threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
Submission: On July 01 via api (July 1st 2019, 6:41:47 am UTC) from DE

Summary HTTP 50 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 18 domains to perform 50 HTTP transactions. The main IP is 35.173.160.135, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is threatpost.com.
TLS certificate: Issued by Thawte EV RSA CA 2018 on June 17th 2019. Valid for: a year.

This is the only time threatpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	35.173.160.135 35.173.160.135	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
6	2600:9000:204... 2600:9000:2047:3200:2:9275:3d40:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2606:4700::68... 2606:4700::6813:c697	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
12	2600:9000:204... 2600:9000:2047:e00:0:5c46:4f40:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6813:c397	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	91.228.74.247 91.228.74.247	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY - Fastly)
1	2600:9000:204... 2600:9000:2047:ea00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER - Twitter Inc.)
2	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	91.228.74.190 91.228.74.190	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER - Twitter Inc.)
50	20

5 35.173.160.135 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-173-160-135.compute-1.amazonaws.com

threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kasperskycontenthub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2047:3200:2:9275:3d40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

assets.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:2047:e00:0:5c46:4f40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

media.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland) 1 redirects

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c397 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.247 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2047:ea00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.190 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	threatpost.com threatpost.com assets.threatpost.com media.threatpost.com	434 KB
4	google.com www.google.com adservice.google.com	1 KB
4	googlesyndication.com pagead2.googlesyndication.com	191 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	6 KB
2	doubleclick.net googleads.g.doubleclick.net
2	cloudflare.com cdnjs.cloudflare.com	12 KB
1	twitter.com analytics.twitter.com	672 B
1	t.co t.co	487 B
1	quantcount.com rules.quantcount.com	2 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	gstatic.com www.gstatic.com	92 KB
1	google.de adservice.google.de	481 B
1	googletagmanager.com www.googletagmanager.com	22 KB
1	wp.com i0.wp.com	65 B
1	gravatar.com 1 redirects secure.gravatar.com	383 B
1	kasperskycontenthub.com kasperskycontenthub.com	368 B
0	google-analytics.com Failed www.google-analytics.com Failed
50	18

	Domain	Requested by
12	media.threatpost.com	threatpost.com
6	assets.threatpost.com	threatpost.com
4	pagead2.googlesyndication.com	threatpost.com pagead2.googlesyndication.com
4	threatpost.com	threatpost.com
3	www.google.com	threatpost.com www.gstatic.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cdnjs.cloudflare.com	threatpost.com assets.threatpost.com
1	analytics.twitter.com	static.ads-twitter.com
1	pixel.quantserve.com	threatpost.com
1	t.co	threatpost.com
1	rules.quantcount.com	secure.quantserve.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	static.ads-twitter.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.googletagmanager.com	threatpost.com
1	i0.wp.com	threatpost.com
1	secure.gravatar.com	1 redirects
1	kasperskycontenthub.com	threatpost.com
0	www.google-analytics.com Failed	www.googletagmanager.com
50	22

This site contains links to these domains. Also see Links.

Domain
spotlight.threatpost.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
feedly.com
www.instagram.com
myprivacy.medialaan.be
enterprise.verizon.com
www.fbi.gov
attendee.gotowebinar.com
www.wired.com
www.baltimoresun.com
www.bankinfosecurity.com
media.threatpost.com
www.emsisoft.com
www.bbc.com
akismet.com
t.co

Subject Issuer	Validity	Valid
threatpost.com Thawte EV RSA CA 2018	`2019-06-17` - `2020-06-17`	a year	crt.sh
assets.threatpost.com Amazon	`2019-04-02` - `2020-05-02`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-02` - `2019-09-08`	6 months	crt.sh
kasperskycontenthub.com Thawte RSA CA 2018	`2019-06-14` - `2020-06-13`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
media.threatpost.com Amazon	`2019-04-02` - `2020-05-02`	a year	crt.sh
*.wp.com Go Daddy Secure Certificate Authority - G2	`2018-04-10` - `2020-05-11`	2 years	crt.sh
www.google.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2018-10-16` - `2019-10-21`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2018-08-16` - `2019-08-21`	a year	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-03-07` - `2020-03-07`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-01-28` - `2020-01-28`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
Frame ID: 519A092F27AAA0DB4129077746CA8142
Requests: 45 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190624/r20190131/show_ads_impl.js
Frame ID: 35DE3E829A9D6EF47D8307E6DC6909A2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190624/r20190131/zrt_lookup.html
Frame ID: A12D8C6A9925B37D340710C5DC34E95F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7500593236707325&output=html&adk=1812271804&adf=3025194257&lmt=1561963295&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2%2C6%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A32904%2C9%3A32904%2C16%3A8388608%2C27%3A128%2C30%3A1081472%2C32%3A128&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fthreatpost.com%2Fransomware-a-persistent-scourge-requiring-corporate-action-now%2F145731%2F&ea=0&flash=0&pra=5&wgl=1&dt=1561963294665&bpp=106&bdt=12412&fdt=789&idt=789&shv=r20190624&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=4133453673733&frm=20&pv=2&ga_vid=1680072394.1561963295&ga_sid=1561963295&ga_hid=1364745359&ga_fc=0&iag=0&icsg=8585888&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21061796&oid=3&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=272949454&ifi=0&uci=0.g743yk7qd1e5&fsb=1&dtd=889
Frame ID: 000D67CF138751A982CCC5638C2802DA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=v1561357937155&theme=standard&size=normal&cb=d5wqjmbub9xr
Frame ID: 7FE625BB2708E03A15F142B92C3A9E85
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1561357937155&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=chapdh31hmgb
Frame ID: E2D1B35558E746BB885B60C46FB22B13
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

50
Requests

92 %
HTTPS

65 %
IPv6

18
Domains

22
Subdomains

20
IPs

4
Countries

793 kB
Transfer

1657 kB
Size

2
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://spotlight.threatpost.com/
Title: HackerOne Spotlight

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Threatpost/

Search URL Search Domain Scan URL

URL: https://twitter.com/threatpost/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/groups/12103060

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/threatpost

Search URL Search Domain Scan URL

URL: https://feedly.com/threatpost

Search URL Search Domain Scan URL

URL: https://www.instagram.com/Threatpost/

Search URL Search Domain Scan URL

URL: https://myprivacy.medialaan.be/?siteKey=yL4sw05CSCQsdU0d&callbackUrl=https%3a%2f%2fnieuws.vtm.be%2fprivacy-wall%2fcallback%3foriginalUrl%3d%25252fbinnenland%25252fwerknemers-gehackt-bedrijf-zaventem-nog-tot-vrijdag-technisch-werkloos
Title: German media outlets

Search URL Search Domain Scan URL

URL: https://enterprise.verizon.com/resources/reports/dbir/
Title: DBIR

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/news/stories/ic3-releases-2018-internet-crime-report-042219
Title: Internet Crime Report

Search URL Search Domain Scan URL

URL: https://attendee.gotowebinar.com/register/611039692762707715?source=enews
Title: Don’t miss our free Threatpost webinar

Search URL Search Domain Scan URL

URL: https://www.wired.com/story/atlanta-spent-26m-recover-from-ransomware-scare/
Title: $2.6 million

Search URL Search Domain Scan URL

URL: https://www.baltimoresun.com/maryland/baltimore-city/bs-md-baltimore-ransomware-update-20190610-story.html
Title: recent victim

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.com/ransomware-attack-costs-norsk-hydro-40-million-so-far-a-12269
Title: $40 million

Search URL Search Domain Scan URL

URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/06/14134000/webinar-promo.png

Search URL Search Domain Scan URL

URL: https://www.emsisoft.com/decrypter/jsworm-20
Title: some decryptor tools

Search URL Search Domain Scan URL

URL: https://www.bbc.com/news/entertainment-arts-48597096
Title: recent response

Search URL Search Domain Scan URL

URL: https://akismet.com/privacy/
Title: Learn how your comment data is processed

Search URL Search Domain Scan URL

URL: http://twitter.com/search?q=%23Instagram
Title: #Instagram

Search URL Search Domain Scan URL

URL: http://twitter.com/search?q=%23phishing
Title: #phishing

Search URL Search Domain Scan URL

URL: https://t.co/bpPskHmdj1
Title: https://t.co/bpPskHmdj1

Search URL Search Domain Scan URL

URL: https://twitter.com/threatpost
Title: Follow @threatpost

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://secure.gravatar.com/avatar/e62ae62aad487b570a75f0172e7b7675?s=60&d=https%3A%2F%2Fthreatpost.com%2Fwp-content%2Fthemes%2Fthreatpost-2018%2Fassets%2Fimages%2Favatar-default.jpg&r=g HTTP 302
https://i0.wp.com/threatpost.com/wp-content/themes/threatpost-2018/assets/images/avatar-default.jpg?ssl=1

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/ 91 KB
25 KB 10160ms
112ms Document
text/html 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a233c4304fff9656e7f38056edc518a6033d14356a98fe256eb6e6865ce94285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: threatpost.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Mon, 01 Jul 2019 06:41:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Frame-Options: SAMEORIGIN SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Link: <https://threatpost.com/wp-json/>; rel="https://api.w.org/" <https://threatpost.com/?p=145731>; rel=shortlink
x-cache-hit: HIT
Content-Encoding: gzip

GET main.css
threatpost.com/wp-content/themes/threatpost-2018/assets/css/ 0
0

GET
H2 200 /
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 62 KB
15 KB 288ms
78ms Stylesheet
text/css 2600:9000:2047:3200:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-kaspersky-widgets/css/trending-authors.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d70c9359

Requested by

Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2047:3200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

b31f6b14778fbbe272430be354513357a8a7aaebf77a5b50e761b7040ed303ae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Jun 2019 16:16:48 GMT
content-encoding: gzip
age: 50662
x-cache: Hit from cloudfront
status: 200
content-length: 14619
last-modified: Thu, 27 Jun 2019 16:15:34 GMT
server: nginx
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 9edca61f65102033971d096a9351690a.cloudfront.net (CloudFront)
x-cache-hit: MISS
x-amz-cf-pop: FRA53
x-amz-cf-id: JKFA6ZQ9xEIVyJrp9K3j5Aw44CHBLW_HPR4AsjWRCuuM5bSTYX0DBA==
expires: Fri, 28 Jun 2019 16:16:48 GMT

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 17 KB
6 KB 305ms
104ms Script
application/javascript 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js?ver=5.1.1

Requested by

Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 01 Jul 2019 06:41:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 6597224
cf-ray: 4ef664d3690ebece-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
last-modified: Thu, 17 May 2018 09:26:22 GMT
server: cloudflare
etag: W/"5afd4abe-45f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 20 Jun 2020 06:41:22 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.013

GET jquery.js
threatpost.com/wp-includes/js/jquery/ 0
0

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 133 KB
35 KB 300ms
92ms Script
application/x-javascript 2600:9000:2047:3200:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/adrupt-options/dist/js/adrupt.ads.min.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/kaspersky-taboola-ads/assets/js/start.js,wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/threatpost-2018/assets/js/main.js,wp-content/themes/threatpost-2018/assets/js/loadmore.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=d70c9359

Requested by

Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2047:3200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

60f7c04e003009ea44b161f7a8c4c76f14ae490a3937ceaaf1be52e1a7e8aa60

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Jun 2019 16:16:50 GMT
content-encoding: gzip
age: 50661
x-cache: Hit from cloudfront
status: 200
content-length: 35435
last-modified: Thu, 27 Jun 2019 16:15:35 GMT
server: nginx
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 9edca61f65102033971d096a9351690a.cloudfront.net (CloudFront)
x-cache-hit: MISS
x-amz-cf-pop: FRA53
x-amz-cf-id: VZZ9kvLy_QgWYvdONqnL2wyO4hLCJMXh96DdanBI-B1oS_b7c7Y1fw==
expires: Fri, 28 Jun 2019 16:16:49 GMT

GET
H/1.1 200
OK / Show response
kasperskycontenthub.com/ 0
368 B 3757ms
176ms Script
application/javascript 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://kasperskycontenthub.com/?dm=ed1f9e435dc885292eab65620c51f3fb&action=load&blogid=103&siteid=1&t=1581729689&back=https%3A%2F%2Fthreatpost.com%2Fransomware-a-persistent-scourge-requiring-corporate-action-now%2F145731%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 01 Jul 2019 06:41:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript
x-cache-hit: MISS
Transfer-Encoding: chunked
Connection: close
X-XSS-Protection: 1; mode=block

GET adrupt_style.css
threatpost.com/wp-content/plugins/adrupt-options/dist/css/ 0
0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 91 KB
34 KB 85ms
77ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

873f98d628677ccfc9691f96943269e5ea54261ed80d8f15fb680141315989d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 01 Jul 2019 06:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 34402
x-xss-protection: 0
server: cafe
etag: 1140500718753565802
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 01 Jul 2019 06:41:22 GMT

GET
H2 200 Tara-headshot.jpg
media.threatpost.com/wp-content/uploads/sites/103/2018/08/15114841/ 13 KB
13 KB 384ms
76ms Image
image/jpeg 2600:9000:2047:e00:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/08/15114841/Tara-headshot.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:e00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89ce08431545cd3c6d42419d99ee0152027a68c1d0c7c82838cc9a51d9d52451

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 02 Jun 2019 00:12:04 GMT
via: 1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront), 1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
last-modified: Fri, 17 Aug 2018 16:22:08 GMT
server: AmazonS3
age: 2528959
etag: "dee18dfeea6de13bec60c1e5237eb723"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53
accept-ranges: bytes
content-length: 13097
x-amz-cf-id: 3qsPES1CdWwufRx2GoCZJ_o_8hlza6yFayr3q9SQL2Ts5rkZb6q_-g==
expires: Sat, 17 Aug 2019 16:22:07 GMT

GET
H2 200 broken-ransomware.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/06/14143144/ 18 KB
18 KB 89ms
88ms Image
image/jpeg 2600:9000:2047:e00:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/06/14143144/broken-ransomware.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:e00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 410b779a8e4c4f63400c25eed0267a71a59e0ab805002a532cb8dc23396fe314

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 20:10:14 GMT
via: 1.1 ed0c487879f809919537bf00a2f2dc8f.cloudfront.net (CloudFront), 1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jun 2019 18:31:46 GMT
server: AmazonS3
age: 1420269
etag: "eb2950fe29d9790d9ab3648ee6814d24"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53, FRA53
accept-ranges: bytes
content-length: 18392
x-amz-cf-id: qN4YZc0px33FdGf5ZnRP225-_BdB9nBaNUL3mPuCNCAsLKvy5uHcDA==
expires: Sat, 13 Jun 2020 18:31:44 GMT

GET
H2 200 subscribe2.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/02/19151457/ 8 KB
9 KB 8ms
7ms Image
image/jpeg 2600:9000:2047:e00:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/02/19151457/subscribe2.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:e00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa64fa30a3263fa3105736228a6feaaa4f7d32d8ef96b12e56f6fb95511b66a7

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 May 2019 00:16:15 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront), 1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
last-modified: Tue, 19 Feb 2019 20:14:58 GMT
server: AmazonS3
age: 2874308
etag: "5ba45563f793f39ef6baf02645651654"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53
accept-ranges: bytes
content-length: 8281
x-amz-cf-id: u4bZATXkLt6ZNtj72qxQWTLHs8FZQFCSEf6zOrKDxsXaZSsyderEiQ==
expires: Wed, 19 Feb 2020 20:14:57 GMT

GET
H2 200 webinar-promo-300x157.png
media.threatpost.com/wp-content/uploads/sites/103/2019/06/14134000/ 19 KB
20 KB 14ms
13ms Image
image/png 2600:9000:2047:e00:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/06/14134000/webinar-promo-300x157.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:e00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0c66c78810f19e6797abc5bdbaf550ac3a984a694676d93973d58ff40bba78f

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:53:52 GMT
via: 1.1 ae3e6ab763f755c867a3b493d306312c.cloudfront.net (CloudFront), 1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jun 2019 17:40:01 GMT
server: AmazonS3
age: 1424851
etag: "3bebe5db4814934956e4c02326aaac61"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53, FRA53
accept-ranges: bytes
content-length: 19840
x-amz-cf-id: 3azu5O1TNlJ8Q30rEq2Yahi1cRL11elIjcqtK1c5ZkJ3zH5sKFIkug==
expires: Sat, 13 Jun 2020 17:40:00 GMT

GET
H2 200 malware-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2018/12/11133718/ 24 KB
24 KB 9ms
9ms Image
image/jpeg 2600:9000:2047:e00:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/12/11133718/malware-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:e00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7d9828ae6f573226c7d20873071b6c10f7c2064c667759f1df6b0440abc3483

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 May 2019 05:27:48 GMT
via: 1.1 f131f7f70cfd3a8b96a854e1f446f33b.cloudfront.net (CloudFront), 1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
last-modified: Tue, 11 Dec 2018 18:37:21 GMT
server: AmazonS3
age: 4929215
etag: "a561ef1e26e4cd78797e8a21cff7d6c5"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53
accept-ranges: bytes
content-length: 24191
x-amz-cf-id: 2-1yRYcBuBhBKMweVKaheuQ4jrsGyzu8V_smoh0VD_xAD-9LHqXotA==
expires: Wed, 11 Dec 2019 18:37:18 GMT

GET
H2 200 threatpost_mirai_script_kiddies_iot-540x270.png
media.threatpost.com/wp-content/uploads/sites/103/2016/10/06232820/ 130 KB
130 KB 82ms
81ms Image
image/png 2600:9000:2047:e00:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2016/10/06232820/threatpost_mirai_script_kiddies_iot-540x270.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:e00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91171b94e2042f5ce1717d8c114be50a1f668a16016fb42e2b744d142e5eee4c

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Jun 2019 16:17:27 GMT
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront), 1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jul 2018 01:12:56 GMT
server: AmazonS3
age: 311036
etag: "130e7daf87faf2826289c44b0e52b6ee"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2, FRA53
accept-ranges: bytes
content-length: 132678
x-amz-cf-id: w7FmCzezlFK7ueK6-G-pWJS76hoZFYvKKLpY0hpD0FicozdZPu0Tyw==
expires: Wed, 03 Jul 2019 01:12:54 GMT

GET
H2 200 ransomware-city-540x270.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2019/06/20154324/ 26 KB
26 KB 80ms
79ms Image
image/jpeg 2600:9000:2047:e00:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/06/20154324/ransomware-city-540x270.jpeg
Requested by: Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:e00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da4040a851b674597ac8957a25f6551524d1605617584bcc58d77fc1bd050af7

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Jun 2019 20:38:07 GMT
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront), 1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
last-modified: Thu, 20 Jun 2019 19:43:28 GMT
server: AmazonS3
age: 900196
etag: "d20074132d5383b30ab0d5d250b167cc"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, FRA53
accept-ranges: bytes
content-length: 26651
x-amz-cf-id: UDf6uGTEvxtoMgSOSkeeuS_oIzVaHXl7tXJh6p0QUGeKRKnt2l59zQ==
expires: Fri, 19 Jun 2020 19:43:24 GMT

GET
H2

404

avatar-default.jpg
i0.wp.com/threatpost.com/wp-content/themes/threatpost-2018/assets/images/
Redirect Chain

https://secure.gravatar.com/avatar/e62ae62aad487b570a75f0172e7b7675?s=60&d=https%3A%2F%2Fthreatpost.com%2Fwp-content%2Fthemes%2Fthreatpost-2018%2Fassets%2Fimages%2Favatar-default.jpg&r=g
https://i0.wp.com/threatpost.com/wp-content/themes/threatpost-2018/assets/images/avatar-default.jpg?ssl=1

65 B
65 B

537ms
480ms

Image
text/html

192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.wp.com/threatpost.com/wp-content/themes/threatpost-2018/assets/images/avatar-default.jpg?ssl=1
Requested by: Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: i1.wp.com
Software: nginx /
Resource Hash: 3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
x-nc: EXPIRED ams 18
date: Mon, 01 Jul 2019 06:41:23 GMT
server: nginx
content-type: text/html; charset=utf-8

Redirect headers

x-nc: MISS vie 2
date: Mon, 01 Jul 2019 06:41:23 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
source-age: 0
location: https://i0.wp.com/threatpost.com/wp-content/themes/threatpost-2018/assets/images/avatar-default.jpg?ssl=1
content-type: text/html; charset=utf-8
status: 302
cache-control: max-age=300
link: <https://www.gravatar.com/avatar/e62ae62aad487b570a75f0172e7b7675?s=60&d=https%3A%2F%2Fthreatpost.com%2Fwp-content%2Fthemes%2Fthreatpost-2018%2Fassets%2Fimages%2Favatar-default.jpg&r=g>; rel="canonical"
content-length: 0
expires: Mon, 01 Jul 2019 06:46:23 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 762 B
595 B 107ms
103ms Script
text/javascript 2a00:1450:4001:81c::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

e3852329019e5662acec7d5a335114e80c30593602bd09bb65487872586f00f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 01 Jul 2019 06:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 448
x-xss-protection: 1; mode=block
expires: Mon, 01 Jul 2019 06:41:22 GMT

GET
H2 200 app-store-apple-backlash-64x64.png
media.threatpost.com/wp-content/uploads/sites/103/2019/04/29144922/ 4 KB
4 KB 7ms
6ms Image
image/png 2600:9000:2047:e00:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/04/29144922/app-store-apple-backlash-64x64.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:e00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2642d89ee8c2d504bcbaf5df8c7e9d1d28589b8e3a1c190cf385bd08bb00c097

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 06 Jun 2019 04:58:21 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront), 1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
last-modified: Mon, 29 Apr 2019 18:49:25 GMT
server: AmazonS3
age: 2166182
etag: "e88d63d112d124921e98bdf18d06e907"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53
accept-ranges: bytes
content-length: 3849
x-amz-cf-id: Q3zDMR-leIYC_SYLuLBOpzvWTImX5Xsz_5GB62Yk3qOyfbiWXIho1A==
expires: Tue, 28 Apr 2020 18:49:22 GMT

GET
H2 200 windows10_magnyfying_glass-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/04/16115847/ 2 KB
2 KB 6ms
6ms Image
image/jpeg 2600:9000:2047:e00:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/04/16115847/windows10_magnyfying_glass-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:e00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8e512667c95dc925585aa2b05f858b8d7ddbf8810cb61f6f14049e6e9812b00

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 06 Jun 2019 12:50:49 GMT
via: 1.1 249b0d921fdb938596674ad935677340.cloudfront.net (CloudFront), 1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2019 15:58:50 GMT
server: AmazonS3
age: 2137834
etag: "8ae8b668ebfa7effae6e911e6a0c5065"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53
accept-ranges: bytes
content-length: 1926
x-amz-cf-id: t-JEFmq_l7IkHB1iWoFkOFo-ZNMxhb4lm_Ox2wDVBIhYH-IuiFRY6A==
expires: Wed, 15 Apr 2020 15:58:47 GMT

GET
H2 200 touch-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/06/03143246/ 2 KB
2 KB 6ms
6ms Image
image/jpeg 2600:9000:2047:e00:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/06/03143246/touch-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:e00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 925492cde6491b3677bd407903d9a1222a308c26a4d78199f9d32f07b210e945

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Jun 2019 14:06:35 GMT
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront), 1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jun 2019 18:32:49 GMT
server: AmazonS3
age: 2219688
etag: "618155921ed5ad1391d8923faa6d3c61"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53
accept-ranges: bytes
content-length: 1588
x-amz-cf-id: h8C2bjU4sdFrYCVJktbLo73g81p0oTa_wR_jSK77bBQ1ke91TFEDYA==
expires: Tue, 02 Jun 2020 18:32:46 GMT

GET
H2 200 5G-64x64.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2019/06/31140552/ 2 KB
2 KB 6ms
6ms Image
image/jpeg 2600:9000:2047:e00:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/06/31140552/5G-64x64.jpeg
Requested by: Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:e00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8c0730b4f5f7d9638e4adf30b6ffebdcf04fe82456c0f4038733705c8e2c029

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Jun 2019 15:52:49 GMT
via: 1.1 09052d1a6e392e4f4a3fd97bf34a2b24.cloudfront.net (CloudFront), 1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
last-modified: Fri, 31 May 2019 18:05:55 GMT
server: AmazonS3
age: 2299714
etag: "2f309266bfba5db441402a2c5b867acd"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53
accept-ranges: bytes
content-length: 1636
x-amz-cf-id: VDuRSeBBvWn7sYenSHSyBYlx8H_1qu_NzbHPKOJzEho0gxC_9IUkSA==
expires: Sat, 30 May 2020 18:05:52 GMT

GET
H2 200 5G-IoT-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/05/29133639/ 2 KB
2 KB 6ms
6ms Image
image/jpeg 2600:9000:2047:e00:0:5c46:4f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/05/29133639/5G-IoT-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:e00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72cb98f40699839578809f549902265794ea6bee09295a41728756891e9d8709

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Jun 2019 14:09:28 GMT
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront), 1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
last-modified: Wed, 29 May 2019 17:36:42 GMT
server: AmazonS3
age: 2219515
etag: "4a804a4b9e5244de30fd1f7bc92b9c1f"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53
accept-ranges: bytes
content-length: 1572
x-amz-cf-id: B0qPvr3dwJM14uJiAZqGS76u7q-vL3yg8k4nxm0qDpkqk1h1uCF-Ag==
expires: Thu, 28 May 2020 17:36:39 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 2 KB
1 KB 76ms
75ms Script
application/x-javascript 2600:9000:2047:3200:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/jquery.json.min.js&ver=d70c9359

Requested by

Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2047:3200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

a9f6c03ce6f4d1654f29f2136651e883198d509cb2e26af1c24b1f87b6ccae13

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Jun 2019 16:16:27 GMT
content-encoding: gzip
age: 50660
x-cache: Hit from cloudfront
status: 200
content-length: 935
last-modified: Thu, 27 Jun 2019 16:15:33 GMT
server: nginx
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 9edca61f65102033971d096a9351690a.cloudfront.net (CloudFront)
x-cache-hit: HIT
x-amz-cf-pop: FRA53
x-amz-cf-id: ZeaGJBEcLXj2JPOFZ019j1ZRRd68JcBGAhu-Mg9ICvZa2yBY3JQZQA==
expires: Fri, 28 Jun 2019 16:16:07 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 26 KB
9 KB 81ms
7ms Script
application/x-javascript 2600:9000:2047:3200:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/gravityforms.min.js&ver=d70c9359

Requested by

Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2047:3200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

a783d2ad42c380bc896219c080fa845d1e9f2e77483558103aeb296b95b85701

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Jun 2019 16:16:27 GMT
content-encoding: gzip
age: 50660
x-cache: Hit from cloudfront
status: 200
content-length: 8382
last-modified: Thu, 27 Jun 2019 16:15:32 GMT
server: nginx
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 9edca61f65102033971d096a9351690a.cloudfront.net (CloudFront)
x-cache-hit: HIT
x-amz-cf-pop: FRA53
x-amz-cf-id: AH2hHbv_DB0HtIUIv3w8ZMCNgBVaNhRo-sb3cCtkToYtbR5-Vq5RZg==
expires: Fri, 28 Jun 2019 16:16:07 GMT

GET
H2 200 /
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 160 B
546 B 183ms
81ms Stylesheet
text/css 2600:9000:2047:3200:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityformsmailchimp/css/form_settings.css&ver=d70c9359

Requested by

Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2047:3200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

0590be5083a6babff6571bd27f87886c08720e623045c8aae01bc54054c26219

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 29 Jun 2019 16:16:56 GMT
content-encoding: gzip
age: 50662
x-cache: Hit from cloudfront
status: 200
content-length: 135
last-modified: Thu, 27 Jun 2019 16:15:33 GMT
server: nginx
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 9edca61f65102033971d096a9351690a.cloudfront.net (CloudFront)
x-cache-hit: MISS
x-amz-cf-pop: FRA53
x-amz-cf-id: yVocbQg37DdbbjRPm8d4ukjxRL8lCYSITGjkivOq6vDy9SMXo1v8Xw==
expires: Sun, 30 Jun 2019 16:16:56 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 13 KB
5 KB 15ms
7ms Script
application/x-javascript 2600:9000:2047:3200:2:9275:3d40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-taboola-ads/assets/js/end.js,wp-includes/js/wp-embed.min.js,wp-content/plugins/gravityforms/js/conditional_logic.min.js,wp-content/plugins/gravityforms/js/placeholders.jquery.min.js,wp-content/plugins/akismet/_inc/form.js&ver=d70c9359

Requested by

Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2047:3200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

e697ae92648ccad15ada450ecbd959853b72bb5b977112896334a50ddfc1c0b4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Jun 2019 16:16:51 GMT
content-encoding: gzip
age: 50659
x-cache: Hit from cloudfront
status: 200
content-length: 4760
last-modified: Thu, 27 Jun 2019 16:15:33 GMT
server: nginx
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 9edca61f65102033971d096a9351690a.cloudfront.net (CloudFront)
x-cache-hit: MISS
x-amz-cf-pop: FRA53
x-amz-cf-id: ScFkgzqriRKjqj7H09QniqlCFXU4L7rgFDHmBYDdjpk_ePDa7Yco6g==
expires: Fri, 28 Jun 2019 16:16:51 GMT

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 17 KB
6 KB 213ms
12ms Script
application/javascript 2606:4700::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js?adrupt.js

Requested by

Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/adrupt-options/dist/js/adrupt.ads.min.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/kaspersky-taboola-ads/assets/js/start.js,wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/threatpost-2018/assets/js/main.js,wp-content/themes/threatpost-2018/assets/js/loadmore.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=d70c9359

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 01 Jul 2019 06:41:34 GMT
content-encoding: br
cf-cache-status: HIT
age: 6597236
cf-ray: 4ef6651ddb3dd6d9-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
last-modified: Thu, 17 May 2018 09:26:22 GMT
server: cloudflare
etag: W/"5afd4abe-45f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 20 Jun 2020 06:41:34 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.013

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 65 KB
22 KB 109ms
15ms Script
application/javascript 2a00:1450:4001:825::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Requested by

Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bdd168b1e568bcc554ce5127e1bad370c9e22af4a95d10e3270e73e13594bfe7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 01 Jul 2019 06:41:34 GMT
content-encoding: br
last-modified: Mon, 01 Jul 2019 06:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 22315
x-xss-protection: 0
expires: Mon, 01 Jul 2019 06:41:34 GMT

GET
H/1.1 200
OK icons.svg
threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/ 11 KB
4 KB 391ms
94ms Other
image/svg+xml 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/icons.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 76ba07e059d9e2113f9c940f1a31efc95bd9d5badd68bbc3637177e892a08099

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Mon, 01 Jul 2019 06:41:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jun 2019 16:15:35 GMT
Server: nginx
ETag: W/"5d14eba7-2b9f"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Mon, 08 Jul 2019 06:41:34 GMT

GET
H/1.1 200
OK photo-newsletter.jpg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 83 KB
83 KB 486ms
196ms Image
image/jpeg 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/photo-newsletter.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 940e0c3385928422aae38e1a74f1d84b462d8ce1a056c686fde505a0bf3162bb

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Mon, 01 Jul 2019 06:41:34 GMT
Last-Modified: Thu, 27 Jun 2019 16:15:35 GMT
Server: nginx
ETag: "5d14eba7-14c88"
Content-Type: image/jpeg
Cache-Control: max-age=604800, public
Connection: close
Accept-Ranges: bytes
Content-Length: 85128
Expires: Mon, 08 Jul 2019 06:41:34 GMT

GET
H/1.1 200
OK icons.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/ 11 KB
4 KB 287ms
98ms Other
image/svg+xml 35.173.160.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/icons.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 76ba07e059d9e2113f9c940f1a31efc95bd9d5badd68bbc3637177e892a08099

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Mon, 01 Jul 2019 06:41:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jun 2019 16:15:35 GMT
Server: nginx
ETag: W/"5d14eba7-2b9f"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Mon, 08 Jul 2019 06:41:34 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
481 B 91ms
71ms Script
application/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=threatpost.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 01 Jul 2019 06:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
481 B 87ms
68ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=threatpost.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 01 Jul 2019 06:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190624/r20190131/ 212 KB
79 KB 85ms
68ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190624/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4b444317c2b3faac29f7d48f00fa0567857f5a938acfb14d297221571f331ff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 01 Jul 2019 06:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 80251
x-xss-protection: 0
server: cafe
etag: 13398289240854052701
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Jul 2019 06:41:34 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190624/r20190131/ Frame 35DE 212 KB
79 KB 30ms
25ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190624/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4b444317c2b3faac29f7d48f00fa0567857f5a938acfb14d297221571f331ff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 01 Jul 2019 06:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 80251
x-xss-protection: 0
server: cafe
etag: 13398289240854052701
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Jul 2019 06:41:34 GMT

GET
H2 200 ca-pub-7500593236707325.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 108 B
270 B 12ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7500593236707325.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

617229202229089622770a111fef4f514877475b89056525185a70e0cbc5bc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 30 Jun 2019 20:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 Jun 2019 22:05:52 GMT
server: sffe
age: 35144
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 118
x-xss-protection: 0
expires: Mon, 01 Jul 2019 08:55:50 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190624/r20190131/ Frame A12D 0
0 83ms
70ms Document
text/html 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190624/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190624/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 25 Jun 2019 14:30:27 GMT
expires: Tue, 09 Jul 2019 14:30:27 GMT
content-type: text/html; charset=UTF-8
etag: 4625795573468569833
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7045
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 490267
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/v1561357937155/ 264 KB
92 KB 17ms
5ms Script
text/javascript 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1561357937155/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6545c4d7e7c4fa643fb3dbc74cdb699d9289b83a4882bb8625206974a547c4f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 18:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jun 2019 19:15:00 GMT
server: sffe
age: 390110
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 94224
x-xss-protection: 0
expires: Thu, 25 Jun 2020 18:19:45 GMT

GET analytics.js
www.google-analytics.com/ 0
0

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 12 KB
6 KB 114ms
7ms Script
application/x-javascript 91.228.74.247
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.247 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 01 Jul 2019 06:41:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01-Jul-2019 06:41:35 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Mon, 08 Jul 2019 06:41:35 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 24ms
5ms Script
application/javascript 151.101.112.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 01 Jul 2019 06:41:35 GMT
content-encoding: gzip
age: 26055
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-hhn4040-HHN
last-modified: Tue, 23 Jan 2018 19:05:33 GMT
x-timer: S1561963295.472833,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 000D 0
0 92ms
80ms Document
text/html 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7500593236707325&output=html&adk=1812271804&adf=3025194257&lmt=1561963295&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2%2C6%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A32904%2C9%3A32904%2C16%3A8388608%2C27%3A128%2C30%3A1081472%2C32%3A128&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fthreatpost.com%2Fransomware-a-persistent-scourge-requiring-corporate-action-now%2F145731%2F&ea=0&flash=0&pra=5&wgl=1&dt=1561963294665&bpp=106&bdt=12412&fdt=789&idt=789&shv=r20190624&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=4133453673733&frm=20&pv=2&ga_vid=1680072394.1561963295&ga_sid=1561963295&ga_hid=1364745359&ga_fc=0&iag=0&icsg=8585888&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21061796&oid=3&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=272949454&ifi=0&uci=0.g743yk7qd1e5&fsb=1&dtd=889

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190624/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7500593236707325&output=html&adk=1812271804&adf=3025194257&lmt=1561963295&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2%2C6%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A32904%2C9%3A32904%2C16%3A8388608%2C27%3A128%2C30%3A1081472%2C32%3A128&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fthreatpost.com%2Fransomware-a-persistent-scourge-requiring-corporate-action-now%2F145731%2F&ea=0&flash=0&pra=5&wgl=1&dt=1561963294665&bpp=106&bdt=12412&fdt=789&idt=789&shv=r20190624&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=4133453673733&frm=20&pv=2&ga_vid=1680072394.1561963295&ga_sid=1561963295&ga_hid=1364745359&ga_fc=0&iag=0&icsg=8585888&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21061796&oid=3&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=272949454&ifi=0&uci=0.g743yk7qd1e5&fsb=1&dtd=889
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 01 Jul 2019 06:41:36 GMT
server: cafe
content-length: 44
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 01-Jul-2019 06:56:36 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires: Mon, 01 Jul 2019 06:41:36 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 75 KB
28 KB 180ms
100ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190624/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0442d471ca548ada0359e9018301096dbbaa2ac847494384fc77402a104f38bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 01 Jul 2019 06:41:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1561720557756351"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28204
x-xss-protection: 0
expires: Mon, 01 Jul 2019 06:41:35 GMT

GET
H2 200 rules-p-CRy9tA-v0aTsa.js Show response
rules.quantcount.com/ 6 KB
2 KB 96ms
7ms Script
application/x-javascript 2600:9000:2047:ea00:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-CRy9tA-v0aTsa.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:ea00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e6714bd0f978b1eeb773e412c0b49ae81bf864244cd87ffe8467c5f9d6b0a7f

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 01 Jul 2019 05:55:19 GMT
content-encoding: gzip
last-modified: Fri, 01 Feb 2019 11:56:17 GMT
server: AmazonS3
age: 2835
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA53
x-amz-cf-id: bcccWW7fWjz5a3Bdu1TfKCQg3prttE3XMle31j_YqCSjyA1qSCba-w==
via: 1.1 3283735112d0a322451d32ef038129c9.cloudfront.net (CloudFront)

GET
H2 200 adsct
t.co/i/ 43 B
487 B 180ms
167ms Image
image/gif 104.244.42.5
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 01 Jul 2019 06:41:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 118
pragma: no-cache
last-modified: Mon, 01 Jul 2019 06:41:35 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 24844ade8b7a329657dab3a3b451c170
x-transaction: 00db9dfd00626e86
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 7FE6 0
0 39ms
27ms Document
text/html 2a00:1450:4001:819::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=v1561357937155&theme=standard&size=normal&cb=d5wqjmbub9xr

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1561357937155/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q9VNclUgBllaS0EN7F96/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=v1561357937155&theme=standard&size=normal&cb=d5wqjmbub9xr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 01 Jul 2019 06:41:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-q9VNclUgBllaS0EN7F96/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10049
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H/1.1 200
OK pixel;r=1860978032;labels=_fp.event.Threatpost%20Articles%2C_fp.channel.Threatpost;rf=0;a=p-CRy9tA-v0aTsa;url=https%3A%2F%2Fthreatpost.com%2Fransomware-a-persistent-scourge-requiring-corporate-acti...
pixel.quantserve.com/ 35 B
620 B 111ms
8ms Image
image/gif 91.228.74.190
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=1860978032;labels=_fp.event.Threatpost%20Articles%2C_fp.channel.Threatpost;rf=0;a=p-CRy9tA-v0aTsa;url=https%3A%2F%2Fthreatpost.com%2Fransomware-a-persistent-scourge-requiring-corporate-action-now%2F145731%2F;fpan=1;fpa=P0-928022849-1561963295859;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1561963295858;tzo=-120;ogl=image.https%3A%2F%2Fmedia%252Ethreatpost%252Ecom%2Fwp-content%2Fuploads%2Fsites%2F103%2F2019%2F06%2F14143144%2Fbroke%2Ctype.article%2Ctitle.Ransomware%3A%20A%20Persistent%20Scourge%20Requiring%20Corporate%20Action%20Now%2Cdescription.ASCO%20is%20the%20latest%20headline-making%20organization%20to%20be%20hit%20by%20ransomware%252C%20prompti%2Curl.https%3A%2F%2Fthreatpost%252Ecom%2Fransomware-a-persistent-scourge-requiring-corporate-actio
Requested by: Host: threatpost.com
URL: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.190 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Jul 2019 06:41:35 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame E2D1 0
0 29ms
28ms Document
text/html 2a00:1450:4001:819::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1561357937155&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=chapdh31hmgb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1561357937155/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Sk5UcxTk8AiKHE9PiLuDoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=v1561357937155&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=chapdh31hmgb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 01 Jul 2019 06:41:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-Sk5UcxTk8AiKHE9PiLuDoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1116
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
672 B 364ms
143ms Script
application/javascript 104.244.42.3
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fransomware-a-persistent-scourge-requiring-corporate-action-now%2F145731%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://threatpost.com/ransomware-a-persistent-scourge-requiring-corporate-action-now/145731/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 01 Jul 2019 06:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 118
pragma: no-cache
last-modified: Mon, 01 Jul 2019 06:41:38 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f0e913ec311bf1b517011ccab8e2e10a
x-transaction: 005e81e700049b90
expires: Tue, 31 Mar 1981 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1561652134

Domain: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

Domain: threatpost.com
URL: https://threatpost.com/wp-content/plugins/adrupt-options/dist/css/adrupt_style.css

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 01:52:44	Name: test_cookie Value: CheckForPermission
			.threatpost.com/	1970-01-19 11:17:12	Name: __qca Value: P0-928022849-1561963295859

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
analytics.twitter.com
assets.threatpost.com
cdnjs.cloudflare.com
googleads.g.doubleclick.net
i0.wp.com
kasperskycontenthub.com
media.threatpost.com
pagead2.googlesyndication.com
pixel.quantserve.com
rules.quantcount.com
secure.gravatar.com
secure.quantserve.com
static.ads-twitter.com
t.co
threatpost.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
threatpost.com
www.google-analytics.com
104.244.42.3
104.244.42.5
151.101.112.157
192.0.77.2
2600:9000:2047:3200:2:9275:3d40:93a1
2600:9000:2047:e00:0:5c46:4f40:93a1
2600:9000:2047:ea00:6:44e3:f8c0:93a1
2606:4700::6813:c397
2606:4700::6813:c697
2a00:1450:4001:806::2002
2a00:1450:4001:818::2003
2a00:1450:4001:819::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:825::2002
2a00:1450:4001:825::2008
2a04:fa87:fffe::c000:4902
35.173.160.135
91.228.74.190
91.228.74.247
0442d471ca548ada0359e9018301096dbbaa2ac847494384fc77402a104f38bc
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0590be5083a6babff6571bd27f87886c08720e623045c8aae01bc54054c26219
2642d89ee8c2d504bcbaf5df8c7e9d1d28589b8e3a1c190cf385bd08bb00c097
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
410b779a8e4c4f63400c25eed0267a71a59e0ab805002a532cb8dc23396fe314
4b444317c2b3faac29f7d48f00fa0567857f5a938acfb14d297221571f331ff2
60f7c04e003009ea44b161f7a8c4c76f14ae490a3937ceaaf1be52e1a7e8aa60
617229202229089622770a111fef4f514877475b89056525185a70e0cbc5bc95
6545c4d7e7c4fa643fb3dbc74cdb699d9289b83a4882bb8625206974a547c4f8
72cb98f40699839578809f549902265794ea6bee09295a41728756891e9d8709
76ba07e059d9e2113f9c940f1a31efc95bd9d5badd68bbc3637177e892a08099
873f98d628677ccfc9691f96943269e5ea54261ed80d8f15fb680141315989d9
89ce08431545cd3c6d42419d99ee0152027a68c1d0c7c82838cc9a51d9d52451
91171b94e2042f5ce1717d8c114be50a1f668a16016fb42e2b744d142e5eee4c
925492cde6491b3677bd407903d9a1222a308c26a4d78199f9d32f07b210e945
940e0c3385928422aae38e1a74f1d84b462d8ce1a056c686fde505a0bf3162bb
9e6714bd0f978b1eeb773e412c0b49ae81bf864244cd87ffe8467c5f9d6b0a7f
a0c66c78810f19e6797abc5bdbaf550ac3a984a694676d93973d58ff40bba78f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a233c4304fff9656e7f38056edc518a6033d14356a98fe256eb6e6865ce94285
a783d2ad42c380bc896219c080fa845d1e9f2e77483558103aeb296b95b85701
a9f6c03ce6f4d1654f29f2136651e883198d509cb2e26af1c24b1f87b6ccae13
aa64fa30a3263fa3105736228a6feaaa4f7d32d8ef96b12e56f6fb95511b66a7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b31f6b14778fbbe272430be354513357a8a7aaebf77a5b50e761b7040ed303ae
bdd168b1e568bcc554ce5127e1bad370c9e22af4a95d10e3270e73e13594bfe7
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c8e512667c95dc925585aa2b05f858b8d7ddbf8810cb61f6f14049e6e9812b00
da4040a851b674597ac8957a25f6551524d1605617584bcc58d77fc1bd050af7
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3852329019e5662acec7d5a335114e80c30593602bd09bb65487872586f00f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e697ae92648ccad15ada450ecbd959853b72bb5b977112896334a50ddfc1c0b4
e7d9828ae6f573226c7d20873071b6c10f7c2064c667759f1df6b0440abc3483
e8c0730b4f5f7d9638e4adf30b6ffebdcf04fe82456c0f4038733705c8e2c029

threatpost.com Open in urlscan Pro 35.173.160.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

50 Requests

92 %HTTPS

65 %IPv6

18 Domains

22 Subdomains

20 IPs

4 Countries

793 kBTransfer

1657 kBSize

2 Cookies

22 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

92 %
HTTPS

65 %
IPv6

18
Domains

22
Subdomains

20
IPs

4
Countries

793 kB
Transfer

1657 kB
Size

2
Cookies

50 HTTP transactions
0 data transactions