06506f9ed7fc5b40e60debf189

Request headers

Referer: https://use.typekit.net/uow1hrg.css?ver=1.0.0
Origin: https://www.csoonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:31 GMT
server: nginx
etag: "08c3f1f15391a763953a5166ea04f9151f37cf56"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 43928

GET
H2 200 l
use.typekit.net/af/8b9d94/00000000000000007735e9b0/30/ 45 KB
45 KB 444ms
362ms Font
application/font-woff2 2600:1408:c400:29::17da:da49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8b9d94/00000000000000007735e9b0/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/uow1hrg.css?ver=1.0.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da49 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1db920068f62431d3d729e1617d7817bf5d4d0f69dd3b89a302892b7ca05f1d4

Request headers

Referer: https://use.typekit.net/uow1hrg.css?ver=1.0.0
Origin: https://www.csoonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:31 GMT
server: nginx
etag: "aeefd0891e84f39af23a5eeef5065e961802e8c1"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 45908

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 61ms
61ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=223390986&post=0&tz=-4&srv=www.csoonline.com&hp=vip&j=1%3A12.8.1&host=www.csoonline.com&ref=&fcp=2089&rand=0.7548653771875291
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Aug 2024 05:00:31 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

POST
H2 200 admin-ajax.php Show response
www.csoonline.com/wp-admin/ 1 B
462 B 663ms
663ms XHR
text/html 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/wp-admin/admin-ajax.php

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 14 Aug 2024 05:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=300
via: 1.1 varnish
x-client-region: ?
x-cache: BYPASS, MISS
x-url: /wp-admin/admin-ajax.php
x-client-httphost: www.csoonline.com
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 243 443
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-timer: S1723611632.624811,VS0,VE601
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.csoonline.com
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: private, no-store
access-control-allow-credentials: true
x-vcl-version: 92
accept-ranges: bytes
x-robots-tag: noindex
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/8fa85d58e016b414/ 286 KB
94 KB 388ms
141ms Script
text/javascript 2607:f8b0:4004:c17::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8fa85d58e016b414/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=011881588825642368632%3Ab0mgdf4z90i&ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d480de66b420ea6afb356fe87de6fe62f5cbbd08662f077ff2edae95a2b900df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95840
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 21:33:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 14 Aug 2024 05:00:32 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/8fa85d58e016b414/ 41 KB
9 KB 370ms
124ms Stylesheet
text/css 2607:f8b0:4004:c17::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8fa85d58e016b414/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=011881588825642368632%3Ab0mgdf4z90i&ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9068
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 21:33:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 14 Aug 2024 05:00:32 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 367ms
121ms Stylesheet
text/css 2607:f8b0:4004:c17::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=011881588825642368632%3Ab0mgdf4z90i&ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 04:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 14 Aug 2024 05:28:32 GMT

GET
H/1.1 200
OK andoncord Show response
assoc-na.associates-amazon.com/onetag/ 16 B
413 B 419ms
127ms XHR
application/json 44.215.116.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://assoc-na.associates-amazon.com/onetag/andoncord

Requested by

Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=10622f81-ee09-465f-830a-63c3cbbab39c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

44.215.116.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-116-28.compute-1.amazonaws.com

Software

Server /

Resource Hash

c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 14 Aug 2024 05:00:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: E8JSTW5SWRDMRDM14T9T
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.csoonline.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 16

GET
H2 200 gdpr-tcf.da52e36b5e2f05c6aae3.bundle.js Show response
cmpv2.csoonline.com/unified/4.25.1/ 156 KB
24 KB 141ms
141ms Script
text/javascript 108.138.106.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmpv2.csoonline.com/unified/4.25.1/gdpr-tcf.da52e36b5e2f05c6aae3.bundle.js
Requested by: Host: cmpv2.csoonline.com
URL: https://cmpv2.csoonline.com/unified/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-103.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 924e5cdd56019f10cefe4b4a8b8f6ca2295efdde1f670ebf02a1001f063d6e7f

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 14:42:48 GMT
content-encoding: br
via: 1.1 472c04481f2812a974e09db484cbbc3a.cloudfront.net (CloudFront)
last-modified: Thu, 01 Aug 2024 14:16:34 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 1088264
etag: W/"bdb59e0d65d41ca36dfd737b94eac1d0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: X1s2a2nZaFlDAZLrHh75dv1QQXBSOk4Nl1noAIiQv76HE2k9d-vuSQ==

GET
H2 200 ccpa-gpp.af00fd0f8b35ba8574ce.bundle.js Show response
cmpv2.csoonline.com/unified/4.25.1/ 207 KB
24 KB 167ms
167ms Script
text/javascript 108.138.106.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmpv2.csoonline.com/unified/4.25.1/ccpa-gpp.af00fd0f8b35ba8574ce.bundle.js
Requested by: Host: cmpv2.csoonline.com
URL: https://cmpv2.csoonline.com/unified/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-103.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c2a8dd05b89df8e94d2dd48db7a9507dcb31fe218c247f38133d161b0cc928f

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 14:42:48 GMT
content-encoding: br
via: 1.1 472c04481f2812a974e09db484cbbc3a.cloudfront.net (CloudFront)
last-modified: Thu, 01 Aug 2024 14:16:34 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 1088264
etag: W/"c21103610db0faddef1af02bfe80e067"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: Iwc25IyEWpEZ9HcbBt_mlaTnqKg5HjOSwlGkensOmRJEgSjyxxb3LA==

GET
H2 200 get_site_data Show response
cmpv2.csoonline.com/mms/v2/ 199 B
612 B 384ms
134ms XHR
application/javascript 108.138.106.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmpv2.csoonline.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fwww.csoonline.com&account_id=146

Requested by

Host: cmpv2.csoonline.com
URL: https://cmpv2.csoonline.com/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-103.jfk50.r.cloudfront.net

Software

Resource Hash

f83677ef94ed0c7452a718281fc3a6c55b3699c47f2998a18dfaf34b4341450e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:00:38 GMT
strict-transport-security: max-age=15552000; includeSubdomains
x-sp-mms-node: ip-10-128-22-89
via: 1.1 0667564db9d2ec4ceec667e46b842a9c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 25194
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=3600, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-id: Zy8egY1ueiWtU-h1_nPeB4BeXBPavGepqhatoPaup_Dvjh4OdkvGqg==

GET
H2 200 adsm.macro.csoonline.com.js Show response
functions.adnami.io/api/macro/ 37 KB
6 KB 679ms
123ms Script
text/javascript 2600:1408:c400:9::17cd:6986
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://functions.adnami.io/api/macro/adsm.macro.csoonline.com.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:9::17cd:6986 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 88607fc4d92c1708adfe6ef872c15f5d9184bf693c4b9232d39e051d290c51bd

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type: text/javascript
date: Wed, 14 Aug 2024 05:00:32 GMT
content-encoding: br
cache-control: max-age=7640
content-length: 6212
request-context: appId=cid-v1:facaa1ec-d085-46dd-8784-a70b3579a97b

GET
H2 200 api.js Show response
w.soundcloud.com/player/ 5 KB
4 KB 472ms
125ms Script
application/javascript 3.167.56.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://w.soundcloud.com/player/api.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JGZ3LH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.56.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-56-102.iad61.r.cloudfront.net

Software

am/2 /

Resource Hash

0d812ad43eed509018404d80594b433beb6f9a844fd03def78441510b3ff73e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 04:56:48 GMT
via: sssr, 1.1 9912c0b0e949eb6b044901ccc3691212.cloudfront.net (CloudFront)
content-encoding: gzip
strict-transport-security: max-age=63072000
x-amz-cf-pop: IAD61-P5
age: 224
x-cache: Hit from cloudfront
p3p: policyref="https://w.soundcloud.com/player/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV TAI PSAo PSDo OUR STP CNT"
last-modified: Thu, 18 Jul 2024 13:20:52 GMT
server: am/2
etag: W/"15a5-190c600af20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=300
accept-ranges: bytes
x-amz-cf-id: 2wC7GjHCF4oIZLWzTHDcRw2DIfro9blLSCPeYta5y-TQUq9_4VZ2Dg==

GET
H2 200 foundry.js Show response
cdn.brandmetrics.com/tag/204b11895d4d4bcda0a6cefefc2b747d/ 5 KB
3 KB 383ms
74ms Script
text/javascript 2606:4700:20::ac43:45bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/204b11895d4d4bcda0a6cefefc2b747d/foundry.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8703d745c2580d5e8baf121512c0281ff8043f47a20ee0e4a556bd090f2ff0e6

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:32 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 14 Aug 2024 04:10:35 GMT
server: cloudflare
age: 2997
cf-polished: origSize=5783
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TXMEFt6dr31ycEN3nVGkpZZNfjFC9T5r%2BQniedjr7pXKz5B%2ByPhgy4hcXCtz2XUxPvGpkQRBdOthENcXQDMvtMKWwqzamKAmzSJ1bY0P7l0LCkyl%2BrDv%2FbAbftlFl%2F1UWvqQtKydrFquwmjAeGAwJAtm"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8b2e61bf49db7e7d-LAX
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 22 KB
7 KB 462ms
121ms Script
text/javascript 34.195.18.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.18.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-18-232.compute-1.amazonaws.com
Software: /
Resource Hash: 31ff9881a9008c4ae2acdeb67ef3616ca2847ebbaee590e6b4a928415f283365

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Aug 2024 05:00:32 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
93 KB 141ms
141ms Script
application/javascript 2607:f8b0:4004:c21::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LKE46QM5TV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JGZ3LH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f90c146189dd9b5e61d74536278feb715571536340d10ef65938daef2befae99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95032
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 14 Aug 2024 05:00:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 193ms
61ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JGZ3LH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Aug 2024 03:49:31 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4261
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 14 Aug 2024 05:49:31 GMT

GET
H/1.1 200
OK onetag Show response
assoc-na.associates-amazon.com/ 64 B
461 B 128ms
127ms XHR
application/json 44.215.116.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://assoc-na.associates-amazon.com/onetag?src=330&pj=%7B%22tracking_id%22%3A%22httpwwwidgcsm-20%22%2C%22assocPayloadId%22%3Anull%2C%22refUrl%22%3A%22https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html%22%7D&u=https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Requested by

Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=10622f81-ee09-465f-830a-63c3cbbab39c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

44.215.116.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-116-28.compute-1.amazonaws.com

Software

Server /

Resource Hash

5c132fcc7d8bf4465c60dd3b4413fc47486ba40bf81068befb59bad409f3ab5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 14 Aug 2024 05:00:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZPB64GDVDNAN0QCSNDE5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.csoonline.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 64

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 707ms
212ms XHR
text/javascript 188.40.115.112
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=45619:pageviews[url:%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html,domain:www.csoonline.com,page:Page%20not%20found%20%7C%20CSO%20Online,page_type:default,language:en_US,user_agent:Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36,device:desktop,browser_version:Chrome%20127,browser:Chrome,depth:1,user_type:new,user_id:d050e9690.041db8748_1723611632293,session_id:f39d2a4fa.2f6761b1c_1723611632294,cdn_version:0]&s=e6c52998dde65cff59c4133ff8a79bd8&1723611632299
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/q5tUUoVcbkVv?ver=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 188.40.115.112 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.112.115.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Aug 2024 05:00:32 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 meta-data Show response
cmpv2.csoonline.com/wrapper/v2/ 326 B
863 B 135ms
135ms XHR
application/json 108.138.106.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmpv2.csoonline.com/wrapper/v2/meta-data?hasCsp=true&accountId=146&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%2C%22ccpa%22%3A%7B%7D%7D&propertyId=3918&scriptVersion=4.25.1&scriptType=unified

Requested by

Host: cmpv2.csoonline.com
URL: https://cmpv2.csoonline.com/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-103.jfk50.r.cloudfront.net

Software

/ Express

Resource Hash

fbb69351794f4b0836227ee1e8fdf18b9b1ed700307a95d61164735807cc9739

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 04:18:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 0667564db9d2ec4ceec667e46b842a9c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 2518
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 326
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: 5pMplLWGu3NBYzA_Se6Pkk_ZWKZjbcUgyhJxQFJQvPvgc659KaeLnA==

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 148 KB
54 KB 125ms
124ms Script
text/javascript 2607:f8b0:400d:c03::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/8fa85d58e016b414/cse_element__en.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::8a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c31e74b40a67c8df6c779ed84636191ccd1cf4aac7d2a080e253686e0ba2e1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "802501097421552330"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://syndicatedsearch.goog>; rel="preconnect"
expires: Wed, 14 Aug 2024 05:00:32 GMT

GET
DATA 200
OK truncated
/ 605 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 025eddb1415c25e598cf63efb88c9c3376335d5bf32138a9241ed173d48dfff7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 522 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3d583691f96265c8d028f960b8256790133844901f66a5bdd469917560d94c7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 126ms
125ms Image
image/png 142.251.163.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/8fa85d58e016b414/default+en.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f106.1e100.net

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/cse/static/element/8fa85d58e016b414/default+en.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 01:33:48 GMT
x-content-type-options: nosniff
age: 530804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 08 Aug 2025 01:33:48 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
117 B 427ms
121ms Image
text/plain 2607:f8b0:4004:c17::8b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 messages Show response
cmpv2.csoonline.com/wrapper/v2/ 1 KB
1 KB 148ms
148ms XHR
application/json 108.138.106.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmpv2.csoonline.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A146%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%22type%22%3A%22CCPA%22%7D%7D%2C%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%22type%22%3A%22GDPR%22%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcmpv2.csoonline.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.csoonline.com%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Atrue%7D%2C%22gdpr%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=4545770394545770393883&scriptVersion=4.25.1&scriptType=unified

Requested by

Host: cmpv2.csoonline.com
URL: https://cmpv2.csoonline.com/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-103.jfk50.r.cloudfront.net

Software

/ Express

Resource Hash

85df5b07597cb2f42c492aa6f5c5e5960637e813ee0945e21996fdaacbf29262

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 0667564db9d2ec4ceec667e46b842a9c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=0, s-maxage=1200
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: 4czLMyr2LpOFljByA419AThxQvH2NByy_j-Mv-1kID_oVkfbaXZSVA==

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 89ms
86ms Fetch
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LKE46QM5TV&gtm=45je48c0v886852374z8839094799za200zb839094799&_p=1723611631206&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1248777135.1723611632&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723611632&sct=1&seg=0&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&dt=Page%20not%20found%20%7C%20CSO%20Online&tfd=3214
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LKE46QM5TV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.csoonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 3 B
369 B 555ms
289ms XHR
application/json 2607:f8b0:400d:c0e::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Aug 2024 05:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.csoonline.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 61ms
61ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 04:45:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 14 Aug 2024 05:45:47 GMT

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 59 KB
19 KB 74ms
73ms Script
text/javascript 2606:4700:20::ac43:45bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=859f1054-306e-4cf1-ba1e-f830aaa45fea&toploc=www.csoonline.com
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/204b11895d4d4bcda0a6cefefc2b747d/foundry.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 953661ea90e1148eb13f8a0de43aa38cf2c90e76152522d81e624546fafdae1a

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:32 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 14 Aug 2024 04:09:59 GMT
server: cloudflare
age: 3033
cf-polished: origSize=62126
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H7yH6eJFxan6vVhWUdI6NZIEycgETlGy4akWN8rEebw7fUg6sBN%2BhKMkOqg%2By0lLfTCyp97Ro0IC2ooIQBzrySB0AaR3MsnuClF7kKYQ7Vvnrg2xb2apoEGeJmJRtvYg9U%2BZxnY%2FS89GdY9PE83rX50G"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8b2e61c01ab27e7d-LAX
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 570 KB
179 KB 558ms
133ms Script
application/x-javascript 23.212.249.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/wp-content/client-mu-plugins/idg-third-party/dist/scripts/index.js?ver=1723525911
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.249.74 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-249-74.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 108aeec86aa00a09dfaca605f722e937d64c9e51d82a64509cc3b9b9dbbf7a84

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 14 Aug 2024 05:00:33 GMT
Content-Encoding: gzip
x-amz-request-id: C740QH8Z799103XA
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: YcDnP4IvUnCgK+P0T3J3Po7rW2zNGY6FblugAOuHbVXEm20amshMF/DiRrD+LJAQQwei2yahj98=
Last-Modified: Wed, 17 Jul 2024 17:15:04 GMT
Server: AmazonS3
ETag: "2fa2284ed5b3839e70519382fdad876f"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
32 KB 394ms
143ms Script
text/javascript 172.217.197.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/wp-content/client-mu-plugins/idg-third-party/dist/scripts/index.js?ver=1723525911

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f154.1e100.net

Software

cafe /

Resource Hash

155ee5ee00189a528f75ee241b8a1346d260b6f82d2999b6dce02ea926d53345

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32531
x-xss-protection: 0
pragma: no-cache
server: cafe
etag: 488 / 19949 / m202408080101 / config-hash: 1342855959641898508
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 apstag_library.js Show response
www.csoonline.com/wp-content/client-mu-plugins/idg-third-party/dist/scripts/ 2 KB
1 KB 68ms
65ms Script
application/javascript 151.101.130.165
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.csoonline.com/wp-content/client-mu-plugins/idg-third-party/dist/scripts/apstag_library.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/wp-content/client-mu-plugins/idg-third-party/dist/scripts/index.js?ver=1723525911

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.165 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36614fa35d15dafd350bae1fc00b39127cbf79e3847bb1cb3f881157676934b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:32 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=300
x-client-region: ?
x-cache: HIT, MISS
x-url: /wp-content/client-mu-plugins/idg-third-party/dist/scripts/apstag_library.js
x-client-httphost: www.csoonline.com
x-via-fastly: Verdad
x-served-by: cache-bur-kbur8200071-BUR
x-client-ip: 162.245.206.249
x-rq: bur6 123 242 443
last-modified: Tue, 13 Aug 2024 05:11:51 GMT
server: nginx
x-timer: S1723611633.662495,VS0,VE5
etag: W/"66baeb17-636"
vary: Accept-Encoding
content-type: application/javascript
x-client-backend: 6wBYgRT5Klg8odfTBI4CaA--F_wporigin
cache-control: max-age=31536000
x-vcl-version: 92
accept-ranges: bytes
x-geo: US
x-cont: NA
x-cache-hits: 0

GET
H2 200 f5b3be27-f789-4ef1-8867-37c67da5b361-web.js Show response
cdn.permutive.app/ 761 KB
165 KB 288ms
89ms Script
application/javascript 2606:4700::6812:1e20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.app/f5b3be27-f789-4ef1-8867-37c67da5b361-web.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/wp-content/client-mu-plugins/idg-third-party/dist/scripts/index.js?ver=1723525911
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6118b2c42afec3c10e1a26b7556381fdd65d5dfbb45ffa28300bb4b10b3beb6

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:32 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: f5b3be27-f789-4ef1-8867-37c67da5b361
age: 0
x-guploader-uploadid: AHxI1nMjxZRp9oWpuNLg4FLEhL4WXSM3lDhC8_BVLpS9qmhqtvkO8O6eGFxAzfU0Fg5isU_TF_Q
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
content-length: 168537
last-modified: Tue, 06 Aug 2024 11:51:13 GMT
server: cloudflare
etag: "e04e7c3044dd5e6cdd8a323244abfd48"
vary: Accept-Encoding
x-goog-generation: 1722945073572696
content-type: application/javascript
x-goog-hash: crc32c=+GKo+g==, md5=4E58METdXmzdijIyRKv9SA==
cache-control: public, max-age=900
x-goog-stored-content-length: 168537
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b2e61c169db2b73-LAX
expires: Wed, 14 Aug 2024 05:15:32 GMT

GET
H2 200 idg.js Show response
cdn.blueconic.net/ 134 KB
41 KB 429ms
138ms Script
text/javascript 99.84.191.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.blueconic.net/idg.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/wp-content/client-mu-plugins/idg-third-party/dist/scripts/index.js?ver=1723525911

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.191.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-191-112.iad89.r.cloudfront.net

Software

- /

Resource Hash

c881c116ceb12a029ec436a096541955612e5f5e1ae26fbec75311e17a4f5184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 04:53:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 8ba3a4becb51f8eb807e5e3697846e1a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: IAD89-C2
age: 439
x-cache: Hit from cloudfront
content-length: 41215
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jul 2023 08:36:04 GMT
server: -
etag: "218bc-60031fd650ad8-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=600, s-maxage=500
accept-ranges: none
x-robots-tag: noindex, nofollow
x-amz-cf-id: lbV7QlIfIXstGJBZkyenX9Am4sudGcwMUBD3VhcE_BYTSSmGNx4_Ag==

GET
H2 200 8yHZorDV.js Show response
cdn.jwplayer.com/libraries/ 122 KB
45 KB 496ms
151ms Script
text/javascript 2600:9000:2209:9c00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/libraries/8yHZorDV.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/_static/??-eJydzEEKhDAMAMAPbTZUEfEgvqU2RVNqDUlE/P36hj3NbfAWSGfz3BxT5Rc4LpB6bdwMmTbwnZVAovqDxOZoSVncsNxS45P1W+yD/zeieWWCSPZGyzGHseuHbphCKD9oKTnZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:9c00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 5533229fa476e5a112bf2f8a2bf1ca7b2d52d168d7e7906cbc2437dc852c3780

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 04:57:39 GMT
content-encoding: gzip
via: 1.1 11140291d542e546b40770525cf1e1b4.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: EWR53-P1
age: 174
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180
x-robots-tag: noindex, indexifembedded
content-length: 46173
x-amz-cf-id: hwC3D2s4fiB-8Hy5BVWapszXm1sD12NRmH58wnyLjksuToqQDFXU3w==

POST
H2 200 pv-data Show response
cmpv2.csoonline.com/wrapper/v2/ 194 B
733 B 239ms
238ms XHR
application/json 108.138.106.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmpv2.csoonline.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=4545770394545770393883&scriptVersion=4.25.1&scriptType=unified

Requested by

Host: cmpv2.csoonline.com
URL: https://cmpv2.csoonline.com/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-103.jfk50.r.cloudfront.net

Software

/ Express

Resource Hash

dedf27d0bf6152438b9ad966eca9fdcb0ce80a4b22a09c42d3aeda082130ad7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Aug 2024 05:00:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 0667564db9d2ec4ceec667e46b842a9c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.csoonline.com
x-cache: Miss from cloudfront
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length: 194
x-amz-cf-id: Zf7L3C781Pvtyd9I1xhRWn8LS54rTueYOSEtqJlPJK8y9mQ7uyz7Vw==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 374ms
121ms Script
application/javascript 2600:1408:c400:5::17c7:3719
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:5::17c7:3719 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2024 05:33:09 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=83664
accept-ranges: bytes
content-length: 14597

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 437ms
122ms Script
application/javascript 146.75.40.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.40.157 Seattle, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:33 GMT
content-encoding: gzip
last-modified: Thu, 04 Apr 2024 00:26:35 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kcgs7200164-IAD, cache-bfi-kbfi7400064-BFI

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 367ms
126ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Aug 2024 05:00:32 GMT
document-policy: force-load-at-top
x-fb-server-load: 24
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=117, rtx=0, c=12, mss=1297, tbw=2807, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: oWTCanheBqMfrXMAPc1fMLcPP1CNT/XLT1AdZuQ3swhvXfT6iGYnQEoziMNqQNfT+8JxalVx2NwdvOazeWp9Uw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
13 KB 280ms
62ms Script
application/javascript 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:33 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 20 Jun 2024 19:23:03 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 12116

GET
H2 200 miso-cso.min.js Show response
distribution-cdn.askmiso.com/miso-idg-b2b-answers-script/latest/ 5 KB
6 KB 478ms
135ms Script
application/javascript 18.238.4.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://distribution-cdn.askmiso.com/miso-idg-b2b-answers-script/latest/miso-cso.min.js?api_key=eZpMeDgLHVmpvjJuSoujrZQXp75QnleQy4sQn9oX
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JGZ3LH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-35.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e2b9ea7e8176250fd4e705e1d3a1de94001d5aaecbcc2fe850a1547a902e476

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: CgIfLUw72xSLsi6b5DaHo7AxVAFiDLBx
date: Tue, 13 Aug 2024 10:08:29 GMT
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
last-modified: Wed, 24 Jul 2024 02:56:51 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 67925
etag: "ab92323ee18e21526f9239411f968684"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
content-length: 5496
x-amz-cf-id: 5t8KN_PSsV7HXtjVBlJLUP1ydx03J8L8Bdd0-TdjFIwdRnhjnYCuhg==

GET
H2 200 mtc.js Show response
mau.idgesg.net/ 98 KB
98 KB 854ms
448ms Script
application/javascript 44.198.21.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mau.idgesg.net/mtc.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.198.21.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-198-21-138.compute-1.amazonaws.com
Software: nginx/1.22.1 / PHP/7.4.33
Resource Hash: d4cd80375caaade4a7c0b34f24f201bfbf728bc07cc862a90aeb638a8834e8f6

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Wed, 14 Aug 2024 05:00:33 GMT
date: Wed, 14 Aug 2024 05:00:33 GMT
cache-control: max-age=0, must-revalidate, private
server: nginx/1.22.1
x-powered-by: PHP/7.4.33
content-type: application/javascript

GET
H2 200 tcs.dhj Show response
t1.csoonline.com/1/e/ 2 KB
2 KB 1469ms
284ms Script
application/javascript 18.164.96.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://t1.csoonline.com/1/e/tcs.dhj?dmn=www.csoonline.com

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-105.jfk50.r.cloudfront.net

Software

Resource Hash

ed197774c72482d311311e9857e79692c48f3eebc02c4276c98aa1446e08b5d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3b0649a8bee506c1d7498462d39e6c44.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: private, max-age=3600
x-robots-tag: noindex, nofollow
content-length: 1465
x-amz-cf-id: BpzF_7SeSa76OSHEDPQ6tt4rxw2K9d2cPFW824SVCeLe6zrBvNisAQ==
expires: Wed, 14 Aug 2024 06:00:34 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 229 KB
82 KB 138ms
137ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-AW-965409852&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JGZ3LH

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

84ab7ed8eef712195366713d77c9b7ea321710c640b4b7e88f87a922098cb1d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84213
x-xss-protection: 0
last-modified: Wed, 14 Aug 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Aug 2024 05:00:32 GMT

GET
H/1.1 200
OK analytics.js Show response
intent.csoonline.com/ 5 KB
2 KB 744ms
118ms Script
application/javascript 35.174.91.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://intent.csoonline.com/analytics.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.174.91.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-91-202.compute-1.amazonaws.com
Software: nginx /
Resource Hash: fa36f064c117d56520b86c7e85e2a3a0d953140434ab45528bdaa014b782d394

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 14 Aug 2024 05:00:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Feb 2024 16:33:00 GMT
Server: nginx
ETag: W/"65cb99bc-124b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 twin.js Show response
twin-iq.kickfire.com/ 424 B
696 B 732ms
89ms Script
application/javascript 54.245.213.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://twin-iq.kickfire.com/twin.js?14971

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JGZ3LH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.245.213.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-245-213-2.us-west-2.compute.amazonaws.com

Software

Apache/2.4.58 () /

Resource Hash

034acd3ced0cf00cdfcb684283fdc624a48c2dc8dcddeb55e09412f92971056d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:33 GMT
content-security-policy: frame-ancestors 'none';
x-content-type-options: nosniff
last-modified: Thu, 06 Jan 2022 20:12:30 GMT
server: Apache/2.4.58 ()
etag: "1a8-5d4ef7d746e6f"
x-frame-options: DENY
content-type: application/javascript
accept-ranges: bytes
content-length: 424
x-xss-protection: 1; mode=block

GET
H2 200 gip Show response
api.kickfire.com/ 26 B
155 B 715ms
99ms XHR
text/html 35.166.134.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.kickfire.com/gip
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/_static/??-eJx9jMEKAjEMRH/IbGhlEQ/it2zbsKY03bVJWfx7i3jwJAw8GN4MHjtwjaUnUswjz07t9cUkXKesJ/wngfDaFqNfOW7VqBrag2RMOK0QfICwKMGnw8RqqLHxboqxq20C0ouxUqFo4+guN3fx59nPV+fyG9JXPZA=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.134.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-134-118.us-west-2.compute.amazonaws.com
Software: Apache / PHP/7.2.34
Resource Hash: d2b66ccf3e0fa78d83f785e0d5b959450c81e5a9f539ab375743eeb40ce4e428

Request headers

Accept: */*
Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Aug 2024 05:00:33 GMT
server: Apache
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1019691/ 71 KB
22 KB 687ms
63ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1019691/tfa.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5626e4eef863b6d42948e82557f556451cfb51c144aaa13840e124bf9beb6eb5

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: tdfrzSK1fJDy0tjFwaL5wps2.MBhsP5m
content-encoding: gzip
via: 1.1 varnish
date: Wed, 14 Aug 2024 05:00:33 GMT
x-amz-request-id: JXZFRRCHEAN1YGG9
age: 82
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 21939
x-amz-id-2: qolY4utKID4GBYuzP+qIvgxcjbPM0Ny94e+PdxRerrPGQT8f3eWoI72JcZRWduScEmg/EsjiqgU=
x-served-by: cache-lax-kwhp1940108-LAX
last-modified: Sun, 11 Aug 2024 11:12:12 GMT
server: AmazonS3
x-timer: S1723611634.913432,VS0,VE2
etag: "1810226d73d24bd6ecd792667533b4b1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 50
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200 track.js Show response
amd.sellingsimplified.net/wt/resource/js/ 4 KB
4 KB 375ms
93ms Script
text/javascript 38.75.194.109
DEN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amd.sellingsimplified.net/wt/resource/js/track.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.75.194.109 Greenwood Village, United States, ASN394005 (DEN-AS, US),
Reverse DNS
Software: /
Resource Hash: 86f20199fc95660a2cb43af95485eb52eb22d3ee5d144e4fbd4663ef3c13a973

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:33 GMT
last-modified: Thu, 28 Jul 2022 00:14:40 GMT
accept-ranges: bytes
etag: W/"3897-1658967280000"
content-length: 3897
content-type: text/javascript

GET
H/1.1 200
OK footer.js Show response
tribl.io/ 2 KB
2 KB 424ms
120ms Script
text/plain 34.224.230.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tribl.io/footer.js?orgId=vEWdw16LxjIna8b6eWPJ

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JGZ3LH

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.224.230.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-224-230-83.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3637ab4c591c6507fd6f5fad25bbda9d26977264e29dedf678ba89f53f811c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 14 Aug 2024 05:00:33 GMT
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
Server: nginx
P3P: CP="Triblio does not have a P3P policy."
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
ContentType: text/javascript
Content-Length: 1025

GET front.asp
k.intellitxt.com/intellitxt/ 0
0

POST
H2 200 pv-data Show response
cmpv2.csoonline.com/wrapper/v2/ 190 B
730 B 151ms
150ms XHR
application/json 108.138.106.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmpv2.csoonline.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=4545770394545770393883&scriptVersion=4.25.1&scriptType=unified

Requested by

Host: cmpv2.csoonline.com
URL: https://cmpv2.csoonline.com/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-103.jfk50.r.cloudfront.net

Software

/ Express

Resource Hash

eee9ad6ebda3c830b601e498772dfc337f67da0320aec1788a919d6fd5c03b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Aug 2024 05:00:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 0667564db9d2ec4ceec667e46b842a9c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.csoonline.com
x-cache: Miss from cloudfront
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length: 190
x-amz-cf-id: f8B65ROUXcZ7dVEYkUx6Iv1tX6u4SMNv2HnDb7jffSTMxBjyetaOkw==

OPTIONS
H2 200 pv-data
cmpv2.csoonline.com/wrapper/v2/ Frame 0
0 147ms
146ms Preflight
text/html 108.138.106.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmpv2.csoonline.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=4545770394545770393883&scriptVersion=4.25.1&scriptType=unified

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-103.jfk50.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.csoonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: https://www.csoonline.com
allow: POST
cache-control: no-cache, no-store
content-length: 4
content-type: text/html; charset=utf-8
date: Wed, 14 Aug 2024 05:00:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 0667564db9d2ec4ceec667e46b842a9c.cloudfront.net (CloudFront)
x-amz-cf-id: PGrYUdn9ImW-cv3Exj-oCON4PbIACTV5ynFTvw14GyFoLNzh9sUlnA==
x-amz-cf-pop: JFK50-P3
x-cache: Miss from cloudfront
x-powered-by: Express

OPTIONS
H2 200 pv-data
cmpv2.csoonline.com/wrapper/v2/ Frame 0
0 137ms
135ms Preflight
text/html 108.138.106.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmpv2.csoonline.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=4545770394545770393883&scriptVersion=4.25.1&scriptType=unified

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-103.jfk50.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.csoonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: https://www.csoonline.com
allow: POST
cache-control: no-cache, no-store
content-length: 4
content-type: text/html; charset=utf-8
date: Wed, 14 Aug 2024 05:00:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 0667564db9d2ec4ceec667e46b842a9c.cloudfront.net (CloudFront)
x-amz-cf-id: W6lYDTQJ6YHNTGQoa-xmN1SAsqUhZUGtwG_-VO3X0DC2-4LdYP2jsg==
x-amz-cf-pop: JFK50-P3
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 123ms
120ms Stylesheet
text/css 34.195.18.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.18.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-18-232.compute-1.amazonaws.com
Software: /
Resource Hash: 80cc6f6a35ae700a714f5dd4104469247c6a2c06c6abfc7a32f9714f819829cd

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Aug 2024 05:00:32 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 362ms
121ms Fetch
image/jpeg 34.195.18.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.18.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-18-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Aug 2024 05:00:32 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
0 363ms
363ms Fetch
image/jpeg 34.195.18.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.18.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-18-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Aug 2024 05:00:32 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 319 KB
79 KB 495ms
144ms Script
application/javascript 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/wp-content/client-mu-plugins/idg-third-party/dist/scripts/apstag_library.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cb91d44b4b1deecc952c953de556437e2283fb4a17261ef352cc19ea65f7984b

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 04:21:40 GMT
content-encoding: gzip
via: 1.1 7eefe38d76087dfad8e2f0b7702246ee.cloudfront.net (CloudFront), 1.1 e7e95bff6b1d430c678b4f86ab211a1a.cloudfront.net (CloudFront)
last-modified: Mon, 12 Aug 2024 20:54:56 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK50-P3
age: 2334
x-amz-server-side-encryption: AES256
etag: W/"bcf5fc5f6600cc22b92be3e154b2e3e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: vykeUnBA1uX7QMbzupu8IKcYaZgPFsCI7Py8VRy5K1Xq3y6LLgieUw==

GET
H/1.1 200
OK c.js Show response
collector.brandmetrics.com/ 0
188 B 938ms
112ms Script
text/javascript 20.40.202.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.brandmetrics.com/c.js?siteid=859f1054-306e-4cf1-ba1e-f830aaa45fea&toploc=www.csoonline.com&rnd=7201853
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=859f1054-306e-4cf1-ba1e-f830aaa45fea&toploc=www.csoonline.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8
Date: Wed, 14 Aug 2024 05:00:34 GMT
Content-Length: 0
Request-Context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 adsm.macro.rmb.js Show response
macro.adnami.io/macro/gen/ 88 KB
22 KB 745ms
119ms Script
application/x-javascript 2600:1408:c400:9::17cd:69b0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://macro.adnami.io/macro/gen/adsm.macro.rmb.js
Requested by: Host: functions.adnami.io
URL: https://functions.adnami.io/api/macro/adsm.macro.csoonline.com.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:9::17cd:69b0 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: bd40443bbe67ff89c7dbaadbce08e48d8c5611b0b10adb5f3f837ed32f719bbe

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 14 Aug 2024 05:00:34 GMT
content-encoding: br
last-modified: Mon, 12 Aug 2024 13:40:58 GMT
content-md5: t7vkTIQu8C0KpNo+xp+voA==
etag: 0x8DCBAD465D88587
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1aab076e-a01e-0075-5bbd-ece79e000000
cache-control: max-age=7372
x-ms-version: 2009-09-19
content-length: 22031

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-965409852/ 3 KB
1 KB 372ms
130ms Script
text/javascript 173.194.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-965409852/?random=1723611632999&cv=11&fst=1723611632999&bg=ffffff&guid=ON&async=1&gtm=45be48c0z8839094799za201zb839094799&gcd=13l3l3l3l5&dma=0&tcfd=10648&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20%7C%20CSO%20Online&npa=0&us_privacy=1YNN&gdpr=0&gdpr_consent=tcempty&pscdl=noapi&auid=1252027476.1723611633&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-AW-965409852&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f157.1e100.net

Software

cafe /

Resource Hash

9ea353ec9dcb0fc2a853302210b07275be9cc96057cb50f95093c20041e4e477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1445
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
763 B 658ms
103ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=1950162%2C929234&time=1723611633030&url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:33 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 3E09872D199545E2962F3A5723F8F155 Ref B: LAX311000113049 Ref C: 2024-08-14T05:00:33Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYfnZsnO4P0pBEwNDcYPA==
x-fs-uuid: 00061f9d9b273b83f4a411303437183c

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1950162%2C929234&time=1723611633030&url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionope...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1950162%2C929234&time=1723611633030&url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionope...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1950162%252C929234%26time%3D1723611633030%26url%3Dhttps%253A%252F%252Fwww.csoonli...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1950162%2C929234&time=1723611633030&url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionope...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1950162%2C929234&time=1723611633030&url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionop...

0
491 B

380ms
123ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1950162%2C929234&time=1723611633030&url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&cookiesTest=true&liSync=true&e_ipv6=AQLuB7NHKzquhwAAAZFPQlnU4InIZRnvI1Peiu4DS9qsFCz3Y1jzoPDXpsMb6XXSTDwfug
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:34 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 7FE1E8E3C3024FBABABB678D3BFB6768 Ref B: LAX311000115019 Ref C: 2024-08-14T05:00:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYfnZs0VuZZkmkruBnPvg==

Redirect headers

date: Wed, 14 Aug 2024 05:00:33 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 7EC6FEAF488A49C89EDF832D24B1BD7D Ref B: LAX311000111035 Ref C: 2024-08-14T05:00:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1950162%2C929234&time=1723611633030&url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&cookiesTest=true&liSync=true&e_ipv6=AQLuB7NHKzquhwAAAZFPQlnU4InIZRnvI1Peiu4DS9qsFCz3Y1jzoPDXpsMb6XXSTDwfug
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYfnZsuzksnLdppOGCnjg==

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
783 B 714ms
166ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 14 Aug 2024 05:00:33 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 87333C108BF04A84BE91B61153145155 Ref B: LAX311000111035 Ref C: 2024-08-14T05:00:33Z
linkedin-action: 1
vary: Origin
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
access-control-allow-origin: https://www.csoonline.com
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYfnZsnjIpgjaiijBTpRA==

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 116 B
311 B 123ms
120ms XHR
text/plain 34.195.18.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=iOZaO5asj-W3ItHISwZiJg&is_js=true&landing_url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&t=Page%20not%20found%20%7C%20CSO%20Online&tip=1vMJdFUU6aDNkRvf3KLXoBashdvUr3CT9dgd0gsTAcI&host=https%3A%2F%2Fwww.csoonline.com&sa_conv_data_css_value=%270-aa3aa382-9021-5855-5691-890f0f99d008%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9aa3aa382902158555691890f0f99d008a2f5cef9&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIMyQqcwWIpd4hhf0fIQ_yEPmzY_2EzIEhkJDXTzSuvTfENYBGAQg8PPwtQYwAToEFPvsiUIEoczJVw.HvHsdA1A77dw6jMUm8oaFqLDL2CYKxFTFdwc9cFZ23I&sa-user-id-v2=s%253AqjqjgpAhWFVWkYkPD5nQCKL1zvk.yHsKXVKFcwuznW1ZWD09GKoaKrLg5APKp%252BOXeBDuKDI&sa-user-id=s%253A0-aa3aa382-9021-5855-5691-890f0f99d008.79bkjdERieLEjEj0oQtD4ZhbtBFZ5IgMFMMvJJ0fPTY
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.18.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-18-232.compute-1.amazonaws.com
Software: /
Resource Hash: 53941ec5ba6f6966ec662f6fd3636430d237a379eb8a159b3a00fca6b01e8c81

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.csoonline.com
date: Wed, 14 Aug 2024 05:00:33 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 116
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 116 B
311 B 121ms
120ms XHR
text/plain 34.195.18.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=dcOZChFXb6yD4mJbXyBBNg&is_js=true&landing_url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&t=Page%20not%20found%20%7C%20CSO%20Online&tip=1vMJdFUU6aDNkRvf3KLXoBashdvUr3CT9dgd0gsTAcI&host=https%3A%2F%2Fwww.csoonline.com&sa_conv_data_css_value=&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9aa3aa382902158555691890f0f99d008a2f5cef9&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIMyQqcwWIpd4hhf0fIQ_yEPmzY_2EzIEhkJDXTzSuvTfENYBGAQg8PPwtQYwAToEFPvsiUIEoczJVw.HvHsdA1A77dw6jMUm8oaFqLDL2CYKxFTFdwc9cFZ23I&sa-user-id-v2=s%253AqjqjgpAhWFVWkYkPD5nQCKL1zvk.yHsKXVKFcwuznW1ZWD09GKoaKrLg5APKp%252BOXeBDuKDI&sa-user-id=s%253A0-aa3aa382-9021-5855-5691-890f0f99d008.79bkjdERieLEjEj0oQtD4ZhbtBFZ5IgMFMMvJJ0fPTY
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.18.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-18-232.compute-1.amazonaws.com
Software: /
Resource Hash: a10c0157e56fe9c945a97e68d0a863bb6345ad7bae08b004c31e44a42d6521b8

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.csoonline.com
date: Wed, 14 Aug 2024 05:00:33 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 116
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
BLOB 200
OK 7f8602cd-d00e-4a91-8777-076ce870922d
https://www.csoonline.com/ 470 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.csoonline.com/7f8602cd-d00e-4a91-8777-076ce870922d
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c867ace4fd19322a1a8a3acb8110050312a32943db24a9ae3debb9f6361bda7c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 481526
Content-Type

GET
H2 200 pxid Show response
f5b3be27-f789-4ef1-8867-37c67da5b361.prmutv.co/v2.0/ 46 B
384 B 402ms
206ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f5b3be27-f789-4ef1-8867-37c67da5b361.prmutv.co/v2.0/pxid?k=84c7e805-5ce9-41f4-b988-3529488bab1c
Requested by: Host: cdn.permutive.app
URL: https://cdn.permutive.app/f5b3be27-f789-4ef1-8867-37c67da5b361-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 5c8ed1a04931a5fb7b6eadaae7460925869b2aeba5ef8b007b6b6403727a085b

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 14 Aug 2024 05:00:33 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.csoonline.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
704 B 513ms
131ms XHR
application/json 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.permutive.app
URL: https://cdn.permutive.app/f5b3be27-f789-4ef1-8867-37c67da5b361-web.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:33 GMT
an-x-request-uuid: 98732fa2-974c-4c77-ab30-1fd81ec529a9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.csoonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 162.245.206.249; 162.245.206.249; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/t2_4bkq4t2o/ 3 B
124 B 236ms
61ms XHR
application/json 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/t2_4bkq4t2o/config
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:33 GMT
content-encoding: gzip
via: 1.1 varnish
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 27

GET
H2 200 t2_4bkq4t2o_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
699 B 210ms
72ms XHR
application/json 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_4bkq4t2o_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:33 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 97

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 188ms
60ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1723611633150&id=t2_4bkq4t2o&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=b251f91a-ec00-48c3-bd06-61d341f17f0d&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:34 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 476ms
132ms Image
image/png 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=84c7e805-5ce9-41f4-b988-3529488bab1c&u=f3d9fe93-3bc7-4323-8aac-154291f74ca2&gdpr=1&gdpr_consent=undefined

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
149 B 307ms
90ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=dbegppc&ttd_tpi=1&ttd_puid=84c7e805-5ce9-41f4-b988-3529488bab1c,f3d9fe93-3bc7-4323-8aac-154291f74ca2&gdpr=1&gdpr_consent=undefined
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:34 GMT
server: Kestrel
content-length: 70
content-type: image/gif

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 129ms
129ms XHR
text/plain 172.253.63.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1952078245&t=pageview&_s=1&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%7C%20CSO%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEAjEAQCACAAI~&jid=110920108&gjid=39869921&cid=1248777135.1723611632&uid=&tid=UA-300704-9&_gid=747818009.1723611633&_r=1&_slc=1&gtm=45He48c0n815JGZ3LHv839094799za200&cg1=&cg2=%20index&cg3=&cg4=error%20-%20404&cg5=us&cd1=&cd2=&cd3=No%20industry%20provided&cd4=&cd5=Wed%2C%2014%20Aug%202024%2005%3A00%3A32%20GMT&cd6=Wed%2C%2014%20Aug%202024%2005%3A00%3A32%20GMT&cd7=0&cd8=1&cd9=wp_production&cd10=cso%20online&cd11=No%20property%20country%20passed&cd12=enterprise&cd13=true&cd14=&cd15=Web&cd17=&cd18=&cd19=&cd20=&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=%20index&cd27=&cd28=error%20-%20404&cd29=&cd30=&cd31=No%20video%20set&cd32=&cd33=&cd34=&cd35=No%20video%20title%20passed&cd36=&cd37=&cd38=1&cd39=&cd40=&cd41=&cd42=&cd43=false&cd44=false&cd45=&cd46=false&cd47=&cd48=&cd49=&cd50=&cd51=&cd52=No%20one%20reg%20placement%20id%20passed&cd53=&cd54=&cd55=&cd56=&cd57=No%20video%20length%20passed&cd58=No%20translation%20provided&cd59=No%20translation%20id%20provided&cd60=No%20translation%20original%20publication%20provided&cd61=&cd62=&cd64=false&cd66=English&cd79=us&cd80=&cd81=false&cd82=false&cd91=&cd104=false&gcd=13l3l3l3l1&dma=0&tcfd=10648&tag_exp=0&z=491275334

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.csoonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST 480
idg.blueconic.net/DG/DEFAULT/rest/rpc/ 0
0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/ 474 KB
148 KB 250ms
249ms Script
text/javascript 172.217.197.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f154.1e100.net

Software

cafe /

Resource Hash

4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 05:27:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84792
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151130
x-xss-protection: 0
server: cafe
etag: 11205447520193479331
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 13 Aug 2025 05:27:21 GMT

GET
H2 200 783301121827721 Show response
connect.facebook.net/signals/config/ 64 KB
13 KB 129ms
128ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/783301121827721?v=2.9.164&r=stable&domain=www.csoonline.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2875e7d0aff16bcdde59fa4de7b959b54fd7b5ad49a566d801efe559452474ce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Aug 2024 05:00:33 GMT
document-policy: force-load-at-top
x-fb-server-load: 27
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13028
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=121, rtx=0, c=65, mss=1297, tbw=64387, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: gH9kYHnLHpOwf0DYTn2pkK8b2mTc5qr96FRrLpoL3LRmHZuHEldVx8l9+VvPN/lV0RrVx17MPPt9oC3yexf/CQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 miso-cso.min.js Show response
distribution-cdn.askmiso.com/miso-idg-b2b-answers-script/0.9.23/discovery/ 121 KB
121 KB 138ms
138ms Script
application/javascript 18.238.4.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://distribution-cdn.askmiso.com/miso-idg-b2b-answers-script/0.9.23/discovery/miso-cso.min.js?api_key=eZpMeDgLHVmpvjJuSoujrZQXp75QnleQy4sQn9oX
Requested by: Host: distribution-cdn.askmiso.com
URL: https://distribution-cdn.askmiso.com/miso-idg-b2b-answers-script/latest/miso-cso.min.js?api_key=eZpMeDgLHVmpvjJuSoujrZQXp75QnleQy4sQn9oX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-35.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 49de2c534c2b4be8f59b2b031b61639595b2e2362e1ca7e575e766af597b2086

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 10:27:25 GMT
x-amz-version-id: mLpK0xk0GoeUaiPxbuNLbNl2hef8Adzn
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
last-modified: Wed, 24 Jul 2024 02:56:13 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 66789
etag: "e5311ce72e3a03e8767802b66cc40aab"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
content-length: 123538
x-amz-cf-id: 6R3FAnzM-o7muF5zlDrra5vIbAUIp-J2NsP-Yd6Jttwq1rFz3k2caA==

GET
H2 200 adsct
t.co/i/ 43 B
375 B 351ms
146ms Image
image/gif 72.21.81.130
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=29ba659f-51cd-4feb-9ba8-10a51ed8db54&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bb943bab-1c85-40d4-9435-22032e6ff0a8&tw_document_href=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1hbs&type=javascript&version=2.3.30

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.21.81.130 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 8
date: Wed, 14 Aug 2024 05:00:33 GMT
strict-transport-security: max-age=0
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: acb9c1178dfb61c9
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 96c9051eeef810bae7c111076cbf37b9c955077693b9f6d86f9eb3e1cae1a4bb
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
214 B 437ms
92ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=29ba659f-51cd-4feb-9ba8-10a51ed8db54&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bb943bab-1c85-40d4-9435-22032e6ff0a8&tw_document_href=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1hbs&type=javascript&version=2.3.30

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 6
date: Wed, 14 Aug 2024 05:00:34 GMT
strict-transport-security: max-age=631138519
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: 54a640b9dd11a60a
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d1b3dc1755f0caefb1f3a1e15edcfb2d0cfc4a7873430775be7df7779ee192d1
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
251 B 312ms
147ms Image
image/gif 72.21.81.130
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=8dac609d-e0ab-44cf-afe2-f6fff9645bb3&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bb943bab-1c85-40d4-9435-22032e6ff0a8&tw_document_href=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2dl8&type=javascript&version=2.3.30

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.21.81.130 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 5
date: Wed, 14 Aug 2024 05:00:33 GMT
strict-transport-security: max-age=0
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: 05e7dda8a6c8fec8
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d86ddf811060fe2aeb9ab4f0f9506b29ea4391f7496d1b863ef9fc5270dfb3e0
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
390 B 405ms
91ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=8dac609d-e0ab-44cf-afe2-f6fff9645bb3&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bb943bab-1c85-40d4-9435-22032e6ff0a8&tw_document_href=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2dl8&type=javascript&version=2.3.30

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 5
date: Wed, 14 Aug 2024 05:00:34 GMT
strict-transport-security: max-age=631138519
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: 641762124c97a500
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d1b3dc1755f0caefb1f3a1e15edcfb2d0cfc4a7873430775be7df7779ee192d1
content-length: 43

GET
H2 200 company:(all) Show response
api.kickfire.com/v3/ 801 B
1015 B 143ms
142ms XHR
application/json 35.166.134.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.kickfire.com/v3/company:(all)?ip=WU3B%2BIy%2FGrSKdmkpmxOo&key=ab96d43dcbe0d8e0
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/_static/??-eJx9jMEKAjEMRH/IbGhlEQ/it2zbsKY03bVJWfx7i3jwJAw8GN4MHjtwjaUnUswjz07t9cUkXKesJ/wngfDaFqNfOW7VqBrag2RMOK0QfICwKMGnw8RqqLHxboqxq20C0ouxUqFo4+guN3fx59nPV+fyG9JXPZA=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.134.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-134-118.us-west-2.compute.amazonaws.com
Software: Apache / PHP/7.2.34
Resource Hash: f558f0e81adeb534c13953f602395238fdbbf76f0c5cb38b0a2b67143342dbec

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Aug 2024 05:00:33 GMT
server: Apache
x-powered-by: PHP/7.2.34
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: *
content-type: application/json; charset=utf-8

GET
H2 200 528995260596026 Show response
connect.facebook.net/signals/config/ 23 KB
3 KB 120ms
119ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/528995260596026?v=2.9.164&r=stable&domain=www.csoonline.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C124%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

93fb6a5707f22138c096e718389b384fd38d51fcd56111b7a5f834fbeea8f5f2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Aug 2024 05:00:33 GMT
document-policy: force-load-at-top
x-fb-server-load: 31
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3041
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=120, rtx=0, c=79, mss=1297, tbw=77743, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: 75bP+5MAgo4p7586Y5lwUh7wQjza80vIYemMNzGdnb7PNnum20OJiUZtFqkDlJjazFIDMGd/T/iEL7LsHjfCng==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 369ms
121ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=783301121827721&ev=PageView&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633496&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=GET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=10, mss=1297, tbw=2886, tp=-1, tpl=-1, uplat=2, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 05:00:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 450ms
237ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=783301121827721&ev=PageView&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633496&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=FGET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Wed, 14 Aug 2024 05:00:34 GMT
document-policy: force-load-at-top
x-fb-server-load: 45
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402855600454482411", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=10, mss=1297, tbw=3353, tp=-1, tpl=-1, uplat=49, ullat=0
pragma: no-cache
x-fb-debug: qqX3zUv8JPqlKZ0w8aX76q9JCYLzpcCWY90Tw1sReeaOWgHGZdzjcJYENEF307/RnaoqCMVj+VqDO5tT/RKn4Q==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402855600454482411"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 309ms
122ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=783301121827721&ev=ViewContent&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633498&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=GET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=10, mss=1297, tbw=3169, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 05:00:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 406ms
247ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=783301121827721&ev=ViewContent&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633498&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=FGET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x00f13a5601793a8f","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["14:4392049334154656","14:2225121004184363","14:1279642368807080","7834:4392049334154656","7834:2225121004184363","7834:1279642368807080","564:4392049334154656","564:2225121004184363","564:1279642368807080","10196:4392049334154656","10196:2225121004184363","10196:1279642368807080","10853:4392049334154656","10853:2225121004184363","10853:1279642368807080","31:4392049334154656","31:2225121004184363","31:1279642368807080","8053:4392049334154656","8053:2225121004184363","8053:1279642368807080","617:4392049334154656","617:2225121004184363","617:1279642368807080"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 14 Aug 2024 05:00:34 GMT
x-fb-server-load: 28
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402855600640674325", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=10, mss=1297, tbw=7877, tp=-1, tpl=-1, uplat=51, ullat=0
pragma: no-cache
x-fb-debug: 3MikgkVnwzgtUD6GJqaKcpvWLrKxTHtyiSMPhBrEqHTRf0/70UTFKTVUG9IqFm7HfJ44kmKDGMBI0qxtMoFU8w==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402855600640674325"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 123ms
122ms Image
image/gif 172.253.63.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1952078245&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%7C%20CSO%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=KickFire%20API&ea=success&_u=aDDAAEAjEAQCACAAI~&jid=&gjid=&cid=1248777135.1723611632&uid=&tid=UA-300704-9&_gid=747818009.1723611633&gtm=45He48c0n815JGZ3LHv839094799za200&cg1=&cg2=%20index&cg3=&cg4=error%20-%20404&cg5=us&cd1=&cd2=&cd3=No%20industry%20provided&cd4=&cd5=Wed%2C%2014%20Aug%202024%2005%3A00%3A32%20GMT&cd6=Wed%2C%2014%20Aug%202024%2005%3A00%3A32%20GMT&cd7=0&cd8=1&cd9=wp_production&cd10=cso%20online&cd11=No%20property%20country%20passed&cd12=enterprise&cd13=true&cd14=&cd15=Web&cd17=&cd18=&cd19=&cd20=&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=%20index&cd27=&cd28=error%20-%20404&cd29=&cd30=&cd31=No%20video%20set&cd32=&cd33=&cd34=&cd35=No%20video%20title%20passed&cd36=&cd37=&cd38=1&cd39=&cd40=&cd41=&cd42=&cd43=false&cd44=false&cd45=&cd46=false&cd47=&cd48=&cd49=&cd50=&cd51=&cd52=No%20one%20reg%20placement%20id%20passed&cd53=&cd54=&cd55=&cd56=&cd57=No%20video%20length%20passed&cd58=No%20translation%20provided&cd59=No%20translation%20id%20provided&cd60=No%20translation%20original%20publication%20provided&cd61=&cd62=&cd64=false&cd66=English&cd70=1248777135.1723611632&cd79=us&cd80=&cd81=false&cd82=false&cd91=&cd104=false&gcd=13l3l3l3l5&dma=0&tcfd=10648&tag_exp=0&cd68=Cisco%20Systems%2C%20Inc&cd69=%241%2C000%2C000%2C000%2B&cd71=US&cd72=25%2C000%2B&cd74=cisco.com&cd75=Software%20Publishers&cd76=513210&cd77=0&cd78=California&gcs=G1--&z=1588276187

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 10:26:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66860
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 topics.html
postrelease.com/iframes/ Frame B804 0
0 447ms
107ms Document
text/html 52.36.224.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postrelease.com/iframes/topics.html
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.224.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-224-135.us-west-2.compute.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 582
content-type: text/html
date: Wed, 14 Aug 2024 05:00:34 GMT
etag: "ec22fdd2cd0ccf11c7761864efa96c06"
last-modified: Fri, 15 Mar 2024 21:34:47 GMT
server: AmazonS3
x-amz-id-2: LpZ4QcdGzXNC8ch9hoxuJmPe3Tmae+QOeyCjJdOZJPrz0Eb2+xYWqCPEZ7mGfMVHpqGrqtrGLAI=
x-amz-request-id: DZCYFVEW2XW1SJ42
x-amz-server-side-encryption: AES256

GET
H2 200 t Show response
jadserve.postrelease.com/ 3 KB
2 KB 725ms
126ms Script
text/javascript 204.236.230.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&ntv_mvi&ntv_kv=channel*;permutive*rts&us_privacy=1YNN&ntv_oos=0
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.236.230.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-204-236-230-97.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b98fbbd8eedd125134298bb2d3b79fba05e0b953e731149fc11c828a0ad98d5f

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:35 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 1320
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 277ms
210ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=84c7e805-5ce9-41f4-b988-3529488bab1c
Requested by: Host: cdn.permutive.app
URL: https://cdn.permutive.app/f5b3be27-f789-4ef1-8867-37c67da5b361-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 0c55d38feb03ea556625a2df037feddbb4cd5ed3b5e34388f8642c7669b82e0b

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 14 Aug 2024 05:00:33 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.csoonline.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H2 200 ui.css
cdn.jsdelivr.net/npm/@miso.ai/client-sdk@1.9.8-beta.0/dist/css/ 44 KB
7 KB 233ms
62ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@miso.ai/client-sdk@1.9.8-beta.0/dist/css/ui.css

Requested by

Host: distribution-cdn.askmiso.com
URL: https://distribution-cdn.askmiso.com/miso-idg-b2b-answers-script/0.9.23/discovery/miso-cso.min.js?api_key=eZpMeDgLHVmpvjJuSoujrZQXp75QnleQy4sQn9oX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6154825cfda87da08ea01eaf6a244516d401215a2827eca8a25994de7be52e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Aug 2024 05:00:34 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2513191
x-jsd-version: 1.9.8-beta.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6901
x-served-by: cache-fra-eddf8230059-FRA, cache-bur-kbur8200100-BUR
x-jsd-version-type: version
etag: W/"af81-Ale3HyYtKz4lIOekZ1wEUTnZp/E"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET tc
amd.sellingsimplified.net/wt/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
99 B 188ms
123ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=528995260596026&ev=PageView&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633832&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=GET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=10, mss=1297, tbw=3169, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 05:00:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 294ms
238ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=528995260596026&ev=PageView&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633832&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=FGET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x58174f4eb516da7c","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:1827482533954077","7830:1827482533954077","10853:1827482533954077","41:1827482533954077","8046:1827482533954077"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 14 Aug 2024 05:00:34 GMT
x-fb-server-load: 36
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402855599705944682", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=10, mss=1297, tbw=6675, tp=-1, tpl=-1, uplat=50, ullat=0
pragma: no-cache
x-fb-debug: jofhmTSS838LX+2TQUOPkdbU4tY4ikxfxJEYhthej8LMplCPWK6yrX3Dht02MfDp7o+8DJxv9LiATDDNK6nTaw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402855599705944682"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
98 B 206ms
197ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=783301121827721&ev=ViewContent&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633834&sw=1600&sh=1200&v=2.9.164&r=stable&ec=2&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=GET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=10, mss=1297, tbw=9380, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 05:00:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
849 B 206ms
196ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=783301121827721&ev=ViewContent&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633834&sw=1600&sh=1200&v=2.9.164&r=stable&ec=2&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=FGET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x00f13a5601793a8f","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["14:4392049334154656","14:2225121004184363","14:1279642368807080","7834:4392049334154656","7834:2225121004184363","7834:1279642368807080","564:4392049334154656","564:2225121004184363","564:1279642368807080","10196:4392049334154656","10196:2225121004184363","10196:1279642368807080","10853:4392049334154656","10853:2225121004184363","10853:1279642368807080","31:4392049334154656","31:2225121004184363","31:1279642368807080","8053:4392049334154656","8053:2225121004184363","8053:1279642368807080","617:4392049334154656","617:2225121004184363","617:1279642368807080"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 14 Aug 2024 05:00:34 GMT
x-fb-server-load: 29
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402855600723258751", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=10, mss=1297, tbw=9522, tp=-1, tpl=-1, uplat=17, ullat=0
pragma: no-cache
x-fb-debug: CiqSULGCL5kjTrFFI3jOQ9i1lkkuXIeICfAkpe3IAlcCrLBGbhOyFXVTerz+HuepccSaHgqAQAE8OZ3rZO0b8w==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402855600723258751"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
99 B 210ms
200ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=528995260596026&ev=ViewContent&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633835&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=GET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=17, mss=1297, tbw=10671, tp=-1, tpl=-1, uplat=5, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 05:00:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 227ms
218ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=528995260596026&ev=ViewContent&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633835&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=FGET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa4f21d2d6b550470","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["14:4802948106448914","14:1858109017636294","7834:4802948106448914","7834:1858109017636294","564:4802948106448914","564:1858109017636294","10196:4802948106448914","10196:1858109017636294","10853:4802948106448914","10853:1858109017636294","31:4802948106448914","31:1858109017636294","8053:4802948106448914","8053:1858109017636294","617:4802948106448914","617:1858109017636294"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 14 Aug 2024 05:00:34 GMT
x-fb-server-load: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402855600481297538", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=18, mss=1297, tbw=15848, tp=-1, tpl=-1, uplat=25, ullat=1
pragma: no-cache
x-fb-debug: EIRl/eqkYQFZLqQcmztdc1nqOLH8LufF8C2BJZyPS3XEnospoRD2uxyEPybt2Uh3V4bxY5Qlq/ue6wpGlrwvBw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402855600481297538"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
92 B 98ms
93ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3gt9&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 7
date: Wed, 14 Aug 2024 05:00:34 GMT
strict-transport-security: max-age=631138519
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: 6ab5ffa6656b6294
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d1b3dc1755f0caefb1f3a1e15edcfb2d0cfc4a7873430775be7df7779ee192d1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
89 B 100ms
96ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3ao7&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 6
date: Wed, 14 Aug 2024 05:00:33 GMT
strict-transport-security: max-age=631138519
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: c9689a64b1090614
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d1b3dc1755f0caefb1f3a1e15edcfb2d0cfc4a7873430775be7df7779ee192d1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
90 B 98ms
94ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3m0n&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 7
date: Wed, 14 Aug 2024 05:00:34 GMT
strict-transport-security: max-age=631138519
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: 9bfd0393713d779e
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d1b3dc1755f0caefb1f3a1e15edcfb2d0cfc4a7873430775be7df7779ee192d1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
90 B 93ms
89ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3m0j&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 5
date: Wed, 14 Aug 2024 05:00:34 GMT
strict-transport-security: max-age=631138519
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: a55f6b645fa7d2a3
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d1b3dc1755f0caefb1f3a1e15edcfb2d0cfc4a7873430775be7df7779ee192d1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
89 B 99ms
95ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o45cu&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 5
date: Wed, 14 Aug 2024 05:00:34 GMT
strict-transport-security: max-age=631138519
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: 567faafe8966c16a
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d1b3dc1755f0caefb1f3a1e15edcfb2d0cfc4a7873430775be7df7779ee192d1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
113 B 95ms
90ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o2bzv&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 5
date: Wed, 14 Aug 2024 05:00:33 GMT
strict-transport-security: max-age=631138519
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: 7c74e9fe4d8fdc88
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d1b3dc1755f0caefb1f3a1e15edcfb2d0cfc4a7873430775be7df7779ee192d1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
89 B 100ms
96ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o2bzg&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 6
date: Wed, 14 Aug 2024 05:00:33 GMT
strict-transport-security: max-age=631138519
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: 8fe0994ac561b77c
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d1b3dc1755f0caefb1f3a1e15edcfb2d0cfc4a7873430775be7df7779ee192d1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
89 B 99ms
95ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3cwb&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 5
date: Wed, 14 Aug 2024 05:00:34 GMT
strict-transport-security: max-age=631138519
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: d29a5dd9df28af95
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d1b3dc1755f0caefb1f3a1e15edcfb2d0cfc4a7873430775be7df7779ee192d1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
89 B 98ms
94ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3aok&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 5
date: Wed, 14 Aug 2024 05:00:34 GMT
strict-transport-security: max-age=631138519
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: 42f2d227520f96db
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d1b3dc1755f0caefb1f3a1e15edcfb2d0cfc4a7873430775be7df7779ee192d1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
89 B 162ms
158ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3cwc&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 6
date: Wed, 14 Aug 2024 05:00:34 GMT
strict-transport-security: max-age=631138519
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: f6714eb409ca7449
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d1b3dc1755f0caefb1f3a1e15edcfb2d0cfc4a7873430775be7df7779ee192d1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
88 B 180ms
177ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3ao8&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 6
date: Wed, 14 Aug 2024 05:00:34 GMT
strict-transport-security: max-age=631138519
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: ece58e91e0ef68c9
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d1b3dc1755f0caefb1f3a1e15edcfb2d0cfc4a7873430775be7df7779ee192d1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
89 B 179ms
176ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o1jw6&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 6
date: Wed, 14 Aug 2024 05:00:33 GMT
strict-transport-security: max-age=631138519
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: c89a6fca68427108
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d1b3dc1755f0caefb1f3a1e15edcfb2d0cfc4a7873430775be7df7779ee192d1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
91 B 158ms
155ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3m0l&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 4
date: Wed, 14 Aug 2024 05:00:33 GMT
strict-transport-security: max-age=631138519
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: 7b2e120213c0b55c
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d1b3dc1755f0caefb1f3a1e15edcfb2d0cfc4a7873430775be7df7779ee192d1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
89 B 179ms
176ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o3aoj&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 6
date: Wed, 14 Aug 2024 05:00:34 GMT
strict-transport-security: max-age=631138519
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: 1cd5653bc093bce5
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d1b3dc1755f0caefb1f3a1e15edcfb2d0cfc4a7873430775be7df7779ee192d1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
89 B 161ms
158ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o1mlo&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 6
date: Wed, 14 Aug 2024 05:00:34 GMT
strict-transport-security: max-age=631138519
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: 3f2f02ee5fbee43d
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d1b3dc1755f0caefb1f3a1e15edcfb2d0cfc4a7873430775be7df7779ee192d1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
90 B 159ms
156ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?txn_id=o2grf&p_id=Twitter

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 5
date: Wed, 14 Aug 2024 05:00:33 GMT
strict-transport-security: max-age=631138519
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: 035799183007331b
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d1b3dc1755f0caefb1f3a1e15edcfb2d0cfc4a7873430775be7df7779ee192d1
content-length: 43

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 9F03 0
0 363ms
123ms Document
text/html 172.217.197.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f155.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 740
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29247
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Aug 2024 04:48:14 GMT
expires: Wed, 14 Aug 2024 05:38:14 GMT
last-modified: Mon, 12 Aug 2024 19:45:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=33269982&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D33269982%26t%3D1

0
1 KB

134ms
133ms

Image
application/javascript

68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D33269982%26t%3D1

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Server

68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:34 GMT
an-x-request-uuid: e5927bea-0056-4485-ae0c-d26c7fcee089
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 162.245.206.249; 162.245.206.249; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:34 GMT
an-x-request-uuid: 9942deb4-18af-4070-b856-841d8b83891c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D33269982%26t%3D1
x-proxy-origin: 162.245.206.249; 162.245.206.249; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=35653612&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35653612%26t%3D1

0
1 KB

159ms
158ms

Image
application/javascript

68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35653612%26t%3D1

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Server

68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:34 GMT
an-x-request-uuid: 03327906-aca5-4f8b-8433-78f728e3ae1f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 162.245.206.249; 162.245.206.249; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:34 GMT
an-x-request-uuid: 696787a4-5947-4103-a92f-dbf8746b2a28
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D35653612%26t%3D1
x-proxy-origin: 162.245.206.249; 162.245.206.249; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
99 B 210ms
201ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=783301121827721&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633905&cd[segment_id]=11123&sw=1600&sh=1200&v=2.9.164&r=stable&ec=3&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=GET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=17, mss=1297, tbw=10671, tp=-1, tpl=-1, uplat=4, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 05:00:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
846 B 222ms
213ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=783301121827721&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633905&cd[segment_id]=11123&sw=1600&sh=1200&v=2.9.164&r=stable&ec=3&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=FGET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Wed, 14 Aug 2024 05:00:34 GMT
document-policy: force-load-at-top
x-fb-server-load: 41
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402855599040509587", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=18, mss=1297, tbw=13058, tp=-1, tpl=-1, uplat=22, ullat=0
pragma: no-cache
x-fb-debug: 2nfXISSNRm5gul0sQFi740lgd4ZkExN+leEZ9bn3OcPA1V2GiGWcoCn03w90eyKMJ5BoMgmjodQ9XPI0It9DTw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402855599040509587"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
99 B 211ms
201ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=528995260596026&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633906&cd[segment_id]=11123&sw=1600&sh=1200&v=2.9.164&r=stable&ec=2&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=GET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=17, mss=1297, tbw=10873, tp=-1, tpl=-1, uplat=3, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 05:00:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
857 B 246ms
237ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=528995260596026&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633906&cd[segment_id]=11123&sw=1600&sh=1200&v=2.9.164&r=stable&ec=2&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=FGET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x8de5484167e82645","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["23:1827482533954077","7811:1827482533954077","10193:1827482533954077","10853:1827482533954077","40:1827482533954077","8050:1827482533954077"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 14 Aug 2024 05:00:34 GMT
x-fb-server-load: 42
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402855600865442832", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=18, mss=1297, tbw=19254, tp=-1, tpl=-1, uplat=25, ullat=0
pragma: no-cache
x-fb-debug: CBVlOtkorZMvHur3lQCQ9p14r6uwKm7z4O1SiNERX2BIDCR6G0v673ylY1ydT/DNkI8JDBh7qVbtIalaJCcv7Q==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402855600865442832"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 211ms
202ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=783301121827721&ev=PermutiveSegmentEntry_11123&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633907&sw=1600&sh=1200&v=2.9.164&r=stable&ec=4&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=GET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=17, mss=1297, tbw=10873, tp=-1, tpl=-1, uplat=3, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 05:00:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
780 B 222ms
213ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=783301121827721&ev=PermutiveSegmentEntry_11123&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633907&sw=1600&sh=1200&v=2.9.164&r=stable&ec=4&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=FGET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Wed, 14 Aug 2024 05:00:34 GMT
document-policy: force-load-at-top
x-fb-server-load: 30
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402855600977270138", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=18, mss=1297, tbw=13058, tp=-1, tpl=-1, uplat=22, ullat=0
pragma: no-cache
x-fb-debug: U+ejYhDb/J6jbjrohdAADdCJy6Uiz/lHvCGXW1NprYv8K+rraXgVfBzTfoh0rOD8iv13TAOCBOgFNHGQ97hXIQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402855600977270138"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 211ms
202ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=528995260596026&ev=PermutiveSegmentEntry_11123&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633908&sw=1600&sh=1200&v=2.9.164&r=stable&ec=3&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=GET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=17, mss=1297, tbw=10873, tp=-1, tpl=-1, uplat=3, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 05:00:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 218ms
209ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=528995260596026&ev=PermutiveSegmentEntry_11123&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633908&sw=1600&sh=1200&v=2.9.164&r=stable&ec=3&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=FGET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x5848fefe7e14644a","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["23:1827482533954077","7811:1827482533954077","10193:1827482533954077","10853:1827482533954077","40:1827482533954077","8050:1827482533954077"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 14 Aug 2024 05:00:34 GMT
x-fb-server-load: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402855600921274135", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=18, mss=1297, tbw=11880, tp=-1, tpl=-1, uplat=20, ullat=0
pragma: no-cache
x-fb-debug: l7ruTLPbnvfk8kpmMcGQoHA49jksh8T+2qL6efTISm6U0uN5YqweX8DuukNOo+LpSsJ90B2SeaBnu/l9smZ+SA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402855600921274135"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 212ms
203ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=783301121827721&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633910&cd[segment_id]=11123&sw=1600&sh=1200&v=2.9.164&r=stable&ec=5&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=GET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=17, mss=1297, tbw=10873, tp=-1, tpl=-1, uplat=3, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 05:00:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
849 B 227ms
218ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=783301121827721&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633910&cd[segment_id]=11123&sw=1600&sh=1200&v=2.9.164&r=stable&ec=5&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=FGET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Wed, 14 Aug 2024 05:00:34 GMT
document-policy: force-load-at-top
x-fb-server-load: 44
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402855600920288219", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=18, mss=1297, tbw=17204, tp=-1, tpl=-1, uplat=23, ullat=0
pragma: no-cache
x-fb-debug: SI6csIytY53YHBrOU7jtIAAAm3iFgxTRcXCu0KMYZqit3iMX27leTYncCg4yzVVmajpRAhB2KpqJdogpF3xmPA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402855600920288219"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 212ms
204ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=528995260596026&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633911&cd[segment_id]=11123&sw=1600&sh=1200&v=2.9.164&r=stable&ec=4&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=GET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=17, mss=1297, tbw=10873, tp=-1, tpl=-1, uplat=3, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 05:00:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 245ms
236ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=528995260596026&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633911&cd[segment_id]=11123&sw=1600&sh=1200&v=2.9.164&r=stable&ec=4&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=FGET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x8de5484167e82645","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["23:1827482533954077","7811:1827482533954077","10193:1827482533954077","10853:1827482533954077","40:1827482533954077","8050:1827482533954077"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 14 Aug 2024 05:00:34 GMT
x-fb-server-load: 36
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402855599361301198", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=18, mss=1297, tbw=18075, tp=-1, tpl=-1, uplat=24, ullat=0
pragma: no-cache
x-fb-debug: 4x7yHoOkZSRl0wuQ6Nm2U8hcLVSe7pSpBRDGGHkzal7QvksluUx03vtOEyYpukiY65cMoVBw0A3FR3AR7HO5Fw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402855599361301198"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 213ms
204ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=783301121827721&ev=PermutiveSegmentEntry_11123&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633911&sw=1600&sh=1200&v=2.9.164&r=stable&ec=6&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=GET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=17, mss=1297, tbw=10873, tp=-1, tpl=-1, uplat=3, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 05:00:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 223ms
215ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=783301121827721&ev=PermutiveSegmentEntry_11123&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633911&sw=1600&sh=1200&v=2.9.164&r=stable&ec=6&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=FGET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Wed, 14 Aug 2024 05:00:34 GMT
document-policy: force-load-at-top
x-fb-server-load: 32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402855601155547019", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=18, mss=1297, tbw=14750, tp=-1, tpl=-1, uplat=22, ullat=0
pragma: no-cache
x-fb-debug: xqVrrtS0d18QMNtVcOfBeEIePlJiHe5F3XK55DdBHEJpEIr95n6hIFr85YzYJrRdoqUZI2tZ2SFxzw0BZSLNDQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402855601155547019"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 213ms
205ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=528995260596026&ev=PermutiveSegmentEntry_11123&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633912&sw=1600&sh=1200&v=2.9.164&r=stable&ec=5&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=GET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=17, mss=1297, tbw=10873, tp=-1, tpl=-1, uplat=3, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 05:00:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
891 B 741ms
733ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=528995260596026&ev=PermutiveSegmentEntry_11123&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633912&sw=1600&sh=1200&v=2.9.164&r=stable&ec=5&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=FGET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x5848fefe7e14644a","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["23:1827482533954077","7811:1827482533954077","10193:1827482533954077","10853:1827482533954077","40:1827482533954077","8050:1827482533954077"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 14 Aug 2024 05:00:35 GMT
x-fb-server-load: 67
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402855600810215599", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=125, rtx=0, c=41, mss=1297, tbw=24182, tp=-1, tpl=-1, uplat=545, ullat=0
pragma: no-cache
x-fb-debug: mMVqfnf9lsc9re7fZIQUJVm+uiTBrnqw3MXP6ep4VH4TV/S19QuVNJl+hvnTGIPXHxJUdbxNDJcyTrgFdZma+w==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402855600810215599"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 seg
secure.adnxs.com/ 0
1 KB 205ms
198ms Image
application/javascript 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=37404847&t=1

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:34 GMT
an-x-request-uuid: e14913a3-4f1e-4b2c-8cf9-0088e9558775
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 162.245.206.249; 162.245.206.249; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 seg
secure.adnxs.com/ 0
1 KB 167ms
161ms Image
application/javascript 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=37373517&t=1

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:34 GMT
an-x-request-uuid: 49b52d11-a99b-4888-8144-c27e28fbc736
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 162.245.206.249; 162.245.206.249; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 seg
secure.adnxs.com/ 0
1 KB 138ms
132ms Image
application/javascript 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=33269986&t=1

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:34 GMT
an-x-request-uuid: a0c8914d-2b4e-4050-bde1-b761d807c773
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 162.245.206.249; 162.245.206.249; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
99 B 134ms
128ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=783301121827721&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633913&cd[segment_id]=20320&sw=1600&sh=1200&v=2.9.164&r=stable&ec=7&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=GET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=18, mss=1297, tbw=11374, tp=-1, tpl=-1, uplat=3, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 05:00:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
859 B 164ms
159ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=783301121827721&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633913&cd[segment_id]=20320&sw=1600&sh=1200&v=2.9.164&r=stable&ec=7&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=FGET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Wed, 14 Aug 2024 05:00:34 GMT
document-policy: force-load-at-top
x-fb-server-load: 37
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402855600149433900", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=18, mss=1297, tbw=20133, tp=-1, tpl=-1, uplat=20, ullat=1
pragma: no-cache
x-fb-debug: 8zR7fawbxAjrZRFFEJpi1dF5AOayCL+EsvmAlceuCg/wY4aDJd2fHTj/X6n1r36yZxKQeZ9YkNQsxeQhwQfLyQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402855600149433900"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
99 B 134ms
129ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=528995260596026&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633915&cd[segment_id]=20320&sw=1600&sh=1200&v=2.9.164&r=stable&ec=6&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=GET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=18, mss=1297, tbw=11517, tp=-1, tpl=-1, uplat=4, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 05:00:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 169ms
164ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=528995260596026&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633915&cd[segment_id]=20320&sw=1600&sh=1200&v=2.9.164&r=stable&ec=6&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=FGET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x8de5484167e82645","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["23:1827482533954077","7811:1827482533954077","10193:1827482533954077","10853:1827482533954077","40:1827482533954077","8050:1827482533954077"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 14 Aug 2024 05:00:34 GMT
x-fb-server-load: 44
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402855599924303363", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=18, mss=1297, tbw=21014, tp=-1, tpl=-1, uplat=23, ullat=0
pragma: no-cache
x-fb-debug: ExZeJq2nj3K2dqzPzUqTX39eyTjXSu8mIfQJGvEO7CoQwEVGqn9W3p3NsH4BaJYvUFtHGIP+hZFsqQq4+GNmOg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402855599924303363"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
99 B 134ms
129ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=783301121827721&ev=PermutiveSegmentEntry_20320&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633917&sw=1600&sh=1200&v=2.9.164&r=stable&ec=8&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=GET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=18, mss=1297, tbw=11629, tp=-1, tpl=-1, uplat=6, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 05:00:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
865 B 169ms
164ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=783301121827721&ev=PermutiveSegmentEntry_20320&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633917&sw=1600&sh=1200&v=2.9.164&r=stable&ec=8&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=FGET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Wed, 14 Aug 2024 05:00:34 GMT
document-policy: force-load-at-top
x-fb-server-load: 46
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402855600352229489", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=18, mss=1297, tbw=22103, tp=-1, tpl=-1, uplat=24, ullat=0
pragma: no-cache
x-fb-debug: udUgT8FB8+EheunpkhegSaez+6vNXd1/PhnQjr3tQr3C0hs7Jd08ZL9cilwfkWhf1/nNP+vQx9yPgJjb6hfEkw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402855600352229489"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
99 B 133ms
128ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=528995260596026&ev=PermutiveSegmentEntry_20320&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633918&sw=1600&sh=1200&v=2.9.164&r=stable&ec=7&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=GET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=18, mss=1297, tbw=11629, tp=-1, tpl=-1, uplat=5, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 05:00:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 230ms
225ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=528995260596026&ev=PermutiveSegmentEntry_20320&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&rl=&if=false&ts=1723611633918&sw=1600&sh=1200&v=2.9.164&r=stable&ec=7&o=4126&fbp=fb.1.1723611633493.157194779802120784&ler=empty&cdl=API_unavailable&it=1723611633332&coo=false&rqm=FGET

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x45866bbf660d5a96","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["23:1827482533954077","7811:1827482533954077","10193:1827482533954077","10853:1827482533954077","40:1827482533954077","8050:1827482533954077"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 14 Aug 2024 05:00:34 GMT
x-fb-server-load: 42
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402855601149541652", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=18, mss=1297, tbw=22990, tp=-1, tpl=-1, uplat=25, ullat=0
pragma: no-cache
x-fb-debug: QyWlHIJ8wG4tVxDDPNGFh/Cjxtdz7RFk8pQhXmglPJDzev0JepP4AuucIeBGqZa87hTIeVxKwAP1i3thPVs6bw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402855601149541652"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 twin.php
twin-iq.kickfire.com/ 95 B
365 B 94ms
94ms Image
image/png 54.245.213.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://twin-iq.kickfire.com/twin.php?TWIQ=14971&kftwiqpg=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&Hst=www.csoonline.com&r=0.7046300743879204

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.245.213.2 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-245-213-2.us-west-2.compute.amazonaws.com

Software

Apache/2.4.58 () / PHP/7.2.34

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:33 GMT
content-security-policy: frame-ancestors 'none';
x-content-type-options: nosniff
server: Apache/2.4.58 ()
x-powered-by: PHP/7.2.34
x-frame-options: DENY
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK analytics.js Show response
tribl.io/ 19 KB
6 KB 121ms
121ms Script
application/javascript 34.224.230.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tribl.io/analytics.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.224.230.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-230-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 30e0c355dca9b065dd06bf034ede814dca5dc1e4c3d143106b5b92e71aa2e1be

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 14 Aug 2024 05:00:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jul 2024 01:12:57 GMT
Server: nginx
ETag: W/"668de019-4c52"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET /
idg.blueconic.net/DG/DEFAULT/rest/rpc/ 0
0

GET
H2 200 0 Show response
config.aps.amazon-adsystem.com/configs/ 528 B
795 B 554ms
128ms Script
application/javascript 108.138.106.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/0
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-59.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 90b6e25ee9d4fcad0d487ceaece7e28859a87e6ef6a58d7f82dad1f6d3948698

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 04:19:14 GMT
via: 1.1 134f499632d1e15750219cb766bdc50c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
age: 2481
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 528
x-amz-cf-id: 7ZA1jzYRdnr3abehA26_z1XaV-bJvc0OQvOHlJYlDvqnucPPEqOkxw==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
304 B 142ms
141ms XHR
text/plain 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=0&u=https%3A%2F%2Fwww.csoonline.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:33 GMT
via: 1.1 e7e95bff6b1d430c678b4f86ab211a1a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P3
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.csoonline.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 2jEdDHmVyB3QjJzIeZLE88u1vySF6Oox6h9As2yyrnOXJMSs0oa5Mg==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
358 B 509ms
137ms XHR
text/javascript 108.138.127.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=0&u=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&pid=2Y1R9hlrTMyc7&cb=0&ws=1600x1200&v=24.806.2109&t=1000&slots=%5B%7B%22sd%22%3A%22gpt-leaderboard-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x50%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F8456%2FIDG.G_B2B_CSOOnline.com%2F404_0%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gpp=DBABLA%7EBVQqAAAAAgA&gpp_sid=%5B7%5D&sm=20e04199-7a2b-4da5-a16c-c603f17fa85d&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.127.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-127-64.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:33 GMT
via: 1.1 d877346b368e974486e739220882b59e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P4
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.csoonline.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: xmJeINnV38N6F6yClTUeUcg7G0tnbMf_wJPZ_GQ0ryUkoyOl3QL-1Q==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 376ms
128ms XHR
application/javascript 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 c790ffcab27717f283a6e87f31c6d65a.cloudfront.net (CloudFront)
date: Tue, 13 Aug 2024 21:49:02 GMT
x-amz-cf-pop: JFK50-P3
age: 25893
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Origin,accept-encoding
x-amz-cf-id: GuTF6KkyJa1CdCZbQoVUitJH8DXVOk5ygrzneNDIKTPEjUeO3q3AVw==

GET
H2 200 css
fonts.googleapis.com/ 342 B
741 B 494ms
130ms Stylesheet
text/css 2607:f8b0:400d:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+Symbols:wght@100;200;300&display=swap&text=%E2%9E%80%E2%9E%81%E2%9E%82%E2%9E%83%E2%9E%84%E2%9E%85%E2%9E%86%E2%9E%87%E2%9E%88%E2%9E%89%E2%9E%8A%E2%9E%8B%E2%9E%8C%E2%9E%8D%E2%9E%8E%E2%9E%8F%E2%9E%90%E2%9E%91%E2%9E%92%E2%9E%93

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@miso.ai/client-sdk@1.9.8-beta.0/dist/css/ui.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ef95f328fa66349cf10e98377cfafada07996f11c629350aceb6c51dcd43594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn.jsdelivr.net/npm/@miso.ai/client-sdk@1.9.8-beta.0/dist/css/ui.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Aug 2024 05:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 14 Aug 2024 05:00:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Aug 2024 05:00:34 GMT

GET
H2 200 topics_api Show response
psb.taboola.com/ 65 B
285 B 208ms
61ms Fetch
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://psb.taboola.com/topics_api
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1019691/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 14 Aug 2024 05:00:34 GMT
via: 1.1 varnish
server: Varnish
observe-browsing-topics: ?1
x-timer: S1723611634.270138,VS0,VE0
x-cache: HIT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=2592000
accept-ranges: bytes
content-length: 65
retry-after: 0
x-served-by: cache-lax-kwhp1940050-LAX

GET
H2 200 json Show response
trc.taboola.com/1019691/trc/3/ 3 KB
2 KB 88ms
79ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1019691/trc/3/json?tim=1723611634107&data=%7B%22id%22%3A887%2C%22ii%22%3A%22%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1723611634092%2C%22cv%22%3A%2220240808-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Didg-sc-network%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22cbp%22%3A%22TcfApi%22%2C%22cbpv%22%3A%222%22%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1723611634106%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html%22%2C%22tos%22%3A10%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ccpaPs%22%3A%221YNN%22%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22ccpa%22%3A%221YNN%22%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1019691/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e1a8d3fca42967c71abed847efcc6fdc913c8d7689fad11d8fb6d311604e10

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms: 15
date: Wed, 14 Aug 2024 05:00:34 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.12025
x-fastly-to-nlb-rtt: 1266
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lax-kwhp1940108-LAX
x-log-content-encoding: gzip
server: nginx
x-timer: S1723611635.867675,VS0,VE15
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/AW-965409852/ 42 B
64 B 133ms
133ms Image
image/gif 142.251.163.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-965409852/?random=1723611632999&cv=11&fst=1723611600000&bg=ffffff&guid=ON&async=1&gtm=45be48c0z8839094799za201zb839094799&gcd=13l3l3l3l5&dma=0&tcfd=10648&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20%7C%20CSO%20Online&npa=0&us_privacy=1YNN&gdpr=0&gdpr_consent=tcempty&pscdl=noapi&auid=1252027476.1723611633&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf5NPH2zvLR5ARkcGgWWz7MnIArI5bzA&random=2535376615&rmt_tld=0&ipr=y

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 event Show response
mau.idgesg.net/mtc/ 116 B
786 B 528ms
522ms XHR
application/json 44.198.21.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mau.idgesg.net/mtc/event
Requested by: Host: mau.idgesg.net
URL: https://mau.idgesg.net/mtc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.198.21.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-198-21-138.compute-1.amazonaws.com
Software: nginx/1.22.1 / PHP/7.4.33
Resource Hash: c63ee2c1218938af50dab728c621c7848f8c6c924b9f16a9d9a14b099145538e

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 14 Aug 2024 05:00:34 GMT
server: nginx/1.22.1
x-powered-by: PHP/7.4.33
access-control-max-age: 36000
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.csoonline.com
cache-control: max-age=0, must-revalidate, private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Authorization
expires: Wed, 14 Aug 2024 05:00:34 GMT

GET /
idg.blueconic.net/DG/DEFAULT/rest/rpc/ 0
0

OPTIONS
H2 204 event
mau.idgesg.net/mtc/ Frame 0
0 402ms
164ms Preflight 44.198.21.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mau.idgesg.net/mtc/event
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.198.21.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-198-21-138.compute-1.amazonaws.com
Software: nginx/1.22.1 / PHP/7.4.33
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.csoonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Authorization
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: https://www.csoonline.com
access-control-max-age: 36000
cache-control: no-cache, private
date: Wed, 14 Aug 2024 05:00:34 GMT
server: nginx/1.22.1
x-powered-by: PHP/7.4.33

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 2 KB
564 B 237ms
226ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=84c7e805-5ce9-41f4-b988-3529488bab1c
Requested by: Host: cdn.permutive.app
URL: https://cdn.permutive.app/f5b3be27-f789-4ef1-8867-37c67da5b361-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 97ae51439e1c4d05dbc2e1a1bdca4408d48c37a1a6d748348353194e29eb6e84

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 14 Aug 2024 05:00:34 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.csoonline.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 546

GET
H2 200 ts_.htm Show response
t1.csoonline.com/a/ Frame 4326 2 KB
1 KB 136ms
131ms Document
text/html 18.164.96.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.csoonline.com/a/ts_.htm?ver=1.1501.57&cid=c074
Requested by: Host: t1.csoonline.com
URL: https://t1.csoonline.com/1/e/tcs.dhj?dmn=www.csoonline.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-105.jfk50.r.cloudfront.net
Software: /
Resource Hash: f52a25986db575f3b50734266b36cfe7d8e6889805d089e9963ae3b064aa7dc3

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: max-age=604800
content-encoding: gzip
content-length: 1165
content-type: text/html
date: Wed, 14 Aug 2024 05:00:34 GMT
expires: Wed, 21 Aug 2024 05:00:34 GMT
via: 1.1 3b0649a8bee506c1d7498462d39e6c44.cloudfront.net (CloudFront)
x-amz-cf-id: tb-TKdQigCH2QuBErf0xsBktt6PGo1qd2ByI4kGIAM0O5foFr_9siA==
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
x-robots-tag: noindex, nofollow

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
357 B 136ms
135ms XHR
text/javascript 108.138.127.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=0&u=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&pid=2Y1R9hlrTMyc7&cb=1&ws=1600x1200&v=24.806.2109&t=1000&slots=%5B%7B%22sd%22%3A%22gpt-leaderboard-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x50%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F8456%2FIDG.G_B2B_CSOOnline.com%2F404_0%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gpp=DBABLA%7EBVQqAAAAAgA&gpp_sid=%5B7%5D&sm=20e04199-7a2b-4da5-a16c-c603f17fa85d&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.127.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-127-64.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:34 GMT
via: 1.1 d877346b368e974486e739220882b59e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P4
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.csoonline.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: KVHVC6FwsXC6Kh16erU7BJNl0FSUnG2UAS-3IYpsAxH-6uhQapmdRQ==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 55 KB
28 KB 228ms
227ms Fetch
text/plain 172.217.197.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3150327248048430&correlator=3745753777486216&eid=31079956%2C31085738%2C31084183%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408080101&ptt=17&impl=fif&gdpr=0&us_privacy=1YNN&gpp=DBABLA~BVQqAAAAAgA&gpp_sid=7&iu_parts=8456%2CIDG.G_B2B_CSOOnline.com%2C404&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1723611634888&lmt=1723611634&adxs=436&adys=99&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&vis=1&psz=1600x1967&msz=1600x-1&fws=512&ohw=0&topics=1&tps=1&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723611630311&idt=3453&prev_scp=pos%3DATF1%26amznbid%3D1%26amznp%3D1&cust_params=permutive%3D10844%252C10958%252C11123%252C11510%252C11525%252C11550%252C11959%252C13727%252C188600%252C20320%252C20891%252C24766%252C24825%252C92257%252Cadv%252Cbyog%252Crts%26articleId%3D%26author%3D%26browser%3DMozilla%252F5.0(X11%253BLinuxx86_64)AppleWebKit%252F537.36(KHTML%252ClikeGecko)Chrome%252F127.0.0.0Safari%252F537.36%26templateType%3Dother%26categorySlugs%3D%26tags%3D%26categoryIds%3D%26productId%3D%26goldenIds%3D%26channel%3D%26fireplace%3Dfalse%26type%3D%26typeId%3D%26sponsored%3Dfalse%26video-autoplay%3Dtrue%26manufactuer%3D%26zone%3Dindex-other%26wpsponsorshipId%3D%26inskin_yes%3Dtrue%26device%3Dsuperwide%26prmtvsdk%3Dweb&adks=2738254348&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f154.1e100.net

Software

cafe /

Resource Hash

861465bb8e4365ac3c9efc5797a5a57c7d994b32798d212c3dc5350eefbb8711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28385
x-xss-protection: 0
google-lineitem-id: 6711811571
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138481858096
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.csoonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7be0a8f11b852a586f893d2a3e92860a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0DF6 0
0 420ms
123ms Document
text/html 2607:f8b0:400d:c0e::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7be0a8f11b852a586f893d2a3e92860a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Aug 2024 05:00:35 GMT
expires: Wed, 14 Aug 2024 05:00:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
14 KB 190ms
188ms Fetch
text/plain 172.217.197.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3150327248048430&correlator=892850160430570&eid=31079956%2C31085738%2C31084183%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408080101&ptt=17&impl=fif&gdpr=0&us_privacy=1YNN&gpp=DBABLA~BVQqAAAAAgA&gpp_sid=7&iu_parts=8456%2CIDG.G_B2B_CSOOnline.com%2C404&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=640x480&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1723611634912&lmt=1723611634&adxs=480&adys=128&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&vis=1&psz=640x0&msz=640x-1&fws=0&ohw=0&topics=1&tps=1&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723611630311&idt=3453&prev_scp=pos%3Dgpt-overlay&cust_params=permutive%3D10844%252C10958%252C11123%252C11510%252C11525%252C11550%252C11959%252C13727%252C188600%252C20320%252C20891%252C24766%252C24825%252C92257%252Cadv%252Cbyog%252Crts%26articleId%3D%26author%3D%26browser%3DMozilla%252F5.0(X11%253BLinuxx86_64)AppleWebKit%252F537.36(KHTML%252ClikeGecko)Chrome%252F127.0.0.0Safari%252F537.36%26templateType%3Dother%26categorySlugs%3D%26tags%3D%26categoryIds%3D%26productId%3D%26goldenIds%3D%26channel%3D%26fireplace%3Dfalse%26type%3D%26typeId%3D%26sponsored%3Dfalse%26video-autoplay%3Dtrue%26manufactuer%3D%26zone%3Dindex-other%26wpsponsorshipId%3D%26inskin_yes%3Dtrue%26device%3Dsuperwide%26prmtvsdk%3Dweb&adks=2969663433&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f154.1e100.net

Software

cafe /

Resource Hash

5cd884261cf0503b6f4d1ef30073bc3b013262003b78dbbaf9f048a3fea2d2ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14334
x-xss-protection: 0
google-lineitem-id: 6758863169
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138452266315
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.csoonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 61ms
61ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1019691/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Wed, 14 Aug 2024 05:00:34 GMT
x-amz-request-id: F6BG6AB3KQARJFET
age: 1360
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: aog99H33rRkFyGRHsW5IAuoBmsidz61q5Uqq6mE6b88IWVu4/7NwcabwjbLzS/CY/e4+f5A5X14=
x-served-by: cache-lax-kwhp1940108-LAX
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1723611635.951695,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 13
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 1912

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 62ms
62ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1019691/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding: gzip
via: 1.1 varnish
date: Wed, 14 Aug 2024 05:00:34 GMT
x-amz-request-id: SJQ0T3QGKXD44PHK
age: 17558
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6467
x-amz-id-2: UIG1P0XS99ALWwuXWv9Jmf6jjI0xE1QLbmLDzh1eE/6DMjJ22AIgZC7YpUBu3ofWJrgAuupYrH0=
x-served-by: cache-lax-kwhp1940108-LAX
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
server: AmazonS3
x-timer: S1723611635.951678,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 13
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 23736

GET
H2 200 / Show response
pips.taboola.com/ 4 B
112 B 65ms
61ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 14 Aug 2024 05:00:35 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.csoonline.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-served-by: cache-lax-kwhp1940050-LAX

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 436ms
128ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=ab66a168-452c-45ce-9f21-3c86e39f9ea9-tuctdb5bf72&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Aug 2024 05:00:35 GMT
cache-control: no-store
server: nginx

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
619 B 130ms
130ms Image
image/gif 204.236.230.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=8636299&ntv_pl=1213056
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.236.230.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-204-236-230-97.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:35 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 9B88 61 KB
15 KB 456ms
122ms Script
application/javascript 3.216.221.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=8879&campId=640x480&pubId=4693602887&chanId=23054726541&placementId=6758863169&pubCreative=138452266315&pubOrder=3263717969&cb=630969462&custom=gpt-overlay&custom2=csoonline.com&adsafe_par&impId=
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.221.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-221-176.compute-1.amazonaws.com
Software: /
Resource Hash: c66153fa5d9645a21041586215435bcf57f79eea44ad74c2241a0fa60ef3c0d5

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:35 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4DC8 0
0 492ms
491ms Fetch
image/gif 172.217.197.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssimDelg31FtTAGvV6uEv2YN2BgfjDFQDzE_JcKDE6UAdcQ_WjLrasm8He3p2iX0xLPyZXfCNSn3TYuNnR5u6Ramu6BPNwQQz5oEj0wXujTQhki801K_lfl46PMFoxmWZAq3wHhR7zJrrbnQ9RR6YVtuMt21tf5VXL4R_G0TftLYu8MDwpaUEXwyDHi-valOhNRmoot-W3j8_3Zto2JOU0uK9Qa5JEN0UPL9Lg2XFmTTbdpiPSbd0kCRCLVG2rPXOrvAa8YPIgZzhN3nS-ztBqqaS_8ptjeBCnBkYUVXONGkQUVUXu6AU6Vu37Ybr_3WOWccO2-gTvlqRu8nPf-7ISKBFkHQ6i2I5F1fRuEwhPjEf1BmogEXBmTee_O&sai=AMfl-YTOzYOdFXi5w-SiQNVXOqn3hA3G7akAanXoP4Cp2JKMIo_hR6QF-0iJyvCuzaqQdAgxaE2pMVKgkd2ohF-a7l3LZGaGr6XG27Pwb0XoGUQlFBVXcgBQewpY5iYePQ&sig=Cg0ArKJSzMRDdVk3vbEbEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 4DC8 18 KB
8 KB 395ms
135ms Script
text/javascript 2607:f8b0:400d:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47866b8d2915779096be19131efecce0297c2a0c37f581c4e6ee187b13ebb8ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 04:37:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7940
x-xss-protection: 0
last-modified: Thu, 04 Apr 2024 14:32:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 14 Aug 2024 05:37:11 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4DC8 204 KB
63 KB 366ms
122ms Script
text/javascript 142.251.174.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.174.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f155.1e100.net

Software

cafe /

Resource Hash

4d20e34d7517ba277214444e8f314c7b75141eb1979493453252daa941808ab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 04:43:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1001
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64804
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 14 Aug 2024 05:43:54 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4DC8 0
26 B 669ms
177ms Image
image/gif 172.217.197.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK i
collector.brandmetrics.com/ 0
143 B 114ms
113ms Image
text/plain 20.40.202.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.brandmetrics.com/i?siteid=859f1054-306e-4cf1-ba1e-f830aaa45fea&toploc=www.csoonline.com&mid=710aa3bea33c42e7b6c5b9462d40435d&pid=138452266315%3A6758863169&eid=12&rnd=1594285
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 14 Aug 2024 05:00:35 GMT
Content-Length: 0
Request-Context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame F80F 61 KB
15 KB 391ms
124ms Script
application/javascript 3.216.221.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=8879&campId=728x90&pubId=4679177913&chanId=23054726541&placementId=6711811571&pubCreative=138481858096&pubOrder=3541950915&cb=1943043318&custom=ATF1&custom2=csoonline.com&adsafe_par&impId=
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.221.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-221-176.compute-1.amazonaws.com
Software: /
Resource Hash: 01d84f32fc137d12f71248601957b80440f25bebd6af3a7df2e3e682dfa96108

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:35 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1A4B 0
0 789ms
494ms Fetch
image/gif 209.85.232.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdM-TFCiTKW-MRX7ZdLmXplPZRkiiNCuplbPKIkPj48qelT2eRJ6f9IjedFrh29ixOUe0lvVyR1ejR1BYVh2fjPcF5IIimQn0hs0H7KfAJ2VF8XinSd1FtlJ6UaN9XcmdUnyrFytDgQirPl4lcaUEnyQGydZoxYxBXFo4hCktXR5vmAsqaCqdjJKe7kST-SnHXmQNqqWWgQAvB4PZ1D0jxUR_LW1poP_zS0gKvyoo_6HdARk1jmRUa57c1r56DODvXwOLTXbZpja352UOpX6Pj9nIHeIzoiWJpeuz0ToQ2O3b6CyzRnKLElpRPICyBfqVAQCQqJGd_LxoKBW4GUkbbFixuR3phnNpOyYwa1nSMkhdaLkJn4bMPd1Li4khkGlzckh-bRNWFqKTrRlupnjwiAzwkD5rvsvG-tnU5aU4xGI2QwEWC5xfsLweT_yQhSn__bVDFsApnUKQZreQrG7c5sUXt0smW8TNUDFCtyBYP&sai=AMfl-YRCOEb0SQM_S9H0TbXxRVkiuTnSfN2xgIF0PmOnUUEwG553humla1_JBtb9eS-8jEi9--hWLoFMO83V0IsMeBRJbVTOyw7Es3zEVb76ifyBeB_4AAy2p1xqaKIlsUU&sig=Cg0ArKJSzOGXT4rDnb-PEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.232.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 14 Aug 2024 05:00:36 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/essencedigitalna20153870852878/ Frame 1A4B 342 KB
116 KB 499ms
119ms Script
application/x-javascript 23.62.165.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/essencedigitalna20153870852878/moatad.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.165.161 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-165-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

c4a21799c079dbdfa714c45d7a501a98bb032462489428804093dad35f638ccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Aug 2024 05:00:35 GMT
content-md5: 6bMPC9yyrV0UGsV8N4YNkw==
storage-tier: Standard
content-length: 118076
opc-meta-btime: 2024-04-22T05:24:14Z
opc-meta-mtime: 1713763454
last-modified: Mon, 22 Apr 2024 19:50:25 GMT
opc-request-id: iad-1:TU-TA-YFW1X1wf0nVk3NAh4MryfmMXi5Fpxu8vfk45ZJOBgFXEeYqW9ruTjTEFCE
x-api-id: native
etag: 6a0856f3-ec8b-41da-8f86-0fe9f4ad077b
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 2dc6afc0-61ea-46a6-aeb7-792aa872565a
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=25323
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 durly.js Show response
c.evidon.com/ Frame 1A4B 4 KB
2 KB 497ms
119ms Script
application/x-javascript 23.212.251.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/durly.js?;coid=1783;nid=164499;ad_wxh=728x90;
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.251.11 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-251-11.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fbcacda475ed69433f5f60034f72c38bf7dfa6d4c89f7ee7a2c2f88945f813b5

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:35 GMT
content-encoding: gzip
last-modified: Tue, 21 Nov 2023 17:30:28 GMT
server: AkamaiNetStorage
etag: "b89cae0eeff70e139af64eed93353c19:1700587828.86706"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1605

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1A4B 41 KB
14 KB 385ms
123ms Script
text/javascript 2607:f8b0:400d:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 93961
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 02:54:34 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1A4B 204 KB
0 296ms
296ms Script
text/javascript 142.251.174.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.174.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f155.1e100.net

Software

cafe /

Resource Hash

4d20e34d7517ba277214444e8f314c7b75141eb1979493453252daa941808ab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 04:43:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1001
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64804
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 14 Aug 2024 05:43:54 GMT

GET
H2 200 2921862643752850492
s0.2mdn.net/simgad/ Frame 1A4B 10 KB
11 KB 382ms
122ms Image
image/png 2607:f8b0:400d:c07::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2921862643752850492

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::95 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86208f418fce22f1905ac511b20a36fb0fec109838679ae65c80d6cfd3f2cb46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Sun, 11 Aug 2024 18:15:25 GMT
x-content-type-options: nosniff
age: 211510
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10729
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 21:57:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Aug 2025 18:15:25 GMT

GET
H/1.1 200
OK i
collector.brandmetrics.com/ 0
143 B 162ms
117ms Image
text/plain 20.40.202.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.brandmetrics.com/i?siteid=859f1054-306e-4cf1-ba1e-f830aaa45fea&toploc=www.csoonline.com&mid=7e28898bc45949e0baa935c50a046620&pid=138481858096%3A6711811571&eid=12&rnd=3297900
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 14 Aug 2024 05:00:35 GMT
Content-Length: 0
Request-Context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 132ms
131ms Fetch
text/plain 172.253.63.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LKE46QM5TV&gtm=45je48c0v886852374z8839094799za200zb839094799&_p=1723611631206&gcs=G1--&gcd=13l3l3l3l5&npa=0&dma=0&tcfd=10648&tag_exp=0&cid=1248777135.1723611632&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1723611632&sct=1&seg=0&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&dt=Page%20not%20found%20%7C%20CSO%20Online&en=kickfire-api-success&_et=1049&up.kickfire_company_name=Cisco%20Systems%2C%20Inc&up.kickfire_website=cisco.com&up.kickfire_city=San%20Jose&up.kickfire_region=California&up.kickfire_country=United%20States&up.kickfire_employees=25%2C000%2B&up.kickfire_revenue=%241%2C000%2C000%2C000%2B&up.kickfire_sic_desc=Prepackaged%20Software&up.kickfire_sic_code=7372&up.kickfire_sic_group=Business%20Services&up.kickfire_naics_desc=Software%20Publishers&up.kickfire_naics_code=513210&up.kickfire_naics_group=Information&up.kickfire_trade_name=Cisco&tfd=6101
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LKE46QM5TV&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f113.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.csoonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
790 B 130ms
129ms Stylesheet
text/css 2607:f8b0:400d:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b09b0920822a9385cac1bb34a1df9f96489dbbef839a5f33cf73c84b730410b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Aug 2024 05:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 14 Aug 2024 04:11:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Aug 2024 05:00:35 GMT

GET
H2 200 CSO-favicon.png
cdn.subscribers.com/uploads/setting/modal_image/44542/ 27 KB
27 KB 71ms
68ms Image
image/png 2606:4700:10::6816:28db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.subscribers.com/uploads/setting/modal_image/44542/CSO-favicon.png
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a044e5e607bdcd95ab88ddde10ab09952219cbc97659aec9d5916b6ccf991586

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:35 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Aug 2023 15:09:28 GMT
server: cloudflare
x-amz-request-id: G7GK32WCSWCCZXDP
age: 5531
etag: "46b0889be452340df4a3f929b79c9352"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b2e61d2db0f2aaf-LAX
content-length: 27678
x-amz-id-2: ypYWZ7n/v9zW5erko2Yemy9i2HF19Rnb/pjJI/sm2k93j9woFYcwrkllflMvX3o/+3B8xdDy+gY=

GET
H2 204 unip Show response
trc-events.taboola.com/1019691/log/3/ 0
633 B 392ms
127ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1019691/log/3/unip?en=pre_d_eng_tb&tos=1568&scd=0&ssd=1&est=1723611634096&ver=36&isls=true&src=i&invt=1500&msa=767&rv=1&tim=1723611635665&vi=1723611634092&ri=6d5e0db746b6192201b09e602f5b131e&sd=v2_e18a87e7bb643a7cd28eae0f33386a67_ab66a168-452c-45ce-9f21-3c86e39f9ea9-tuctdb5bf72_1723611634_1723611634_CNawjgYQq54-GKyzifqUMiABKAEw4QE4kaQOUABYAGAAaJCn04rA_PzUT3AB&ui=ab66a168-452c-45ce-9f21-3c86e39f9ea9-tuctdb5bf72&ref=null&cv=20240808-24-RELEASE&item-url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&ccpaPs=1YNN&cbp=TcfApi&cbpv=2&it=JS_PIXEL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1019691/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Attribution-Reporting-Eligible: trigger
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.csoonline.com
pragma: no-cache
date: Wed, 14 Aug 2024 05:00:36 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

OPTIONS
H2 200 unip
trc-events.taboola.com/1019691/log/3/ Frame 0
0 427ms
126ms Preflight 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1019691/log/3/unip?en=pre_d_eng_tb&tos=1568&scd=0&ssd=1&est=1723611634096&ver=36&isls=true&src=i&invt=1500&msa=767&rv=1&tim=1723611635665&vi=1723611634092&ri=6d5e0db746b6192201b09e602f5b131e&sd=v2_e18a87e7bb643a7cd28eae0f33386a67_ab66a168-452c-45ce-9f21-3c86e39f9ea9-tuctdb5bf72_1723611634_1723611634_CNawjgYQq54-GKyzifqUMiABKAEw4QE4kaQOUABYAGAAaJCn04rA_PzUT3AB&ui=ab66a168-452c-45ce-9f21-3c86e39f9ea9-tuctdb5bf72&ref=null&cv=20240808-24-RELEASE&item-url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&ccpaPs=1YNN&cbp=TcfApi&cbpv=2&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://www.csoonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://www.csoonline.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Wed, 14 Aug 2024 05:00:36 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

GET
H2 200 impl_v101.js Show response
www.googletagservices.com/dcm/ Frame 4DC8 60 KB
24 KB 123ms
121ms Script
text/javascript 2607:f8b0:400d:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ad68c8b729e22717f327f8d8a5465366772f15b18a479115b0e71a450f790bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 18:42:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24223
x-xss-protection: 0
last-modified: Mon, 01 Apr 2024 16:06:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Aug 2025 18:42:27 GMT

GET
H2 200 62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 855A 0
0 363ms
122ms Document
text/html 2607:f8b0:400d:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 95412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 02:30:24 GMT
expires: Wed, 13 Aug 2025 02:30:24 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 389ms
121ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.csoonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 20:57:21 GMT
x-content-type-options: nosniff
age: 460995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Aug 2025 20:57:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 427ms
160ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.csoonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 20:57:27 GMT
x-content-type-options: nosniff
age: 460989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Aug 2025 20:57:27 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1A4B 0
0 737ms
493ms Fetch
image/gif 172.217.197.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSTky0jWg6Zmimrw69Mu0QlGw3f5utU-pKfwoYoi32nOyWDgmXiy81NVEWuaf-ukCn3M7cwXEprbS1NTSp67mO2ukmwOetrgDK3GAkpYwXZgboUzReMUZP9L79JFy9mgGroUreW1SXvUDOlh_gjrvs3tOEC07IUVOaqvcQSKTlEc-IKX8-f_stqDlRJ5EIRJ0yu_7S_3riRaPR4gISL8z_o3BaEHLQ-6IEolIX3WIWqBWrtkXwldJ55X4Yy3WxB9bvQPjROwtLrBHdir549sFOA-bpc1xMRophv32B_cIVGidDDNmXLvBRrEZuGj8BOvGm8scHuFgJS_EiThNBCphDpmQVZ67UO9KuX-1MAWHEup9y7kuPJgCTDVsbU0STjpXPvgsyJoo&sai=AMfl-YRfj5Cz5naEiNzagreiO4MA5SdJDp10UiNqBJRn8SlFDtV1yvSoyF8YlMfhgGknj6fOZESlaA5uPmCo_nWtxRLCkR38rPsjh05DLNPRG6A7vkz_Y5z6Orjvqaifidg&sig=Cg0ArKJSzO2KFCdkwkuXEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 14 Aug 2024 05:00:36 GMT

GET
DATA 200
OK truncated
/ Frame 1A4B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d315602f7777f916318d9edcf7dac6425839561f4168026d396d89a5ecadf712

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A4B 0
0 434ms
193ms Fetch
image/gif 142.251.174.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.174.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DC8 0
0 751ms
354ms Fetch
image/gif 142.251.174.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.174.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cso-logo-white.png
b2b-contenthub.com/wp-content/uploads/2024/06/ 14 KB
14 KB 267ms
60ms Image
image/webp 192.0.66.19
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b2b-contenthub.com/wp-content/uploads/2024/06/cso-logo-white.png
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 47cdd06cfabe8153d2b52297912489ea0006a64e7b049e73e6eddc7a0316da72

Request headers

Referer: https://www.csoonline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:36 GMT
x-rq: bur5 115 120 443
last-modified: Tue, 06 Aug 2024 04:05:46 GMT
server: nginx
etag: "d6c7f8c6e5d61120"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 14016

GET
H2 200 main.19.8.527.js Show response
static.adsafeprotected.com/ Frame F80F 228 KB
69 KB 574ms
148ms Script
application/javascript 2600:9000:25c8:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.527.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=8879&campId=728x90&pubId=4679177913&chanId=23054726541&placementId=6711811571&pubCreative=138481858096&pubOrder=3541950915&cb=1943043318&custom=ATF1&custom2=csoonline.com&adsafe_par&impId=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5d8584f16a63535e8db8b30766c71f08cbe97522ff74d862b75b65c6666d082

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 18:45:42 GMT
x-amz-version-id: cFdmuRXLAW8vrAULCehOq6nvI6iGGu_G
content-encoding: gzip
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 36895
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 05 Aug 2024 12:02:14 GMT
server: AmazonS3
etag: W/"7aa0ddd46d5c1aa1eddcaa5bf71210b9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Dqc9lcXAm3ulo-Eq8eqnCsbLcdojRlFdHUuVbB69cyzmd5N9oYEQzw==

GET
H2 200 main.19.8.527.js Show response
static.adsafeprotected.com/ Frame 9B88 228 KB
0 570ms
569ms Script
application/javascript 2600:9000:25c8:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.527.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=8879&campId=640x480&pubId=4693602887&chanId=23054726541&placementId=6758863169&pubCreative=138452266315&pubOrder=3263717969&cb=630969462&custom=gpt-overlay&custom2=csoonline.com&adsafe_par&impId=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5d8584f16a63535e8db8b30766c71f08cbe97522ff74d862b75b65c6666d082

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 18:45:42 GMT
x-amz-version-id: cFdmuRXLAW8vrAULCehOq6nvI6iGGu_G
content-encoding: gzip
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 36895
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 05 Aug 2024 12:02:14 GMT
server: AmazonS3
etag: W/"7aa0ddd46d5c1aa1eddcaa5bf71210b9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Dqc9lcXAm3ulo-Eq8eqnCsbLcdojRlFdHUuVbB69cyzmd5N9oYEQzw==

GET
DATA 200
OK truncated
/ Frame 4DC8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6d34eca72d275393867b77476567f83114f2f49d1b3082a1887d731bd466487

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4DC8 0
0 645ms
491ms Fetch
image/gif 172.217.197.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5I8pp1h0OunKsCf8UcxNB-XDtLQn7voogebcqp0FjidUCvegdGK9vbJbLJmvyU17Qk4GxifeKOWuOMx75VTjdFqmrk7GZJNHkxz9qiTQPwALBSpL9xr8UBY5wqSoczoJD27BX_Y4eQ0GHDnEu9elU_F0XeyjCJ4I-oAP8WciTUnQc6doqKdy9O_qGMDPbDYQ9dxDY5eItllc7BbdDo2KevzQ5mEhbdqnHJ62HN2b-4YNo-cr8WRxWOIk-1lFtmdVan5lbg-f2k0z6SbXeQ5yd8a_dWxx4PoZ0fi9ULMPS6YlQ5R7ZXuObd2H77TrspqqtXpe0rj7MBMc1FOZIzBWj64IYSmft7DrR0i4L7Pfq&sai=AMfl-YSsXzU3qX5cE2ZZZIfDNPI3RpU_DtA-MPDcDEs4_HL-6i0wKq9jI2KQZU5fVG-8uVsmbe1RsQthKo6wFxAehsu3EgdXgXQNdgjTkHRVKRXiQmUv3bBsef3Pz1RIJw&sig=Cg0ArKJSzMAHuMTPkUGNEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 14 Aug 2024 05:00:36 GMT

GET
H2 200 ba.js Show response
c.evidon.com/geo/ Frame 1A4B 41 KB
12 KB 120ms
119ms Script
application/x-javascript 23.212.251.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/ba.js?r231121
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1783;nid=164499;ad_wxh=728x90;
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.251.11 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-251-11.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7261a534c1150a0c8bd1e4e8e1ddf2491bdd33fb3ef2ad404cf636809b4bf1d6

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:36 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 22:20:59 GMT
server: AkamaiNetStorage
etag: "9f83d5e5d4b70be7cc9bfd480192fe71:1660602059.920236"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 12434

GET
H2 200 4.gif
c.evidon.com/a/ Frame 1A4B 43 B
326 B 118ms
117ms Image
image/gif 23.212.251.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/a/4.gif
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.251.11 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-251-11.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:36 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2010 17:07:29 GMT
server: AkamaiNetStorage
etag: "65786c291a4603aa5150a1884452838d:1271351254"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: image/gif
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 53

GET
H2 200 164499.js Show response
c.evidon.com/a/n/1783/ Frame 1A4B 2 KB
935 B 118ms
118ms Script
application/x-javascript 23.212.251.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/a/n/1783/164499.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r231121
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.251.11 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-251-11.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f2c44f9b21f98782a63a8f63785c8eb82845438f3e7b8994fe1bb5e5ea8eb085

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:36 GMT
content-encoding: gzip
last-modified: Mon, 01 Apr 2024 14:56:31 GMT
server: AkamaiNetStorage
etag: "642934a22dae581966e5d1bdcf1cb65f:1711983391.776467"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=600
accept-ranges: bytes
access-control-allow-headers: *
content-length: 647

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 201ms
119ms Image
image/gif 23.62.165.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ESSENCEDIGITALNA1&dMoatBDS=0&hp=1&sst=1&wf=1&ra=1&pxm=3&sgs=3&vb=2&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1723611636191&de=751228225088&m=0&ar=9cc5b3e58a7-clean&iw=f639a74&q=2&cb=0&ym=0&cu=1723611636191&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=31659499%3A2936754%3A395069619%3A219313530&zGSRC=1&zMoatG=ct&zMoatAUCID=-&zMoatJS=-&zMoatDR=-&zMoatEXTID=-&zMoatGSR=1&ph=&pj=standard&gu=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&id=1&ii=4&bo=csoonline.com&bd=csoonline.com&zMoatOrigSlicer1=2936754&zMoatOrigSlicer2=395069619&gw=essencedigitalna20153870852878&fd=1&it=500&ti=0&ih=2&pe=1%3A2089%3A2089%3A0%3A2308&jm=-1&fs=208210&na=969635403&cs=0
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.165.161 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-165-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 14 Aug 2024 05:00:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 14 Aug 2024 05:00:36 GMT

GET
H/1.1 200
OK i
collector.brandmetrics.com/ 0
372 B 114ms
113ms Image
text/plain 20.40.202.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.brandmetrics.com/i?siteid=859f1054-306e-4cf1-ba1e-f830aaa45fea&toploc=www.csoonline.com&mid=710aa3bea33c42e7b6c5b9462d40435d&pid=138452266315%3A6758863169&state=1&eid=10&rnd=6130346&first=true
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 14 Aug 2024 05:00:36 GMT
Content-Length: 0
Request-Context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 COMMON.css
c.evidon.com/a/ Frame 1A4B 2 KB
975 B 127ms
126ms Stylesheet
text/css 23.212.251.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/a/COMMON.css?r=0.10491901199648712
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r231121
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.251.11 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-251-11.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:36 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2017 16:26:10 GMT
server: AkamaiNetStorage
etag: "c3cc19ce8230df99c7835decc2d79ee8:1486052770"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: text/css
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
accept-ranges: bytes
access-control-allow-headers: *
content-length: 715

GET
H2 200 box_19_top-right.png
c.evidon.com/icon/ Frame 1A4B 109 B
391 B 128ms
123ms Image
image/png 23.212.251.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/icon/box_19_top-right.png
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.251.11 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-251-11.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:36 GMT
content-encoding: gzip
last-modified: Wed, 06 Feb 2013 22:25:18 GMT
server: AkamaiNetStorage
etag: "8c7c476ac28727b21040351fa3006c59:1360189518"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: image/png
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 118

GET
H2 200 ci.png
c.evidon.com/icon/ Frame 1A4B 581 B
879 B 124ms
120ms Image
image/png 23.212.251.11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/icon/ci.png
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.251.11 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-251-11.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:36 GMT
content-encoding: gzip
last-modified: Wed, 06 Feb 2013 22:25:44 GMT
server: AkamaiNetStorage
etag: "2697f4b848d2400cd051312585a6bf42:1360189544"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: image/png
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 604

GET
H2 204 pixel.gif
l.betrad.com/ct/0_0_0_164499/us/0/1/0/0/0/0/728/90/242/1783/0/ Frame 1A4B 0
121 B 498ms
117ms Image
text/plain 3.90.135.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/ct/0_0_0_164499/us/0/1/0/0/0/0/728/90/242/1783/0/pixel.gif?v=2_1&ttid=2&d=www.csoonline.com&r=0.2576616968542622
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.90.135.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-90-135-135.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 05:00:36 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H/1.1 200
OK i
collector.brandmetrics.com/ 0
372 B 114ms
114ms Image
text/plain 20.40.202.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.brandmetrics.com/i?siteid=859f1054-306e-4cf1-ba1e-f830aaa45fea&toploc=www.csoonline.com&mid=7e28898bc45949e0baa935c50a046620&pid=138481858096%3A6711811571&state=1&eid=10&rnd=3000189&first=true
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 14 Aug 2024 05:00:35 GMT
Content-Length: 0
Request-Context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 119ms
118ms Image
image/gif 23.62.165.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&dMoatBDS=0&hp=1&sst=1&wf=1&ra=1&pxm=3&sgs=3&vb=2&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsimgad%2F2921862643752850492&i=ESSENCEDIGITALNA1&ol=923234207&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!e.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-MyqcW%2BgiY9XHOforE1rDGF5wJkZRZh497Q4ryFr4Ar8HTKbn%2BvSmix1wV0AK2nh7uzk%3D&rs=1-b0wFHCPigVLOGg%3D%3D&sc=1&os=1-gA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=180&qd=180&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&id=1&ii=4&f=0&j=&t=1723611636191&de=751228225088&cu=1723611636191&m=86&ar=9cc5b3e58a7-clean&iw=f639a74&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2057&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2089%3A2089%3A0%3A2308&as=0&ag=32&an=0&gf=32&gg=0&ix=32&ic=32&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=32&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=63&cd=0&ah=63&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=31659499%3A2936754%3A395069619%3A219313530&bo=csoonline.com&bd=csoonline.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=2936754&zMoatOrigSlicer2=395069619&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&zMoatEXTID=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jm=-1&tc=0&fs=208210&na=350192059&cs=0
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.165.161 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-165-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 14 Aug 2024 05:00:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 14 Aug 2024 05:00:36 GMT

GET
H2 200 sca.17.6.4.js Show response
static.adsafeprotected.com/ Frame 5CCE 91 KB
23 KB 145ms
142ms Script
application/javascript 2600:9000:25c8:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.4.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 18:45:42 GMT
x-amz-version-id: bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
content-encoding: gzip
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 36895
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 May 2024 16:44:02 GMT
server: AmazonS3
etag: W/"8fa66f8b94450bd040e7b5a7550c52de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 8orENFqVa3GQtQwJttxMuNazUVp9MOcdK0Eep3tMeyPABCftEri-KQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
197 B 133ms
132ms Image
image/gif 3.216.221.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=8879&campId=728x90&pubId=4679177913&chanId=23054726541&placementId=6711811571&pubCreative=138481858096&pubOrder=3541950915&cb=1943043318&custom=ATF1&custom2=csoonline.com&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&adsafe_type=abcedfq&adsafe_jsinfo=,id:466a8ccf-5e2f-1a24-9a7f-50bfbedac633,c:lifpzR,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-ddb667cb9-q64ps,rg:va,pt:1-5-15,wc:180.180.1600.1200,ac:616.284.728.90,am:i,cc:616.284.728.90,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:766,mot:0,app:0,maw:0,tdt:s,fm:uloKLOM+11%7C12%7C13%7C14%7C15%7C161%7C171%7C172%7C18%7C19*.-%7C191%7C1921,idMap:19*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:804,oid:24414cac-59fa-11ef-a877-3e1eb0eadc04,v:19.8.527,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ff:1,ov:0
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.221.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-221-176.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
date: Wed, 14 Aug 2024 05:00:36 GMT
cache-control: no-cache
server: Apache-Coyote/1.1
content-length: 43
content-type: image/gif

GET
H2 200 sca.17.6.4.js Show response
static.adsafeprotected.com/ Frame E373 91 KB
0 121ms
120ms Script
application/javascript 2600:9000:25c8:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.4.js
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 18:45:42 GMT
x-amz-version-id: bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
content-encoding: gzip
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 36895
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 May 2024 16:44:02 GMT
server: AmazonS3
etag: W/"8fa66f8b94450bd040e7b5a7550c52de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 8orENFqVa3GQtQwJttxMuNazUVp9MOcdK0Eep3tMeyPABCftEri-KQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
197 B 132ms
130ms Image
image/gif 3.216.221.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=8879&campId=640x480&pubId=4693602887&chanId=23054726541&placementId=6758863169&pubCreative=138452266315&pubOrder=3263717969&cb=630969462&custom=gpt-overlay&custom2=csoonline.com&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&adsafe_type=abcedfq&adsafe_jsinfo=,id:fdf3039e-d7f3-c1a5-1f7a-a9481060402c,c:lifpAs,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-ddb667cb9-w9p9g,rg:va,pt:1-5-15,wc:180.180.1600.1200,ac:660.352.640.480,am:i,cc:660.352.640.480,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:827,mot:0,app:0,maw:0,tdt:s,fm:uloKLOQ+11%7C12%7C13%7C14%7C15%7C161%7C17*.-%7C171%7C172%7C18%7C191%7C1921%7C193,idMap:17*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:836,oid:24412635-59fa-11ef-8af9-6e8adadeb063,v:19.8.527,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ff:1,ov:0
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.221.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-221-176.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
date: Wed, 14 Aug 2024 05:00:36 GMT
cache-control: no-cache
server: Apache-Coyote/1.1
content-length: 43
content-type: image/gif

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 401ms
119ms Image
image/gif 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8879&asId=fdf3039e-d7f3-c1a5-1f7a-a9481060402c&tv=%7Bc:lifpAt,pingTime:-8,time:837,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:837,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:836,wc:180.180.1600.1200,ac:660.352.640.480,am:i,cc:660.352.640.480,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B9~100%5D,as:%5B9~640.480%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:uloKLOQ+11%7C12%7C13%7C14%7C15%7C161%7C17*.-%7C171%7C172%7C18%7C191%7C1921%7C193,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:836%7D&br=c
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:37 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 398ms
121ms Image
image/gif 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8879&asId=466a8ccf-5e2f-1a24-9a7f-50bfbedac633&tv=%7Bc:lifpAI,pingTime:0,time:856,type:pf,sca:%7Blts:2024-08-13%2019.00.36%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:802%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:856,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:802,wc:180.180.1600.1200,ac:616.284.728.90,am:i,cc:616.284.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B85~100%5D,as:%5B85~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:uloKLOM+11%7C12%7C13%7C14%7C15%7C161%7C171%7C172%7C18%7C19*.-%7C191%7C1921,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:805%7D&br=c
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:37 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 385ms
120ms Image
image/gif 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8879&asId=fdf3039e-d7f3-c1a5-1f7a-a9481060402c&tv=%7Bc:lifpAV,pingTime:0,time:865,type:pf,sca:%7Blts:2024-08-13%2019.00.36%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:640,h:480,t:836%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:865,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:836,wc:180.180.1600.1200,ac:660.352.640.480,am:i,cc:660.352.640.480,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B37~100%5D,as:%5B37~640.480%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:uloKLOM+11%7C12%7C13%7C14%7C15%7C161%7C17*.-%7C171%7C172%7C18%7C19.-%7C191%7C1921%7C193,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:836%7D&br=c
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:37 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 376ms
118ms Image
image/gif 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8879&asId=466a8ccf-5e2f-1a24-9a7f-50bfbedac633&tv=%7Bc:lifpB0,pingTime:-2,time:874,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:622,beZ:624,mfA:1389,cmA:1390,inA:1391,inZ:1397,prA:1398,prZ:1405,si:1426,poA:1427,poZ:1451,cmZ:1451,mfZ:1451,loA:1487,loZ:1490,ltA:1497,ltZ:1497,mdA:624,mdZ:1368%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1YNN,newUser:true,dateCreated:2024-08-14T05:00:32.531Z,gpcEnabled:undefined%7D,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:802%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:874,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:802,wc:180.180.1600.1200,ac:616.284.728.90,am:i,cc:616.284.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B103~100%5D,as:%5B103~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:uloKLOM+11%7C12%7C13%7C14%7C15%7C161%7C17.-%7C171%7C172%7C18%7C19*.-%7C191%7C1921,idMap:19*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:805,slid:%5Bgoogle_ads_iframe_/8456/IDG.G_B2B_CSOOnline.com/404_0,google_ads_iframe_/8456/IDG.G_B2B_CSOOnline.com/404_0__container__,gpt-leaderboard-1,page%5D,sinceFw:69,readyFired:true%7D&br=c
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:37 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 493ms
236ms Image
image/gif 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8879&asId=fdf3039e-d7f3-c1a5-1f7a-a9481060402c&tv=%7Bc:lifpB2,pingTime:-2,time:872,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:692,beZ:693,mfA:1518,cmA:1519,inA:1519,inZ:1521,prA:1521,prZ:1524,si:1528,poA:1529,poZ:1540,cmZ:1540,mfZ:1540,loA:1558,loZ:1560,ltA:1563,ltZ:1563,mdA:694,mdZ:1434%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:640.520,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1YNN,newUser:true,dateCreated:2024-08-14T05:00:32.531Z,gpcEnabled:undefined%7D,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:640,h:480,t:836%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:872,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:836,wc:180.180.1600.1200,ac:660.352.640.480,am:i,cc:660.352.640.480,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B44~100%5D,as:%5B44~640.480%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:uloKLOM+11%7C12%7C13%7C14%7C15%7C161%7C17*.-%7C171%7C172%7C18%7C19.-%7C191%7C1921%7C193,idMap:17*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:836,slid:%5Bgoogle_ads_iframe_/8456/IDG.G_B2B_CSOOnline.com/404_1,google_ads_iframe_/8456/IDG.G_B2B_CSOOnline.com/404_1__container__,gpt-overlay-1,page%5D,sinceFw:33,readyFired:true%7D&br=c
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:37 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1A4B 42 B
65 B 492ms
492ms Fetch
image/gif 142.251.174.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvAgTwdNd5WNvaQU4XFoqigp42Z1T5VBhZeMqjwY6iyIhnUJixHY5x-Rac71BiLImCOXPJbmQB6yOKGJTU6lxBo6-YFj2sqgDG_46NZ1C_YlySdvgHYw7CDVl3RqXB0pDIlZZpY0A7fT9To6sOAclOyOt4zERfw6wxQLlTPnU16amQ7Zx2b0bRVhzl9wS5jPx6s9TQ0m8Krr01szmXMt3Egn1kYwclIvRO1idQ&sig=Cg0ArKJSzKl9zyEKJLr8EAE&id=lidar2&mcvt=1000&p=104,436,194,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240812&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2738254348&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1954443500&rst=1723611635310&rpt=573&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.174.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 201 B
158 B 207ms
206ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=84c7e805-5ce9-41f4-b988-3529488bab1c
Requested by: Host: cdn.permutive.app
URL: https://cdn.permutive.app/f5b3be27-f789-4ef1-8867-37c67da5b361-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: dd798e0c0d566b09c224297004f97bc1b924c6840ebf38b3ddcf1aef22fbcffb

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 14 Aug 2024 05:00:37 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.csoonline.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 119ms
119ms Image
image/gif 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8879&asId=466a8ccf-5e2f-1a24-9a7f-50bfbedac633&tv=%7Bc:lifpHj,pingTime:-10,time:1265,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8NjAwfHxNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjcuMC4wLjAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1723611637224%7C%7C5bfbf8c6b698945fee1492c42e486ea2%7C%7C3d96f8e03a42123e5523adf5c57607ad%7C%7C413ea4ee6e596098f4d15de65cba73f6%7C%7Cb420eeb036425fe773647ba0d22c7091%7C%7C1b4ca7231f6b425aec159bd2eab01618%7C%7C7444d9f2b3359b2705710a0d06104cd1%7C%7Cdf7e2f00721383ad8f418ddf0088a394%7C%7C1715618633%7D
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:37 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 131ms
130ms Image
image/gif 23.62.165.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&dMoatBDS=0&hp=1&sst=1&wf=1&ra=1&pxm=3&sgs=3&vb=2&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=ESSENCEDIGITALNA1&ol=923234207&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!e.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-MyqcW%2BgiY9XHOforE1rDGF5wJkZRZh497Q4ryFr4Ar8HTKbn%2BvSmix1wV0AK2nh7uzk%3D&rs=1-b0wFHCPigVLOGg%3D%3D&sc=1&os=1-gA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=180&qd=180&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&id=1&ii=4&f=0&j=&t=1723611636191&de=751228225088&cu=1723611636191&m=1059&ar=9cc5b3e58a7-clean&iw=f639a74&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2057&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2089%3A2089%3A0%3A2308&as=1&ag=1014&an=32&gi=1&gf=1014&gg=32&ix=1014&ic=1014&ez=1&ck=1014&kw=836&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1014&bx=32&ci=1014&jz=836&dj=1&aa=0&ad=913&cn=0&gk=913&gl=0&ik=913&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=836&cd=63&ah=836&am=63&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=31659499%3A2936754%3A395069619%3A219313530&bo=csoonline.com&bd=csoonline.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=2936754&zMoatOrigSlicer2=395069619&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&zMoatEXTID=-&hv=Essence%20Override%202&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jm=-1&tc=0&fs=208210&na=1944198739&cs=0
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.165.161 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-165-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 14 Aug 2024 05:00:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 14 Aug 2024 05:00:37 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 121ms
120ms Image
image/gif 23.62.165.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&dMoatBDS=0&hp=1&sst=1&wf=1&ra=1&pxm=3&sgs=3&vb=2&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=ESSENCEDIGITALNA1&ol=923234207&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!e.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-MyqcW%2BgiY9XHOforE1rDGF5wJkZRZh497Q4ryFr4Ar8HTKbn%2BvSmix1wV0AK2nh7uzk%3D&rs=1-b0wFHCPigVLOGg%3D%3D&sc=1&os=1-gA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=180&qd=180&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&id=1&ii=4&f=0&j=&t=1723611636191&de=751228225088&cu=1723611636191&m=1060&ar=9cc5b3e58a7-clean&iw=f639a74&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2057&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2089%3A2089%3A0%3A2308&as=1&ag=1014&an=1014&gi=1&gf=1014&gg=1014&ix=1014&ic=1014&ez=1&ck=1014&kw=836&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1014&bx=1014&ci=1014&jz=836&dj=1&aa=0&ad=913&cn=913&gk=913&gl=913&ik=913&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=836&cd=836&ah=836&am=836&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=31659499%3A2936754%3A395069619%3A219313530&bo=csoonline.com&bd=csoonline.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=2936754&zMoatOrigSlicer2=395069619&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&zMoatEXTID=-&hv=Essence%20Override%202&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jm=-1&tc=0&fs=208210&na=1465693826&cs=0
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.165.161 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-165-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 14 Aug 2024 05:00:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 14 Aug 2024 05:00:37 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 120ms
119ms Image
image/gif 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8879&asId=fdf3039e-d7f3-c1a5-1f7a-a9481060402c&tv=%7Bc:lifpLz,pingTime:-10,time:1525,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8NjAwfHxNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjcuMC4wLjAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1723611637224%7C%7C5bfbf8c6b698945fee1492c42e486ea2%7C%7C3d96f8e03a42123e5523adf5c57607ad%7C%7C413ea4ee6e596098f4d15de65cba73f6%7C%7Cb420eeb036425fe773647ba0d22c7091%7C%7C1b4ca7231f6b425aec159bd2eab01618%7C%7C7444d9f2b3359b2705710a0d06104cd1%7C%7Cdf7e2f00721383ad8f418ddf0088a394%7C%7C1715618633,sca:%7Bspg:466a8ccf-5e2f-1a24-9a7f-50bfbedac633%7D%7D
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:37 GMT
server: nginx
x-server-name: dt53.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 122ms
121ms Image
image/gif 23.62.165.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&dMoatBDS=0&hp=1&sst=1&wf=1&ra=1&pxm=3&sgs=3&vb=2&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=ESSENCEDIGITALNA1&ol=923234207&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!e.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-MyqcW%2BgiY9XHOforE1rDGF5wJkZRZh497Q4ryFr4Ar8HTKbn%2BvSmix1wV0AK2nh7uzk%3D&rs=1-b0wFHCPigVLOGg%3D%3D&sc=1&os=1-gA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=180&qd=180&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&id=1&ii=4&f=0&j=&t=1723611636191&de=751228225088&cu=1723611636191&m=1061&ar=9cc5b3e58a7-clean&iw=f639a74&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2057&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2089%3A2089%3A0%3A2308&as=1&ag=1014&an=1014&gi=1&gf=1014&gg=1014&ix=1014&ic=1014&ez=1&ck=1014&kw=836&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1014&bx=1014&ci=1014&jz=836&dj=1&aa=0&ad=913&cn=913&gk=913&gl=913&ik=913&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=836&cd=836&ah=836&am=836&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=31659499%3A2936754%3A395069619%3A219313530&bo=csoonline.com&bd=csoonline.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=2936754&zMoatOrigSlicer2=395069619&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&zMoatEXTID=-&hv=Essence%20Override%202&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jm=-1&tc=0&fs=208210&na=160628222&cs=0
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.165.161 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-165-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 14 Aug 2024 05:00:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 14 Aug 2024 05:00:37 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 130ms
129ms Image
image/gif 23.62.165.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&dMoatBDS=0&hp=1&sst=1&wf=1&ra=1&pxm=3&sgs=3&vb=2&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=ESSENCEDIGITALNA1&ol=923234207&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!e.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-MyqcW%2BgiY9XHOforE1rDGF5wJkZRZh497Q4ryFr4Ar8HTKbn%2BvSmix1wV0AK2nh7uzk%3D&rs=1-b0wFHCPigVLOGg%3D%3D&sc=1&os=1-gA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=180&qd=180&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&id=1&ii=4&f=0&j=&t=1723611636191&de=751228225088&cu=1723611636191&m=1271&ar=9cc5b3e58a7-clean&iw=f639a74&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2057&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2089%3A2089%3A0%3A2308&as=1&ag=1226&an=1014&gi=1&gf=1226&gg=1014&ix=1226&ic=1226&ez=1&ck=1014&kw=836&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1226&bx=1014&ci=1014&jz=836&dj=1&aa=1&ad=1125&cn=913&gn=1&gk=1125&gl=913&ik=1125&co=1125&cp=1045&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1045&cd=836&ah=1045&am=836&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=31659499%3A2936754%3A395069619%3A219313530&bo=csoonline.com&bd=csoonline.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=2936754&zMoatOrigSlicer2=395069619&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&zMoatEXTID=-&hv=Essence%20Override%202&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jm=-1&tc=0&fs=208210&na=1082276290&cs=0
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.165.161 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-165-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 14 Aug 2024 05:00:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 14 Aug 2024 05:00:37 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 123ms
121ms Image
image/gif 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8879&asId=466a8ccf-5e2f-1a24-9a7f-50bfbedac633&tv=%7Bc:lifpQT,pingTime:1,time:1859,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:802%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1859,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:802,wc:180.180.1600.1200,ac:616.284.728.90,am:i,cc:616.284.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1089~100%5D,as:%5B1089~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:123,fm:uloKLOM+11%7C12%7C13%7C14%7C15%7C161%7C17.-%7C171%7C172%7C18%7C19*.-%7C191%7C1921,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:805,sis:964%7D&br=c
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:37 GMT
server: nginx
x-server-name: dt79.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 122ms
120ms Image
image/gif 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8879&asId=466a8ccf-5e2f-1a24-9a7f-50bfbedac633&tv=%7Bc:lifpQU,pingTime:1,time:1860,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:802%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1860,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:802,wc:180.180.1600.1200,ac:616.284.728.90,am:i,cc:616.284.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1089~100%5D,as:%5B1089~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:123,fm:uloKLOM+11%7C12%7C13%7C14%7C15%7C161%7C17.-%7C171%7C172%7C18%7C19*.-%7C191%7C1921,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:805,sis:964%7D&br=c
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:37 GMT
server: nginx
x-server-name: dt71.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 122ms
121ms Image
image/gif 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8879&asId=466a8ccf-5e2f-1a24-9a7f-50bfbedac633&tv=%7Bc:lifpQU,pingTime:1,time:1860,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:802%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1860,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:802,wc:180.180.1600.1200,ac:616.284.728.90,am:i,cc:616.284.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1089~100%5D,as:%5B1089~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:123,fm:uloKLOM+11%7C12%7C13%7C14%7C15%7C161%7C17.-%7C171%7C172%7C18%7C19*.-%7C191%7C1921,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:805,sis:964,metricId:publ1,cmr:t%7D&br=c
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:37 GMT
server: nginx
x-server-name: dt86.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 121ms
120ms Image
image/gif 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8879&asId=466a8ccf-5e2f-1a24-9a7f-50bfbedac633&tv=%7Bc:lifpQU,pingTime:1,time:1860,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:802%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1860,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:802,wc:180.180.1600.1200,ac:616.284.728.90,am:i,cc:616.284.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1090~100%5D,as:%5B1090~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:123,fm:uloKLOM+11%7C12%7C13%7C14%7C15%7C161%7C17.-%7C171%7C172%7C18%7C19*.-%7C191%7C1921,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:805,sis:964,metricId:grpm1,cmr:t%7D&br=c
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:37 GMT
server: nginx
x-server-name: dt85.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 124ms
122ms Image
image/gif 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8879&asId=fdf3039e-d7f3-c1a5-1f7a-a9481060402c&tv=%7Bc:lifpRc,pingTime:1,time:1874,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:640,h:480,t:836%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1874,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:836,wc:180.180.1600.1200,ac:660.352.640.480,am:i,cc:660.352.640.480,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1046~100%5D,as:%5B1046~640.480%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:123,fm:uloKLOM+11%7C12%7C13%7C14%7C15%7C161%7C17*.-%7C171%7C172%7C18%7C19.-%7C191%7C1921%7C193,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:836,sis:984%7D&br=c
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:37 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 124ms
123ms Image
image/gif 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8879&asId=fdf3039e-d7f3-c1a5-1f7a-a9481060402c&tv=%7Bc:lifpRc,pingTime:1,time:1874,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:640,h:480,t:836%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1874,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:836,wc:180.180.1600.1200,ac:660.352.640.480,am:i,cc:660.352.640.480,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1046~100%5D,as:%5B1046~640.480%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:123,fm:uloKLOM+11%7C12%7C13%7C14%7C15%7C161%7C17*.-%7C171%7C172%7C18%7C19.-%7C191%7C1921%7C193,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:836,sis:984%7D&br=c
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:37 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 126ms
126ms Image
image/gif 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8879&asId=fdf3039e-d7f3-c1a5-1f7a-a9481060402c&tv=%7Bc:lifpRc,pingTime:1,time:1874,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:640,h:480,t:836%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1874,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:836,wc:180.180.1600.1200,ac:660.352.640.480,am:i,cc:660.352.640.480,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1046~100%5D,as:%5B1046~640.480%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:123,fm:uloKLOM+11%7C12%7C13%7C14%7C15%7C161%7C17*.-%7C171%7C172%7C18%7C19.-%7C191%7C1921%7C193,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:836,sis:984,metricId:publ1,cmr:t%7D&br=c
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:37 GMT
server: nginx
x-server-name: dt87.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 121ms
120ms Image
image/gif 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=8879&asId=fdf3039e-d7f3-c1a5-1f7a-a9481060402c&tv=%7Bc:lifpRd,pingTime:1,time:1875,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:640,h:480,t:836%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1875,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:836,wc:180.180.1600.1200,ac:660.352.640.480,am:i,cc:660.352.640.480,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1047~100%5D,as:%5B1047~640.480%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:123,fm:uloKLOM+11%7C12%7C13%7C14%7C15%7C161%7C17*.-%7C171%7C172%7C18%7C19.-%7C191%7C1921%7C193,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:836,sis:984,metricId:grpm1,cmr:t%7D&br=c
Requested by: Host: www.csoonline.com
URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5895:6a2b:e9ae:d919 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:37 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

OPTIONS
H2 200 unip
trc-events.taboola.com/1019691/log/3/ Frame 0
0 127ms
127ms Preflight 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1019691/log/3/unip?en=pre_d_eng_tb&tos=4574&scd=0&ssd=1&est=1723611634096&ver=36&isls=true&src=i&invt=3000&msa=767&rv=1&tim=1723611638671&vi=1723611634092&ri=6d5e0db746b6192201b09e602f5b131e&sd=v2_e18a87e7bb643a7cd28eae0f33386a67_ab66a168-452c-45ce-9f21-3c86e39f9ea9-tuctdb5bf72_1723611634_1723611634_CNawjgYQq54-GKyzifqUMiABKAEw4QE4kaQOUABYAGAAaJCn04rA_PzUT3AB&ui=ab66a168-452c-45ce-9f21-3c86e39f9ea9-tuctdb5bf72&ref=null&cv=20240808-24-RELEASE&item-url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&ccpaPs=1YNN&cbp=TcfApi&cbpv=2&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://www.csoonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://www.csoonline.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Wed, 14 Aug 2024 05:00:38 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

GET
H2 204 unip Show response
trc-events.taboola.com/1019691/log/3/ 0
632 B 129ms
128ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1019691/log/3/unip?en=pre_d_eng_tb&tos=4574&scd=0&ssd=1&est=1723611634096&ver=36&isls=true&src=i&invt=3000&msa=767&rv=1&tim=1723611638671&vi=1723611634092&ri=6d5e0db746b6192201b09e602f5b131e&sd=v2_e18a87e7bb643a7cd28eae0f33386a67_ab66a168-452c-45ce-9f21-3c86e39f9ea9-tuctdb5bf72_1723611634_1723611634_CNawjgYQq54-GKyzifqUMiABKAEw4QE4kaQOUABYAGAAaJCn04rA_PzUT3AB&ui=ab66a168-452c-45ce-9f21-3c86e39f9ea9-tuctdb5bf72&ref=null&cv=20240808-24-RELEASE&item-url=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&ccpaPs=1YNN&cbp=TcfApi&cbpv=2&it=JS_PIXEL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1019691/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
Attribution-Reporting-Eligible: trigger
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.csoonline.com
pragma: no-cache
date: Wed, 14 Aug 2024 05:00:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 129ms
129ms Fetch
text/plain 172.253.63.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LKE46QM5TV&gtm=45je48c0v886852374za200zb839094799&_p=1723611631206&gcs=G1--&gcd=13l3l3l3l5&npa=0&dma=0&tcfd=10648&tag_exp=0&cid=1248777135.1723611632&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&sid=1723611632&sct=1&seg=0&dl=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&dt=Page%20not%20found%20%7C%20CSO%20Online&_s=3&tfd=11106
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LKE46QM5TV&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f113.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 14 Aug 2024 05:00:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.csoonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET pixel.gif
px.moatads.com/ 0
0

GET dt
dt.adsafeprotected.com/ 0
0

GET /
tt.onthe.io/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: k.intellitxt.com
URL: https://k.intellitxt.com/intellitxt/front.asp?ipid=undefined

Domain: idg.blueconic.net
URL: https://idg.blueconic.net/DG/DEFAULT/rest/rpc/480?referer=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&bcsessionid=&bctempid=&overruleReferrer=&time=2024-08-13T19%3A00%3A33-10%3A00&ts=1723611633214

Domain: amd.sellingsimplified.net
URL: https://amd.sellingsimplified.net/wt/tc?cookie_val=0000&account_id=963-IDG&lb_email=&campaign_id=&program_id=&ssg_utm1=&ssg_utm2=&ssg_utm3=&x=&ip=&_v_c=&visitingPage=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html

Domain: idg.blueconic.net
URL: https://idg.blueconic.net/DG/DEFAULT/rest/rpc/?requests=%5B%7B%22method%22%3A%22getProfile%22%2C%22params%22%3A%22null%22%2C%22id%22%3A%221723611633212%22%7D%2C%7B%22method%22%3A%22setProperties%22%2C%22params%22%3A%22%7B%5C%22properties%5C%22%3A%7B%5C%22language%5C%22%3A%5B%5C%22en%5C%22%5D%2C%5C%22currentscreenwidth%5C%22%3A%5B1600%5D%2C%5C%22currentscreenheight%5C%22%3A%5B1200%5D%2C%5C%22currentresolution%5C%22%3A%5B%5C%221600x1200%5C%22%5D%2C%5C%22entrypage%5C%22%3A%5B%5C%22https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html%5C%22%5D%2C%5C%22new_visit_bc%5C%22%3A%5B%5C%22true%5C%22%5D%2C%5C%22testgroup%5C%22%3A%5B4%5D%7D%2C%5C%22sources%5C%22%3A%7B%5C%22listenerinteractiontype%5C%22%3A%5B%5C%22language%5C%22%2C%5C%22currentscreenwidth%5C%22%2C%5C%22currentscreenheight%5C%22%2C%5C%22currentresolution%5C%22%2C%5C%22entrypage%5C%22%5D%2C%5C%22newvisitlistener%5C%22%3A%5B%5C%22new_visit_bc%5C%22%5D%2C%5C%22testgroup_prelistener%5C%22%3A%5B%5C%22testgroup%5C%22%5D%7D%7D%22%2C%22id%22%3A%221723611633214%22%7D%2C%7B%22method%22%3A%22addProperties%22%2C%22params%22%3A%22%7B%5C%22properties%5C%22%3A%7B%5C%22resolution%5C%22%3A%5B%5C%221600x1200%5C%22%5D%7D%2C%5C%22sources%5C%22%3A%7B%5C%22listenerinteractiontype%5C%22%3A%5B%5C%22resolution%5C%22%5D%7D%7D%22%2C%22id%22%3A%221723611633215%22%7D%2C%7B%22method%22%3A%22createEvent%22%2C%22params%22%3A%22%7B%5C%22type%5C%22%3A%5B%5C%22PAGEVIEW%5C%22%5D%2C%5C%22referrer%5C%22%3A%5B%5C%22%5C%22%5D%2C%5C%22profile%5C%22%3A%5B%5D%7D%22%2C%22id%22%3A%221723611633217%22%7D%5D&referer=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&bcsessionid=&bctempid=&overruleReferrer=&time=2024-08-13T19%3A00%3A33-10%3A00&callback=bc_json481

Domain: idg.blueconic.net
URL: https://idg.blueconic.net/DG/DEFAULT/rest/rpc/?requests=%5B%7B%22method%22%3A%22getProfile%22%2C%22params%22%3A%22null%22%2C%22id%22%3A%221723611633212%22%7D%2C%7B%22method%22%3A%22setProperties%22%2C%22params%22%3A%22%7B%5C%22properties%5C%22%3A%7B%5C%22language%5C%22%3A%5B%5C%22en%5C%22%5D%2C%5C%22currentscreenwidth%5C%22%3A%5B1600%5D%2C%5C%22currentscreenheight%5C%22%3A%5B1200%5D%2C%5C%22currentresolution%5C%22%3A%5B%5C%221600x1200%5C%22%5D%2C%5C%22entrypage%5C%22%3A%5B%5C%22https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html%5C%22%5D%2C%5C%22new_visit_bc%5C%22%3A%5B%5C%22true%5C%22%5D%2C%5C%22testgroup%5C%22%3A%5B4%5D%7D%2C%5C%22sources%5C%22%3A%7B%5C%22listenerinteractiontype%5C%22%3A%5B%5C%22language%5C%22%2C%5C%22currentscreenwidth%5C%22%2C%5C%22currentscreenheight%5C%22%2C%5C%22currentresolution%5C%22%2C%5C%22entrypage%5C%22%5D%2C%5C%22newvisitlistener%5C%22%3A%5B%5C%22new_visit_bc%5C%22%5D%2C%5C%22testgroup_prelistener%5C%22%3A%5B%5C%22testgroup%5C%22%5D%7D%7D%22%2C%22id%22%3A%221723611633214%22%7D%2C%7B%22method%22%3A%22addProperties%22%2C%22params%22%3A%22%7B%5C%22properties%5C%22%3A%7B%5C%22resolution%5C%22%3A%5B%5C%221600x1200%5C%22%5D%7D%2C%5C%22sources%5C%22%3A%7B%5C%22listenerinteractiontype%5C%22%3A%5B%5C%22resolution%5C%22%5D%7D%7D%22%2C%22id%22%3A%221723611633215%22%7D%2C%7B%22method%22%3A%22createEvent%22%2C%22params%22%3A%22%7B%5C%22type%5C%22%3A%5B%5C%22PAGEVIEW%5C%22%5D%2C%5C%22referrer%5C%22%3A%5B%5C%22%5C%22%5D%2C%5C%22profile%5C%22%3A%5B%5D%7D%22%2C%22id%22%3A%221723611633217%22%7D%5D&referer=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&bcsessionid=&bctempid=&overruleReferrer=&time=2024-08-13T19%3A00%3A34-10%3A00&callback=bc_json482

Domain: px.moatads.com
URL: https://px.moatads.com/pixel.gif?e=9&q=0&dMoatBDS=0&hp=1&sst=1&wf=1&ra=1&pxm=3&sgs=3&vb=2&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=ESSENCEDIGITALNA1&ol=923234207&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!e.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-MyqcW%2BgiY9XHOforE1rDGF5wJkZRZh497Q4ryFr4Ar8HTKbn%2BvSmix1wV0AK2nh7uzk%3D&rs=1-b0wFHCPigVLOGg%3D%3D&sc=1&os=1-gA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=180&qd=180&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&id=1&ii=4&f=0&j=&t=1723611636191&de=751228225088&cu=1723611636191&m=5101&ar=9cc5b3e58a7-clean&iw=f639a74&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2057&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2089%3A2089%3A0%3A2308&as=1&ag=5056&an=1226&gi=1&gf=5056&gg=1226&ix=5056&ic=5056&ez=1&ck=1014&kw=836&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5056&bx=1226&ci=1014&jz=836&dj=1&aa=1&ad=4955&cn=1125&gn=1&gk=4955&gl=1125&ik=4955&co=1125&cp=1045&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4878&cd=1045&ah=4878&am=1045&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=31659499%3A2936754%3A395069619%3A219313530&bo=csoonline.com&bd=csoonline.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=2936754&zMoatOrigSlicer2=395069619&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&zMoatEXTID=-&hv=Essence%20Override%202&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jm=-1&tc=0&fs=208210&na=915702967&cs=0

Domain: px.moatads.com
URL: https://px.moatads.com/pixel.gif?e=9&q=0&dMoatBDS=0&hp=1&sst=1&wf=1&ra=1&pxm=3&sgs=3&vb=2&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=ESSENCEDIGITALNA1&ol=923234207&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!e.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-MyqcW%2BgiY9XHOforE1rDGF5wJkZRZh497Q4ryFr4Ar8HTKbn%2BvSmix1wV0AK2nh7uzk%3D&rs=1-b0wFHCPigVLOGg%3D%3D&sc=1&os=1-gA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=180&qd=180&qf=1600&qe=1200&qh=1600&qg=1285&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&id=1&ii=4&f=0&j=&t=1723611636191&de=751228225088&cu=1723611636191&m=5101&ar=9cc5b3e58a7-clean&iw=f639a74&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2057&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2089%3A2089%3A0%3A2308&as=1&ag=5056&an=1226&gi=1&gf=5056&gg=1226&ix=5056&ic=5056&ez=1&ck=1014&kw=836&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5056&bx=1226&ci=1014&jz=836&dj=1&aa=1&ad=4955&cn=1125&gn=1&gk=4955&gl=1125&ik=4955&co=1125&cp=1045&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4878&cd=1045&ah=4878&am=1045&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=31659499%3A2936754%3A395069619%3A219313530&bo=csoonline.com&bd=csoonline.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=2936754&zMoatOrigSlicer2=395069619&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&zMoatEXTID=-&hv=Essence%20Override%202&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jm=-1&tc=0&fs=208210&na=915702967&cs=0

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?anId=8879&asId=466a8ccf-5e2f-1a24-9a7f-50bfbedac633&tv=%7Bc:lifqTp,pingTime:5,time:5859,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:802%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5859,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:802,wc:180.180.1600.1200,ac:616.284.728.90,am:i,cc:616.284.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5089~100%5D,as:%5B5089~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:127,fm:uloKLOM+11%7C12%7C13%7C14%7C15%7C161%7C17.-%7C171%7C172%7C18%7C19*.-%7C191%7C1921,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:805,sis:964%7D&br=c

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?anId=8879&asId=466a8ccf-5e2f-1a24-9a7f-50bfbedac633&tv=%7Bc:lifqTq,pingTime:5,time:5860,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:802%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5860,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:802,wc:180.180.1600.1200,ac:616.284.728.90,am:i,cc:616.284.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5089~100%5D,as:%5B5089~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:127,fm:uloKLOM+11%7C12%7C13%7C14%7C15%7C161%7C17.-%7C171%7C172%7C18%7C19*.-%7C191%7C1921,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:805,sis:964%7D&br=c

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?anId=8879&asId=fdf3039e-d7f3-c1a5-1f7a-a9481060402c&tv=%7Bc:lifqTB,pingTime:5,time:5867,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:640,h:480,t:836%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5867,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:836,wc:180.180.1600.1200,ac:660.352.640.480,am:i,cc:660.352.640.480,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5039~100%5D,as:%5B5039~640.480%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:130,fm:uloKLOM+11%7C12%7C13%7C14%7C15%7C161%7C17*.-%7C171%7C172%7C18%7C19.-%7C191%7C1921%7C193,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:836,sis:984%7D&br=c

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?anId=8879&asId=fdf3039e-d7f3-c1a5-1f7a-a9481060402c&tv=%7Bc:lifqTC,pingTime:5,time:5868,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:640,h:480,t:836%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5868,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:836,wc:180.180.1600.1200,ac:660.352.640.480,am:i,cc:660.352.640.480,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5040~100%5D,as:%5B5040~640.480%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:130,fm:uloKLOM+11%7C12%7C13%7C14%7C15%7C161%7C17*.-%7C171%7C172%7C18%7C19.-%7C191%7C1921%7C193,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:836,sis:984%7D&br=c

Domain: tt.onthe.io
URL: https://tt.onthe.io/?k[]=45619:time[url:%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html,device:desktop,user_id:d050e9690.041db8748_1723611632293,cdn_version:0]&s=e6c52998dde65cff59c4133ff8a79bd8&1723611642305

Verdicts & Comments Add Verdict or Comment

219 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

74 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/idg-sc-network/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_e18a87e7bb643a7cd28eae0f33386a67_ab66a168-452c-45ce-9f21-3c86e39f9ea9-tuctdb5bf72_1723611634_1723611634_CNawjgYQq54-GKyzifqUMiABKAEw4QE4kaQOUABYAGAAaJCn04rA_PzUT3AB
www.csoonline.com/	1970-01-20 22:46:53	Name: inSession Value: true
www.csoonline.com/	1970-01-21 08:22:51	Name: firstSessionDate Value: Wed, 14 Aug 2024 05:00:32 GMT
www.csoonline.com/	1970-01-21 08:22:51	Name: currentSessionDate Value: Wed, 14 Aug 2024 05:00:32 GMT
www.csoonline.com/	1970-01-21 08:22:51	Name: sessionNumWP Value: 1
www.csoonline.com/	1970-01-21 08:22:51	Name: lastSessionDate Value: Wed, 14 Aug 2024 05:00:32 GMT
www.csoonline.com/	1970-01-21 07:32:27	Name: idg-edition Value: us
www.csoonline.com/	1970-01-20 23:30:03	Name: vip-go-seg Value: vc-v1__edition_--_us
.csoonline.com/	1970-01-20 22:46:52	Name: __io_d Value: 1_1738651198
www.csoonline.com/	1970-01-21 07:32:27	Name: __io_lv Value: 1723611632292
www.csoonline.com/	1970-01-21 07:32:27	Name: __io Value: d050e9690.041db8748_1723611632293
.csoonline.com/	1970-01-20 22:46:53	Name: __io_session_id Value: f39d2a4fa.2f6761b1c_1723611632294
.csoonline.com/	1970-01-20 22:46:52	Name: __io_nav_state45619 Value: %7B%22current%22%3A%22%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html%22%2C%22currentDomain%22%3A%22www.csoonline.com%22%2C%22previousDomain%22%3A%22%22%7D
.csoonline.com/	1970-01-21 07:32:27	Name: dnsDisplayed Value: undefined
.csoonline.com/	1970-01-21 07:32:27	Name: ccpaApplies Value: true
.csoonline.com/	1970-01-21 07:32:27	Name: signedLspa Value: undefined
.csoonline.com/	1970-01-21 00:56:27	Name: _gcl_au Value: 1.1.1252027476.1723611633
tags.srv.stackadapt.com/	1970-01-21 07:32:27	Name: sa-user-id Value: s%3A0-aa3aa382-9021-5855-5691-890f0f99d008.79bkjdERieLEjEj0oQtD4ZhbtBFZ5IgMFMMvJJ0fPTY
.srv.stackadapt.com/	1970-01-21 07:32:27	Name: sa-user-id Value: s%3A0-aa3aa382-9021-5855-5691-890f0f99d008.79bkjdERieLEjEj0oQtD4ZhbtBFZ5IgMFMMvJJ0fPTY
tags.srv.stackadapt.com/	1970-01-21 07:32:27	Name: sa-user-id-v2 Value: s%3AqjqjgpAhWFVWkYkPD5nQCKL1zvk.yHsKXVKFcwuznW1ZWD09GKoaKrLg5APKp%2BOXeBDuKDI
.srv.stackadapt.com/	1970-01-21 07:32:27	Name: sa-user-id-v2 Value: s%3AqjqjgpAhWFVWkYkPD5nQCKL1zvk.yHsKXVKFcwuznW1ZWD09GKoaKrLg5APKp%2BOXeBDuKDI
tags.srv.stackadapt.com/	1970-01-21 07:32:27	Name: sa-user-id-v3 Value: s%3AAQAKIMyQqcwWIpd4hhf0fIQ_yEPmzY_2EzIEhkJDXTzSuvTfENYBGAQg8PPwtQYwAToEFPvsiUIEoczJVw.HvHsdA1A77dw6jMUm8oaFqLDL2CYKxFTFdwc9cFZ23I
.srv.stackadapt.com/	1970-01-21 07:32:27	Name: sa-user-id-v3 Value: s%3AAQAKIMyQqcwWIpd4hhf0fIQ_yEPmzY_2EzIEhkJDXTzSuvTfENYBGAQg8PPwtQYwAToEFPvsiUIEoczJVw.HvHsdA1A77dw6jMUm8oaFqLDL2CYKxFTFdwc9cFZ23I
www.csoonline.com/	1969-12-31 23:59:59	Name: kickfire_api_session_cookie Value: 1
www.csoonline.com/	1970-01-21 07:32:27	Name: sa-user-id Value: s%253A0-aa3aa382-9021-5855-5691-890f0f99d008.79bkjdERieLEjEj0oQtD4ZhbtBFZ5IgMFMMvJJ0fPTY
www.csoonline.com/	1970-01-21 07:32:27	Name: sa-user-id-v2 Value: s%253AqjqjgpAhWFVWkYkPD5nQCKL1zvk.yHsKXVKFcwuznW1ZWD09GKoaKrLg5APKp%252BOXeBDuKDI
www.csoonline.com/	1970-01-21 07:32:27	Name: sa-user-id-v3 Value: s%253AAQAKIMyQqcwWIpd4hhf0fIQ_yEPmzY_2EzIEhkJDXTzSuvTfENYBGAQg8PPwtQYwAToEFPvsiUIEoczJVw.HvHsdA1A77dw6jMUm8oaFqLDL2CYKxFTFdwc9cFZ23I
.csoonline.com/	1970-01-21 07:32:27	Name: ccpaUUID Value: bb4f34b4-c5c4-4eb7-8e42-110beec70ae1
.csoonline.com/	1970-01-21 07:32:27	Name: consentUUID Value: fa7e106f-a69f-45a6-8195-3e602ac2e025
.csoonline.com/	1970-01-21 03:11:49	Name: permutive-id Value: f3d9fe93-3bc7-4323-8aac-154291f74ca2
.csoonline.com/	1970-01-21 00:56:27	Name: _rdt_uuid Value: 1723611633147.b251f91a-ec00-48c3-bd06-61d341f17f0d
.csoonline.com/	1970-01-20 22:46:55	Name: AMP_TOKEN Value: %24NOT_FOUND
.csoonline.com/	1970-01-21 08:22:51	Name: _ga Value: GA1.2.1248777135.1723611632
.csoonline.com/	1970-01-20 22:48:18	Name: _gid Value: GA1.2.747818009.1723611633
.csoonline.com/	1970-01-20 22:46:51	Name: _gat_UA-300704-9 Value: 1
www.csoonline.com/	1970-01-21 07:32:27	Name: last_visit_bc Value: 1723611633210
.csoonline.com/	1970-01-21 07:32:27	Name: bc_tstgrp Value: 4
.csoonline.com/	1970-01-21 00:56:27	Name: _fbp Value: fb.1.1723611633493.157194779802120784
.f5b3be27-f789-4ef1-8867-37c67da5b361.prmutv.co/	1970-01-21 00:59:20	Name: pxid Value: d975993f-a611-4ecc-b4ec-0fc93633a5a7
.adnxs.com/	1970-01-21 08:22:51	Name: receive-cookie-deprecation Value: 1
.tribl.io/	1970-01-21 08:22:51	Name: ti_ Value: s%3AKeS6s5bbsBLdQvTfhUCtBY1C.tAWHxpOsWpZedN8M5reK%2BuyraJuXe0O1NjprjVDZdec
.linkedin.com/	1970-01-21 00:56:27	Name: li_sugr Value: 0a5adec4-d448-4a52-8262-579536800fdc
.linkedin.com/	1970-01-21 07:32:27	Name: bcookie Value: "v=2&f31fc2ff-db6e-4ea7-8c76-47d043bc93ac"
.linkedin.com/	1970-01-20 22:48:18	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2910:u=1:x=1:i=1723611633:t=1723698033:v=2:sig=AQF7m4VtxISVLd7mi2Mq7tsEgFtJq7nW"
.linkedin.com/	1970-01-20 23:30:03	Name: UserMatchHistory Value: AQJ9yh-1azJHsAAAAZFPQljuaRKOXJgAqukeLCy44ItoHFxAqEAtvDrm_M6z6o6WjLCA9gq6oZnkmw
.linkedin.com/	1970-01-20 23:30:03	Name: AnalyticsSyncHistory Value: AQLJwLsslbNBAwAAAZFPQljuKPzLqPrtIZRjE3j0lOOHrBMYw5LwQw0uluf8PEhIx8i9IMgQyxeylgSv7tyrAQ
.www.linkedin.com/	1970-01-21 07:32:27	Name: bscookie Value: "v=1&20240814050034aa99774c-0440-4681-8c0c-0c1c103310e8AQGxqLVESLKKBjNM8KJTTrvj_K6yn_wZ"
.t.co/	1970-01-21 08:22:51	Name: muc_ads Value: 46535e2b-94de-4ed9-b3c2-aaff43300d07
.csoonline.com/	1970-01-21 08:22:51	Name: _autid Value: 66bc39f2b652db172a2da083
.twitter.com/	1970-01-21 08:22:51	Name: personalization_id Value: "v1_1gYXuSFRiDdWeP/TOOusUg=="
.adnxs.com/	1970-01-21 00:56:27	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2In5v<>kL!]tbP6j2F-XstGt!@EAQ%5.C!
.adnxs.com/	1970-01-21 00:56:27	Name: XANDR_PANID Value: mTdnTzIDT10iE9-BYQ_tatLzXdXVwp8okIyw-UBgG_DWV36EPySjqy49UjxgXRkCv_6qUtZRJzJLXMtYYmNnYbWwnhTzC0xlvd2jMCAXCgE.
.adnxs.com/	1970-01-21 00:56:27	Name: uuid2 Value: 619960011125078511
.taboola.com/	1970-01-21 07:32:27	Name: t_gid Value: ab66a168-452c-45ce-9f21-3c86e39f9ea9-tuctdb5bf72
.taboola.com/	1970-01-21 07:32:27	Name: t_pt_gid Value: ab66a168-452c-45ce-9f21-3c86e39f9ea9-tuctdb5bf72
.taboola.com/	1970-01-21 07:32:27	Name: receive-cookie-deprecation Value: 1
mau.idgesg.net/	1970-01-21 07:32:27	Name: mautic_device_id Value: 7e0zsbty6q50mphlmxafim5
mau.idgesg.net/	1969-12-31 23:59:59	Name: mtc_id Value: 61293081
mau.idgesg.net/	1969-12-31 23:59:59	Name: mtc_sid Value: 7e0zsbty6q50mphlmxafim5
mau.idgesg.net/	1970-01-20 22:46:53	Name: mautic_referer_id Value: 103750829
www.csoonline.com/	1969-12-31 23:59:59	Name: mtc_id Value: 61293081
www.csoonline.com/	1969-12-31 23:59:59	Name: mtc_sid Value: 7e0zsbty6q50mphlmxafim5
www.csoonline.com/	1969-12-31 23:59:59	Name: mautic_device_id Value: 7e0zsbty6q50mphlmxafim5
.postrelease.com/	1970-01-21 07:32:27	Name: visitor Value: 804e948d-d745-4469-ab74-de4896e800c1
.postrelease.com/	1970-01-21 07:32:27	Name: status Value: 0
.doubleclick.net/	1970-01-21 08:22:51	Name: IDE Value: AHWqTUn3llQzG7Zm7e2qbRyCg6_FresWpn2VN-66hOK2NaxgIqWkUiKEzi_bMRDN3u8
.csoonline.com/	1970-01-21 08:08:27	Name: __gads Value: ID=a0bf58d52da52478:T=1723611635:RT=1723611635:S=ALNI_Manqv9GKWZP8OFrLu6Nqu1LpkqRuw
.postrelease.com/	1970-01-21 07:32:27	Name: ver Value: 1
.csoonline.com/	1970-01-21 08:08:27	Name: __gpi Value: UID=00000ecaab9ee647:T=1723611635:RT=1723611635:S=ALNI_MZmdiNnAcufkAeFzoAYrSLUXd-I-g
.csoonline.com/	1970-01-21 03:06:03	Name: __eoi Value: ID=032a68f2a864aa5b:T=1723611635:RT=1723611635:S=AA-AfjZ6Yn3HH2P5fty5Pr4UnSyQ
.csoonline.com/	1970-01-21 08:22:51	Name: _ga_LKE46QM5TV Value: GS1.1.1723611632.1.0.1723611635.0.0.0
.doubleclick.net/	1970-01-21 03:06:03	Name: receive-cookie-deprecation Value: 1
.brandmetrics.com/	1970-01-21 00:59:02	Name: __bm2_710aa3be-a33c-42e7-b6c5-b9462d40435d Value: 3%7C1%7C240814050036%7C0%7C%7C%7C138452266315%3A6758863169_1_0%7C-
.brandmetrics.com/	1970-01-21 00:24:28	Name: __bm2_7e28898b-c459-49e0-baa9-35c50a046620 Value: 3%7C1%7C240814050036%7C0%7C%7C%7C138481858096%3A6711811571_1_0%7C-

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.csoonline.com/wp-content/themes/cso-b2b-child-theme/src/static/fonts/roboto.css?ver=1.0.0 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html Message: Access to XMLHttpRequest at 'https://idg.blueconic.net/DG/DEFAULT/rest/rpc/480?referer=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&bcsessionid=&bctempid=&overruleReferrer=&time=2024-08-13T19%3A00%3A33-10%3A00&ts=1723611633214' from origin 'https://www.csoonline.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://idg.blueconic.net/DG/DEFAULT/rest/rpc/480?referer=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html&bcsessionid=&bctempid=&overruleReferrer=&time=2024-08-13T19%3A00%3A33-10%3A00&ts=1723611633214 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.csoonline.com/article/3597298/revil-ransomware-explained-a-widespread-extortionoperation.html Message: Access to XMLHttpRequest at 'https://amd.sellingsimplified.net/wt/tc?cookie_val=0000&account_id=963-IDG&lb_email=&campaign_id=&program_id=&ssg_utm1=&ssg_utm2=&ssg_utm3=&x=&ip=&_v_c=&visitingPage=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html' from origin 'https://www.csoonline.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://amd.sellingsimplified.net/wt/tc?cookie_val=0000&account_id=963-IDG&lb_email=&campaign_id=&program_id=&ssg_utm1=&ssg_utm2=&ssg_utm3=&x=&ip=&_v_c=&visitingPage=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3597298%2Frevil-ransomware-explained-a-widespread-extortionoperation.html Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7be0a8f11b852a586f893d2a3e92860a.safeframe.googlesyndication.com
aax.amazon-adsystem.com
alb.reddit.com
amd.sellingsimplified.net
ampcid.google.com
analytics.twitter.com
api.kickfire.com
api.permutive.com
assoc-na.associates-amazon.com
b2b-contenthub.com
c.amazon-adsystem.com
c.evidon.com
cdn.blueconic.net
cdn.brandmetrics.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.onthe.io
cdn.permutive.app
cdn.subscribers.com
cdn.taboola.com
cds.taboola.com
clients1.google.com
cm.g.doubleclick.net
cmpv2.csoonline.com
collector.brandmetrics.com
config.aps.amazon-adsystem.com
connect.facebook.net
cse.google.com
distribution-cdn.askmiso.com
dt.adsafeprotected.com
f5b3be27-f789-4ef1-8867-37c67da5b361.prmutv.co
fonts.googleapis.com
fonts.gstatic.com
functions.adnami.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
idg.blueconic.net
intent.csoonline.com
jadserve.postrelease.com
k.intellitxt.com
l.betrad.com
macro.adnami.io
match.adsrvr.org
mau.idgesg.net
p.typekit.net
pagead2.googlesyndication.com
pips.taboola.com
pixel-config.reddit.com
pixel.adsafeprotected.com
pixel.wp.com
postrelease.com
psb.taboola.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
s.ntv.io
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
static.adsafeprotected.com
stats.wp.com
t.co
t1.csoonline.com
tags.srv.stackadapt.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
tribl.io
tt.onthe.io
twin-iq.kickfire.com
use.typekit.net
w.soundcloud.com
www.csoonline.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.redditstatic.com
z-na.associates-amazon.com
z.moatads.com
amd.sellingsimplified.net
dt.adsafeprotected.com
idg.blueconic.net
k.intellitxt.com
px.moatads.com
tt.onthe.io
104.244.42.3
108.138.106.103
108.138.106.59
108.138.115.149
108.138.127.64
13.107.42.14
141.226.224.32
141.226.224.48
142.251.163.106
142.251.163.97
142.251.174.155
146.75.40.157
151.101.1.140
151.101.129.44
151.101.130.165
151.101.193.140
151.101.65.44
172.217.197.154
172.217.197.155
172.253.62.154
172.253.63.113
173.194.68.157
18.164.96.105
18.238.4.35
18.238.58.225
188.40.115.112
192.0.66.19
192.0.76.3
20.40.202.2
2001:4860:4802:34::178
204.236.230.97
209.85.232.156
23.212.249.74
23.212.251.11
23.62.165.161
2600:1408:c400:29::17da:da44
2600:1408:c400:29::17da:da49
2600:1408:c400:5::17c7:3719
2600:1408:c400:9::17cd:6986
2600:1408:c400:9::17cd:69b0
2600:1f18:1aca:4282:5895:6a2b:e9ae:d919
2600:9000:2209:9c00:1:a3fa:7cc0:93a1
2600:9000:25c8:1e00:8:48e:53c0:93a1
2606:4700:10::6816:28db
2606:4700:20::ac43:45bf
2606:4700::6812:1e20
2607:f8b0:4004:c17::6a
2607:f8b0:4004:c17::8b
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c21::61
2607:f8b0:400d:c00::9c
2607:f8b0:400d:c01::84
2607:f8b0:400d:c03::8a
2607:f8b0:400d:c07::5f
2607:f8b0:400d:c07::95
2607:f8b0:400d:c0e::71
2607:f8b0:400d:c0e::84
2620:1ec:21::14
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
2a04:4e42:200::485
2a04:4e42:400::396
3.167.56.102
3.216.221.176
3.90.135.135
34.107.254.252
34.195.18.232
34.224.230.83
35.166.134.118
35.174.91.202
35.241.9.51
38.75.194.109
44.198.21.138
44.215.116.28
52.223.40.198
52.36.224.135
54.245.213.2
68.67.181.211
72.21.81.130
95.217.4.138
99.84.191.112
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
009ab6dff28f8d6cf3605b954b0dfa2d90ef0c06506f9ed7fc5b40e60debf189
01d84f32fc137d12f71248601957b80440f25bebd6af3a7df2e3e682dfa96108
025eddb1415c25e598cf63efb88c9c3376335d5bf32138a9241ed173d48dfff7
034acd3ced0cf00cdfcb684283fdc624a48c2dc8dcddeb55e09412f92971056d
0559af344180ba06fa3f419a4d7a71554ef38f663f9d7a18542123a3be9ae59f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c55d38feb03ea556625a2df037feddbb4cd5ed3b5e34388f8642c7669b82e0b
0d812ad43eed509018404d80594b433beb6f9a844fd03def78441510b3ff73e3
0f22a381d8acc6ad097c218e3febd07160c53b203f72ff46c6ee2eb6f15413ae
0fff1027e4e8022d21ded13079ac79ecc53b9ef9bc508f5dc065b4cf277965b3
108aeec86aa00a09dfaca605f722e937d64c9e51d82a64509cc3b9b9dbbf7a84
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
13c5dc69518578853308c5551bd700706021fee677e2fb6254929a9f858243f6
155ee5ee00189a528f75ee241b8a1346d260b6f82d2999b6dce02ea926d53345
18fd5dbc5db6f89e20452b891e00c02b88e54d567aee83467cab7ab4b5afba6f
19d23b13c156bd1ae475a1a7684fd895573c3293708914c59660bfd5db0484b2
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1db920068f62431d3d729e1617d7817bf5d4d0f69dd3b89a302892b7ca05f1d4
24105f3b73dd52d66291cac6af9c863087cc1b5eff5c28cc3b1dac58ffb73ad9
25302437cb6a5fdfed895161f357e2c8b9a97b3ccf3dde2ae5f7dad6afcd8801
277fb30e91af19162de1bd98e6364ee78f0677257c118fd46d0255b83eeadd55
2875e7d0aff16bcdde59fa4de7b959b54fd7b5ad49a566d801efe559452474ce
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3086a8e48451fbd8324f5d7a0449942eb34dec8bf31100703924a1af10096f4d
30e0c355dca9b065dd06bf034ede814dca5dc1e4c3d143106b5b92e71aa2e1be
3120dff3a59edb79a0757d795cbb6c63908ce1baa603251d0b5af3299f15d2b5
31a0b7926bee63405598e19dc811e5b44946f7a086cdb30c3edda887a6673c6f
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31ff9881a9008c4ae2acdeb67ef3616ca2847ebbaee590e6b4a928415f283365
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
3637ab4c591c6507fd6f5fad25bbda9d26977264e29dedf678ba89f53f811c42
36614fa35d15dafd350bae1fc00b39127cbf79e3847bb1cb3f881157676934b3
3e2b9ea7e8176250fd4e705e1d3a1de94001d5aaecbcc2fe850a1547a902e476
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
47866b8d2915779096be19131efecce0297c2a0c37f581c4e6ee187b13ebb8ea
47cdd06cfabe8153d2b52297912489ea0006a64e7b049e73e6eddc7a0316da72
4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075
49de2c534c2b4be8f59b2b031b61639595b2e2362e1ca7e575e766af597b2086
4ad68c8b729e22717f327f8d8a5465366772f15b18a479115b0e71a450f790bd
4b4524482e7993bc17cb8ba14f4efa1020e52ca766a389e08aee28247e916edd
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4d20e34d7517ba277214444e8f314c7b75141eb1979493453252daa941808ab7
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
4ecd1c5f5fb5d43813a0bc0eb70d057f71c826a7d317d24cff93d3526f4be232
528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187
52afd0cfdead7aa9f9eeac06993d1bb22a37017621d1921e320e2d0d0595117a
53941ec5ba6f6966ec662f6fd3636430d237a379eb8a159b3a00fca6b01e8c81
5533229fa476e5a112bf2f8a2bf1ca7b2d52d168d7e7906cbc2437dc852c3780
5626e4eef863b6d42948e82557f556451cfb51c144aaa13840e124bf9beb6eb5
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
5c132fcc7d8bf4465c60dd3b4413fc47486ba40bf81068befb59bad409f3ab5e
5c8ed1a04931a5fb7b6eadaae7460925869b2aeba5ef8b007b6b6403727a085b
5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d
5cd884261cf0503b6f4d1ef30073bc3b013262003b78dbbaf9f048a3fea2d2ab
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60d66834f47ff89a3bf2f0348af0472ea73f5ea22af9ae27699e0ff31e69be5f
6154825cfda87da08ea01eaf6a244516d401215a2827eca8a25994de7be52e9b
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6a966b28efc1df14f92bb63c8e0728e8328e6ec3358c162c9c7c6ee13b69fbe2
7261a534c1150a0c8bd1e4e8e1ddf2491bdd33fb3ef2ad404cf636809b4bf1d6
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
78116b9ead56834acdb4c129fa76dfc672b8052109998aebf21ae0d9e657d2e1
78e1a8d3fca42967c71abed847efcc6fdc913c8d7689fad11d8fb6d311604e10
80cc6f6a35ae700a714f5dd4104469247c6a2c06c6abfc7a32f9714f819829cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ab7ed8eef712195366713d77c9b7ea321710c640b4b7e88f87a922098cb1d7
85df5b07597cb2f42c492aa6f5c5e5960637e813ee0945e21996fdaacbf29262
861465bb8e4365ac3c9efc5797a5a57c7d994b32798d212c3dc5350eefbb8711
86208f418fce22f1905ac511b20a36fb0fec109838679ae65c80d6cfd3f2cb46
86f20199fc95660a2cb43af95485eb52eb22d3ee5d144e4fbd4663ef3c13a973
8703d745c2580d5e8baf121512c0281ff8043f47a20ee0e4a556bd090f2ff0e6
88607fc4d92c1708adfe6ef872c15f5d9184bf693c4b9232d39e051d290c51bd
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90b6e25ee9d4fcad0d487ceaece7e28859a87e6ef6a58d7f82dad1f6d3948698
924e5cdd56019f10cefe4b4a8b8f6ca2295efdde1f670ebf02a1001f063d6e7f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93fb6a5707f22138c096e718389b384fd38d51fcd56111b7a5f834fbeea8f5f2
953661ea90e1148eb13f8a0de43aa38cf2c90e76152522d81e624546fafdae1a
9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44
97ae51439e1c4d05dbc2e1a1bdca4408d48c37a1a6d748348353194e29eb6e84
9ba28ff6eb9e485dd0daa798db849dbc76032a7bd25ecd769568c67e152d5233
9c2a8dd05b89df8e94d2dd48db7a9507dcb31fe218c247f38133d161b0cc928f
9ea353ec9dcb0fc2a853302210b07275be9cc96057cb50f95093c20041e4e477
9ef95f328fa66349cf10e98377cfafada07996f11c629350aceb6c51dcd43594
a044e5e607bdcd95ab88ddde10ab09952219cbc97659aec9d5916b6ccf991586
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a10c0157e56fe9c945a97e68d0a863bb6345ad7bae08b004c31e44a42d6521b8
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
a8c6af3d0b942dc691bed5b471dd29da8c2a6cdbedf1e66577416a8f9e29c1d6
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab4fc03f8a6d608726673657b3b1aed10be00a333dbf84a1c8ae90ed70324620
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b09b0920822a9385cac1bb34a1df9f96489dbbef839a5f33cf73c84b730410b5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b98fbbd8eedd125134298bb2d3b79fba05e0b953e731149fc11c828a0ad98d5f
b9ed0efd07c05855708c9574f64d0ace6410e6c3536c2db61a2c53876fcc2db4
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bd40443bbe67ff89c7dbaadbce08e48d8c5611b0b10adb5f3f837ed32f719bbe
c31e74b40a67c8df6c779ed84636191ccd1cf4aac7d2a080e253686e0ba2e1d4
c3ff6f3942ebb4beb42fceb6b50bead346a7c678f79f7f658ddb894de8b90d8c
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
c4a21799c079dbdfa714c45d7a501a98bb032462489428804093dad35f638ccb
c6118b2c42afec3c10e1a26b7556381fdd65d5dfbb45ffa28300bb4b10b3beb6
c63ee2c1218938af50dab728c621c7848f8c6c924b9f16a9d9a14b099145538e
c66153fa5d9645a21041586215435bcf57f79eea44ad74c2241a0fa60ef3c0d5
c6d34eca72d275393867b77476567f83114f2f49d1b3082a1887d731bd466487
c867ace4fd19322a1a8a3acb8110050312a32943db24a9ae3debb9f6361bda7c
c881c116ceb12a029ec436a096541955612e5f5e1ae26fbec75311e17a4f5184
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb91d44b4b1deecc952c953de556437e2283fb4a17261ef352cc19ea65f7984b
cd51213fe0749584c2df9387b62cd15e7faa3e636ed9f109286614071a9af007
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2b66ccf3e0fa78d83f785e0d5b959450c81e5a9f539ab375743eeb40ce4e428
d2c07312d4c7017852deb89964d6e099a9b1d65ea072c1225920cad71fa5587a
d315602f7777f916318d9edcf7dac6425839561f4168026d396d89a5ecadf712
d480de66b420ea6afb356fe87de6fe62f5cbbd08662f077ff2edae95a2b900df
d4cd80375caaade4a7c0b34f24f201bfbf728bc07cc862a90aeb638a8834e8f6
d53616d4e93a2202ae24f11a0fbffbe15782706ab58dba0deecfae5ad39e6b43
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
db233498d5eb5569ba9e43afd74e98597fe8e624fa6bc0b8992b18cedab407c8
dc6dacff9a56a6947dcf1eea394b6bbb7c4da52d6febaa470487a37450c41fe6
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dd798e0c0d566b09c224297004f97bc1b924c6840ebf38b3ddcf1aef22fbcffb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64
dedf27d0bf6152438b9ad966eca9fdcb0ce80a4b22a09c42d3aeda082130ad7d
e1ff8415a2a53b488133a562b2c5a9bab790c498801f46144d790563adf36092
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d583691f96265c8d028f960b8256790133844901f66a5bdd469917560d94c7
e618149b0e2c5ad6df67fea6bd5a15ffb80bb83002e47571d7c2704285f3051e
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
ed197774c72482d311311e9857e79692c48f3eebc02c4276c98aa1446e08b5d5
edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49
eeadd821011c441007a316210ed7fc8716f642292d90f0d29afd1e5fa9239de2
eee9ad6ebda3c830b601e498772dfc337f67da0320aec1788a919d6fd5c03b4d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c44f9b21f98782a63a8f63785c8eb82845438f3e7b8994fe1bb5e5ea8eb085
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f52a25986db575f3b50734266b36cfe7d8e6889805d089e9963ae3b064aa7dc3
f558f0e81adeb534c13953f602395238fdbbf76f0c5cb38b0a2b67143342dbec
f5d8584f16a63535e8db8b30766c71f08cbe97522ff74d862b75b65c6666d082
f83677ef94ed0c7452a718281fc3a6c55b3699c47f2998a18dfaf34b4341450e
f90c146189dd9b5e61d74536278feb715571536340d10ef65938daef2befae99
fa36f064c117d56520b86c7e85e2a3a0d953140434ab45528bdaa014b782d394
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb6ab1073cde3166b6000e29997f96d96645c9cba747ba4058dfd6bdd3de5600
fbb69351794f4b0836227ee1e8fdf18b9b1ed700307a95d61164735807cc9739
fbcacda475ed69433f5f60034f72c38bf7dfa6d4c89f7ee7a2c2f88945f813b5
fd6ac821aefa3d47f2e5d9084efff5d433387c9812f8cec0fe65a8e0da55bf13

www.csoonline.com Open in urlscan Pro 151.101.130.165 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

293 Requests

95 %HTTPS

35 %IPv6

51 Domains

85 Subdomains

82 IPs

3 Countries

3092 kBTransfer

10192 kBSize

74 Cookies

15 Outgoing links

Redirected requests

293 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.csoonline.com Open in urlscan Pro
151.101.130.165 Public Scan

Screenshot
Live screenshot

Full Image

293
Requests

95 %
HTTPS

35 %
IPv6

51
Domains

85
Subdomains

82
IPs

3
Countries

3092 kB
Transfer

10192 kB
Size

74
Cookies

293 HTTP transactions
4 data transactions