www.delmartimes.net Open in urlscan Pro
13.224.95.70 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Submission: On May 14 via api (May 14th 2021, 2:15:28 am UTC) from US

Summary HTTP 51 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 13 domains to perform 51 HTTP transactions. The main IP is 13.224.95.70, located in United States and belongs to AMAZON-02, US. The main domain is www.delmartimes.net.
TLS certificate: Issued by Amazon on April 22nd 2021. Valid for: a year.

This is the only time www.delmartimes.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.224.95.70 13.224.95.70	16509 (AMAZON-02) (AMAZON-02)
18	13.224.95.118 13.224.95.118	16509 (AMAZON-02) (AMAZON-02)
11	3.124.173.63 3.124.173.63	16509 (AMAZON-02) (AMAZON-02)
3	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	13.32.6.66 13.32.6.66	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 4	13.224.95.46 13.224.95.46	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:4e00:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	18.235.237.134 18.235.237.134	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
51	17

1 13.224.95.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-70.zrh50.r.cloudfront.net

www.delmartimes.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 13.224.95.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-118.zrh50.r.cloudfront.net

ca-times.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 3.124.173.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com

activate.platform.californiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
activate.delmartimes.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.6.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-6-66.vie50.r.cloudfront.net

libs.platform.californiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.95.46 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-46.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:4e00:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.237.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-237-134.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	brightspotcdn.com ca-times.brightspotcdn.com	547 KB
12	californiatimes.com activate.platform.californiatimes.com libs.platform.californiatimes.com	126 KB
4	google-analytics.com www.google-analytics.com	22 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com	2 KB
3	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	128 KB
2	google.de ampcid.google.de www.google.de	575 B
2	google.com ampcid.google.com www.google.com	646 B
2	facebook.net connect.facebook.net	66 KB
2	delmartimes.net www.delmartimes.net activate.delmartimes.net	55 KB
1	chartbeat.net ping.chartbeat.net	169 B
1	chartbeat.com static.chartbeat.com	14 KB
1	googlesyndication.com pagead2.googlesyndication.com	6 KB
1	googleapis.com ajax.googleapis.com	31 KB
51	13

	Domain	Requested by
18	ca-times.brightspotcdn.com	www.delmartimes.net
10	activate.platform.californiatimes.com	www.delmartimes.net activate.platform.californiatimes.com
4	www.google-analytics.com	activate.platform.californiatimes.com www.delmartimes.net
4	sb.scorecardresearch.com	2 redirects www.delmartimes.net
2	connect.facebook.net	activate.platform.californiatimes.com
2	libs.platform.californiatimes.com	www.delmartimes.net
2	securepubads.g.doubleclick.net	www.delmartimes.net activate.platform.californiatimes.com
1	www.google.de	www.delmartimes.net
1	www.google.com	www.delmartimes.net
1	stats.g.doubleclick.net	activate.platform.californiatimes.com
1	ampcid.google.de	activate.platform.californiatimes.com
1	ping.chartbeat.net	www.delmartimes.net
1	ampcid.google.com	activate.platform.californiatimes.com
1	static.chartbeat.com	activate.platform.californiatimes.com
1	activate.delmartimes.net	www.delmartimes.net
1	pagead2.googlesyndication.com	activate.platform.californiatimes.com
1	ajax.googleapis.com	www.delmartimes.net
1	www.delmartimes.net
51	18

This site contains links to these domains. Also see Links.

Domain
www.legacy.com
secure.adpay.com
issuu.com
enewspaper.solanabeachsun.com
cv-enewspaper.delmartimes.net
enewspaper.delmartimes.net
www.sandiegouniontribune.com
www.facebook.com
twitter.com
www.lajollalight.com
www.presspatron.com

Subject Issuer	Validity	Valid
*.prod.ca-times.psdops.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
cdn.ca-times.psdops.com Amazon	`2020-10-16` - `2021-11-15`	a year	crt.sh
activate.platform.californiatimes.com Go Daddy Secure Certificate Authority - G2	`2019-09-24` - `2021-09-24`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.platform.californiatimes.com Amazon	`2020-06-16` - `2021-07-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
activate.latimes.com Go Daddy Secure Certificate Authority - G2	`2021-03-31` - `2022-05-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Frame ID: 7C8FA701D1F3197A2F26C745DA2C3E72
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

51
Requests

100 %
HTTPS

56 %
IPv6

13
Domains

18
Subdomains

17
IPs

3
Countries

995 kB
Transfer

2532 kB
Size

9
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.legacy.com/obituaries/delmartimes/
Title: Obits

Search URL Search Domain Scan URL

URL: https://secure.adpay.com//searchresultsdisplay.aspx?p=9026&procid=c7832539-69c2-4c75-9b1a-49130e123f53
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://issuu.com/lajollalight2010/docs/dmvg_2019_issuu
Title: Del Mar Visitor Guide

Search URL Search Domain Scan URL

URL: https://enewspaper.solanabeachsun.com/
Title: Solana Beach Sun E-Newspaper

Search URL Search Domain Scan URL

URL: https://cv-enewspaper.delmartimes.net/
Title: Carmel Valley E-Newspaper

Search URL Search Domain Scan URL

URL: https://enewspaper.delmartimes.net/
Title: Del Mar Times E-Newspaper

Search URL Search Domain Scan URL

URL: https://www.sandiegouniontribune.com/privacy-policy#california-notice-of-collection
Title: CA Notice of Collection

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=125832154430708&display=popup&href=https%3A%2F%2Fwww.delmartimes.net%2Fnews%2Fstory%2F2021-05-05%2Fransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.delmartimes.net%2Fnews%2Fstory%2F2021-05-05%2Fransomware-shutdown-continues-to-be-a-problem-for-scripps-health&text=Ransomware%20shutdown%20continues%20to%20be%20a%20problem%20for%20Scripps%20Health
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.sandiegouniontribune.com/sdut-paul-sisson-staff.html
Title: Paul Sisson

Search URL Search Domain Scan URL

URL: https://www.lajollalight.com/news
Title: News

Search URL Search Domain Scan URL

URL: https://www.lajollalight.com/news/story/2021-05-02/scripps-health-targeted-by-cyberattack
Title: Scripps Health targeted by cyberattack

Search URL Search Domain Scan URL

URL: https://twitter.com/paulsisson
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SDUTHealth
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.presspatron.com/delmartimes.html
Title: Support local journalism

Search URL Search Domain Scan URL

URL: https://www.sandiegouniontribune.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.sandiegouniontribune.com/terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mydelmartimes/
Title: facebook

Search URL Search Domain Scan URL

URL: https://secure.adpay.com/searchresultsdisplay.aspx?p=9026&procid=c7832539-69c2-4c75-9b1a-49130e123f53
Title: Classifieds

Search URL Search Domain Scan URL

URL: http://enewspaper.solanabeachsun.com/
Title: Solana Beach Sun E-Newspaper

Search URL Search Domain Scan URL

URL: http://cv-enewspaper.delmartimes.net/
Title: Carmel Valley E-Newspaper

Search URL Search Domain Scan URL

URL: http://enewspaper.delmartimes.net/
Title: Del Mar Times E-Newspaper

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://sb.scorecardresearch.com/b?c1=2&c2=29820151&ns__t=Fri%20May%2014%202021%2004:15:09%20GMT+0200%20(Central%20European%20Summer%20Time)&ns_c=UTF-8&c8=Ransomware%20shutdown%20continues%20to%20be%20a%20problem%20for%20Scripps%20Health%20-%20Del%20Mar%20Times&c7=https%3A%2F%2Fwww.delmartimes.net%2Fnews%2Fstory%2F2021-05-05%2Fransomware-shutdown-continues-to-be-a-problem-for-scripps-health&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=29820151&ns__t=Fri%20May%2014%202021%2004%3A15%3A09%20GMT%200200%20(Central%20European%20Summer%20Time)&ns_c=UTF-8&c8=Ransomware%20shutdown%20continues%20to%20be%20a%20problem%20for%20Scripps%20Health%20-%20Del%20Mar%20Times&c7=https%3A%2F%2Fwww.delmartimes.net%2Fnews%2Fstory%2F2021-05-05%2Fransomware-shutdown-continues-to-be-a-problem-for-scripps-health&c9=

Request Chain 37

https://sb.scorecardresearch.com/c2/29820151/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

51 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ransomware-shutdown-continues-to-be-a-problem-for-scripps-health Show response
www.delmartimes.net/news/story/2021-05-05/ 318 KB
54 KB 1153ms
1051ms Document
text/html 13.224.95.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.95.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-95-70.zrh50.r.cloudfront.net

Software

Apache Tomcat / Brightspot

Resource Hash

f13939cb7a684e424a07b29d2b5d7edbe7d7d03425db78608701af2af65d56b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:method: GET
:authority: www.delmartimes.net
:scheme: https
:path: /news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html;charset=UTF-8
cache-control: max-age=180
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
date: Fri, 14 May 2021 02:15:07 GMT
server: Apache Tomcat
x-powered-by: Brightspot
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: ZVsl_bOd6F_D4eIi9KFHiHbrYXbVE9SxtyYVJHicz64fKPavx-EQIA==

GET
H2 200 styles-creative.min.3ae67a8cfe5b0e288025024665d4e1ac.gz.css
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/ 241 KB
38 KB 113ms
39ms Stylesheet
text/css 13.224.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/styles-creative.min.3ae67a8cfe5b0e288025024665d4e1ac.gz.css
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-118.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 474cf96639b913d82cc8ddaa86d4147688f9bb40dd4469abd4f360d34a5d1300

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 22:11:30 GMT
content-encoding: gzip
age: 1224219
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 38887
last-modified: Thu, 29 Apr 2021 22:05:01 GMT
server: AmazonS3
etag: "2f49eea6ed9c42c27c49a982d0ebdffb"
x-amz-version-id: U7mqbCRl5Dh06UtRyhfcYQ0CKRo8t3wl
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: 8q3oKtqToQl1wUxNZ0XK_tbC_H-tNDmbI1VuDiZIvfF-FFoM72fi9w==

GET
H2 200 Core.min.b347521f5fd8b65169ea7242c1a0ea13.gz.js Show response
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/ 82 KB
18 KB 129ms
62ms Script
text/javascript 13.224.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/Core.min.b347521f5fd8b65169ea7242c1a0ea13.gz.js
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-118.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e025d564837c49fe19deaec1dd96cca7b9f343dc6bab0ca18a50a4fe5638b809

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 22:08:38 GMT
content-encoding: gzip
age: 101191
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17572
last-modified: Wed, 12 May 2021 20:39:21 GMT
server: AmazonS3
etag: "fa6bcf2cf4669bd0af727ccfb8a184d0"
x-amz-version-id: N61BqBACifBtudfmQhj0aG6xc.lg4KVL
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: text/javascript
x-amz-cf-id: AMEAcGKzn3rhsYfCdyNm2L33Lp3jG0hb_buqbsj25H___Hl06MZPIg==

GET
H2 200 Bootstrap.js Show response
activate.platform.californiatimes.com/caltimes/delmartimes/ 415 KB
93 KB 112ms
48ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://activate.platform.californiatimes.com/caltimes/delmartimes/Bootstrap.js
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 41b56391a3bcb6166d36d0ad707cc610d83c93a95b123cd7830ba69ef743b18c

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 02:15:08 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 16:13:02 GMT
server: nginx
etag: W/"6094158e-67a48"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 98ms
39ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

f48af33787a4da5addab5af30804dbdbc54025d85eb7997a39de6ed8bd28fce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 02:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "871 / 67 of 1000 / last-modified: 1620943744"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21315
x-xss-protection: 0
expires: Fri, 14 May 2021 02:15:08 GMT

GET
H2 200 latest.js Show response
libs.platform.californiatimes.com/modalityjs/ 17 KB
4 KB 112ms
37ms Script
application/javascript 13.32.6.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.platform.californiatimes.com/modalityjs/latest.js
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.6.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-6-66.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: faf9d8a0aaad67f389822224a487c77856849cbb97d4d5b37527f72fb676cf0e

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 02:12:18 GMT
content-encoding: br
etag: W/"50f13461b0b5d380ad78f2cc5824e047"
last-modified: Tue, 09 Mar 2021 00:31:37 GMT
server: AmazonS3
age: 519
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: p9NyOlnTpMJrEyluDgi4rQNqxTLAPPPkNn2SGhuibhk5rGtJGPVefw==

GET
H2 200 latest.js Show response
libs.platform.californiatimes.com/newsletter-campaign-manager/ 27 KB
7 KB 38ms
35ms Script
application/javascript 13.32.6.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.platform.californiatimes.com/newsletter-campaign-manager/latest.js
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.6.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-6-66.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c419f753d2f4b332cc37d7b0a14326da3bf8b522d34d988ecd97d83f88f73d8

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 02:03:16 GMT
content-encoding: br
etag: W/"75220d72201cbc019c7f526e614e2c06"
last-modified: Fri, 07 May 2021 18:50:13 GMT
server: AmazonS3
age: 828
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: nKgXIIRQeNKkxNuoHsX5hNrvQZePDyztAq4OcbiwcRT7cjhUYYhgKw==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 11:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399867
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 May 2022 11:10:41 GMT

GET
H2 200 del-mar-times-sbs-cvn.svg
ca-times.brightspotcdn.com/72/72/807623854ba0b72c783a60f33352/ 27 KB
27 KB 41ms
39ms Image
image/svg+xml 13.224.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-times.brightspotcdn.com/72/72/807623854ba0b72c783a60f33352/del-mar-times-sbs-cvn.svg
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-118.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: beae4f0dc1480bf0f9f686b0b70858f79bc5fe793a0d2bf64670392e5f101e84

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 07:32:22 GMT
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
last-modified: Thu, 28 Feb 2019 15:02:15 GMT
server: AmazonS3
age: 9052967
etag: "7876e87de1db1e489e8889beec45b9bd"
x-cache: Hit from cloudfront
x-amz-version-id: 6PlYSjuMvi0QC1yyAQdQkIYVm5sPUyb8
cache-control: public, max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 27311
x-amz-cf-id: JmATaaXqOhSD87Fq4jrn_c8Ikl66749Mt29fA1eB4zV3PWBj16r9Og==

GET
H2 200 /
ca-times.brightspotcdn.com/dims4/default/7b35ca0/2147483647/strip/true/crop/5040x3360+0+0/resize/840x560!/format/webp/quality/90/ 76 KB
77 KB 990ms
988ms Image
image/webp 13.224.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-times.brightspotcdn.com/dims4/default/7b35ca0/2147483647/strip/true/crop/5040x3360+0+0/resize/840x560!/format/webp/quality/90/?url=https%3A%2F%2Fcalifornia-times-brightspot.s3.amazonaws.com%2F43%2F57%2F9cf157a14674817a30211a6714dd%2Fsd-photos-1staff-725258-sd-me-vaccine-sheriff-swh0005.JPG
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-118.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: 56f9f2e33fb21c580d6ba2fec273f9553803ae3f5d183b7b7af35d5ac19a6723

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 02:15:09 GMT
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: ZRH50-C1
etag: 725cca0c01fc5a09852d80792be0ff0f
x-cache: Miss from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 78160
x-amz-cf-id: xBustZsciDk86JscO018m9_G1gSzn50fRYu4g-lmT7TRaqZqUfESlw==
expires: Sat, 14 May 2022 02:15:09 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 25ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/delmartimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe83c90a0aeb2c558f23e054821eb26dd7e5f1b3349cbc73932e189cdc728cc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: VQYPc1M5TWU4FAE+CZ64OQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: qRfsX61z4XStNpc3mdtrj05Bf8zax4yNLGNs0I5BTyxWcI/8Gj/vI4yv+izHTutjn8pppgRLDmgrwnZE30EvPw==
x-fb-trip-id: 686109401
x-fb-content-md5: 46f92f20ca7da6d0e69cb12b477170bd
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 14 May 2021 02:15:08 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "ecfa610b1bb664a2e50120de9558830f"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 14 May 2021 02:23:23 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 204 1.gif
activate.platform.californiatimes.com/privacy/v1/b/ 0
106 B 34ms
31ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/privacy/v1/b/1.gif?n=0&c=2715&i=8vkpow&p=delmartimes&s=312&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNDQUAPAlY2xpZW50SWQiOjI3MTUsInB1Ymxpc2hQYXRoIjoiZGVsbWFydGltZXMiLCJpbnN0YW5jZS4A8k4iOHZrcG93IiwicGFja2V0IjowLCJtb2RlIjoiZW5mb3JjZSIsImNvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6Im5vbmUiLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS3APAIIiwic3RhcnQiOjE2MjA5NTg1MDg4NzZJAKBkIjotMSwic291aAAiOiIrAEF0dXMiDABgcmVhc29uVADUXSwiZGF0YVBhdHRlchIA8A1saXN0IjpbXSwidHlwZSI6ImJpbGxpbmcifV19
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 02:15:08 GMT
cache-control: no-cache, no-store
server: nginx
expires: Fri, 14 May 2021 02:15:07 GMT

GET
H2 200 BentonGothic-Medium.0af2a448f6d58f8dd85f039eba38b50f.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/ 14 KB
15 KB 131ms
56ms Font
application/octet-stream 13.224.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/BentonGothic-Medium.0af2a448f6d58f8dd85f039eba38b50f.woff2
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-118.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d12680bfc77396330439d134956e2f0c67c5ef889ad0b9396e5e22bba81dfdb

Request headers

Origin: https://www.delmartimes.net
Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 00:32:35 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
vary: Origin
age: 2598155
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 14336
last-modified: Thu, 07 May 2020 19:28:36 GMT
server: AmazonS3
etag: "28ac691e5e6e27bbe25e29d7b864978b"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: P_Pz7NQ4dM8572jJobfHdniAHPA4pbz4
access-control-allow-origin: https://www.delmartimes.net
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: ZOjus7Q7wlfugz2q3sY9IzoSmMugk29OzFZZxc80FIN2wIcrrR46RQ==

GET
H2 200 BentonGothic-Bold.0173e1397f3e876c231fe162dd06864a.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/ 14 KB
14 KB 127ms
52ms Font
application/octet-stream 13.224.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/BentonGothic-Bold.0173e1397f3e876c231fe162dd06864a.woff2
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-118.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c53ea495e43386054567a488d1e6e03f8b93b0bfb4cd85602212df7bf182a7ea

Request headers

Origin: https://www.delmartimes.net
Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:57:26 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
vary: Origin
age: 1336664
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 14180
last-modified: Thu, 07 May 2020 19:28:36 GMT
server: AmazonS3
etag: "4e123dc0e3e9bebc896cda50ed712ecf"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: vAsX.0H.a11CQTkYCEBS5Bh0UlciG0c9
access-control-allow-origin: https://www.delmartimes.net
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: oafE1LI78mIms-CfNLhmCO7FF36VdelqU5byB0J92YK3EKvb-d83hw==

GET
H2 200 Vollkorn-Regular.ee337abf17b9fa4ea5b685b1d7d38521.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/ 111 KB
112 KB 150ms
76ms Font
application/octet-stream 13.224.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/Vollkorn-Regular.ee337abf17b9fa4ea5b685b1d7d38521.woff2
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-118.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd75aa1890ab86fafc043907ebddf99a78bc09a8ea922850e8336c68d4c4e01a

Request headers

Origin: https://www.delmartimes.net
Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 00:32:35 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
vary: Origin
age: 2598155
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 113768
last-modified: Thu, 07 May 2020 19:28:38 GMT
server: AmazonS3
etag: "8871b2b13e165eb201f124876efdd216"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: ._C.4hiq2kc.FAMyIv.P2qlvx9dOKexz
access-control-allow-origin: https://www.delmartimes.net
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: C9TDopgMjs5uPVsJsmIGUPOvMJ9X_2TB1FPom0tVmDjqGU1xSJDC5Q==

GET
H2 200 serverComponent.php Show response
activate.platform.californiatimes.com/caltimes/delmartimes/ 2 KB
986 B 44ms
43ms Script
text/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://activate.platform.californiatimes.com/caltimes/delmartimes/serverComponent.php?r=213220402.60362974&namespace=CalTimes&staticJsPath=activate.platform.californiatimes.com/caltimes/delmartimes/code/&publishedOn=Thu%20May%2006%2016:12:42%20GMT%202021&ClientID=2715&PageID=https%3A%2F%2Fwww.delmartimes.net%2Fnews%2Fstory%2F2021-05-05%2Fransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/delmartimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a5e092896c35be0cef791d941ccb1c71fc241f69314eb4e8861549cd25cd91dd

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 02:15:09 GMT
cache-control: no-cache, no-store
content-type: text/javascript
server: nginx
content-encoding: gzip
vary: Accept-Encoding
expires: Fri, 14 May 2021 02:15:08 GMT

GET
H2 200 Vollkorn-SemiBold.5a3fc99611ba75088e22df7e246c8cea.woff2
ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/ 118 KB
118 KB 51ms
49ms Font
application/octet-stream 13.224.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ca-times.brightspotcdn.com/resource/0000016e-6bb5-d505-abef-fbb7e4420000/styleguide/assets/Vollkorn-SemiBold.5a3fc99611ba75088e22df7e246c8cea.woff2
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-118.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13df5799b5e8aa7d7bb9ff94595bce56f960fbffa1d29d0a810a17418b184a19

Request headers

Origin: https://www.delmartimes.net
Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 00:32:35 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
vary: Origin
age: 2598155
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 120552
last-modified: Thu, 07 May 2020 19:28:38 GMT
server: AmazonS3
etag: "9bdeeba11f408d3aaf06be4cff20d00f"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: fPhdG0seIFQXCIEzKCMfdgTvya6.Cnvl
access-control-allow-origin: https://www.delmartimes.net
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: 5CSP4iZENE85AMeu30OqQXPoS_a56KKVkiPwMO66gPC6XiqIzEDn3w==

GET
H2 200 /
ca-times.brightspotcdn.com/dims4/default/05ec64a/2147483647/strip/true/crop/6214x4143+0+123/resize/840x560!/format/webp/quality/90/ 42 KB
42 KB 1451ms
1450ms Image
image/webp 13.224.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-times.brightspotcdn.com/dims4/default/05ec64a/2147483647/strip/true/crop/6214x4143+0+123/resize/840x560!/format/webp/quality/90/?url=https%3A%2F%2Fcalifornia-times-brightspot.s3.amazonaws.com%2F5a%2F74%2Fc8a789ee4435b7fe5a57462bd5f2%2F511470-sd-me-scripps-tent-coronavirus-hl-011.jpg
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-118.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: 7b2f2e8215456822f8cd90d5c69234461baad3bd2e85b00fb5251ad9004c5db5

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 02:15:09 GMT
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: ZRH50-C1
etag: bd9113dc5ec5998c9c98ab82d85346e6
x-cache: Miss from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 42670
x-amz-cf-id: AO_6MMFc3_rHyVIWr5clhZcS3Uela31BEJ1wIxI1aTKeHQmF18xPjA==
expires: Sat, 14 May 2022 02:15:10 GMT

GET
H2 200 /
ca-times.brightspotcdn.com/dims4/default/d129b4b/2147483647/strip/true/crop/625x417+0+0/resize/840x560!/format/webp/quality/90/ 9 KB
9 KB 75ms
75ms Image
image/webp 13.224.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-times.brightspotcdn.com/dims4/default/d129b4b/2147483647/strip/true/crop/625x417+0+0/resize/840x560!/format/webp/quality/90/?url=https%3A%2F%2Fcalifornia-times-brightspot.s3.amazonaws.com%2F98%2Fd0%2Fa7577ef741fdaadb87e8207528fb%2Fbecome-a-supporter-delmart.jpg
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-118.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: 9be7d9f4a0623366c77008723f077fa4fec9d0fdf47b113c12d9a91e45824220

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 16:14:45 GMT
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
server: Apache
age: 36024
etag: 1b81d63516ee437c059fe2fe064ba480
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
x-robots-tag: nofollow
content-length: 9146
x-amz-cf-id: 4MVAn9ZyDwLSDNvLOSO2tccKXg6UwZjKt4KnlOQr19IO8K3klV0ybw==
expires: Fri, 13 May 2022 16:14:45 GMT

GET
H2 200 /
ca-times.brightspotcdn.com/dims4/default/ac1261a/2147483647/strip/true/crop/840x549+0+6/resize/320x209!/format/webp/quality/90/ 5 KB
5 KB 64ms
61ms Image
image/webp 13.224.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-times.brightspotcdn.com/dims4/default/ac1261a/2147483647/strip/true/crop/840x549+0+6/resize/320x209!/format/webp/quality/90/?url=https%3A%2F%2Fcalifornia-times-brightspot.s3.amazonaws.com%2F54%2Fb6%2Fc03baedf41cfb06472e416924ec9%2Fletter-to-the-editor-button-web.jpg
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-118.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: 241ec1b063e5e32c080295aaf50ef14de57a99685ad082e7daa1b567481c5f74

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 15:25:14 GMT
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
server: Apache
age: 38995
etag: 3cd6fff77c65698dc2714422e5d7b227
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
x-robots-tag: nofollow
content-length: 4900
x-amz-cf-id: Npr5_7WNUvRiys8eY6Wy7TXOVsDTrQzTD4yncbloaEnY5BL2ENTg9A==
expires: Fri, 13 May 2022 15:25:14 GMT

GET
H2 200 /
ca-times.brightspotcdn.com/dims4/default/1e18a7f/2147483647/strip/true/crop/840x560+0+0/resize/840x560!/format/webp/quality/90/ 34 KB
35 KB 56ms
54ms Image
image/webp 13.224.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-times.brightspotcdn.com/dims4/default/1e18a7f/2147483647/strip/true/crop/840x560+0+0/resize/840x560!/format/webp/quality/90/?url=https%3A%2F%2Fcalifornia-times-brightspot.s3.amazonaws.com%2F87%2F92%2Fcb61eee14ee9b15acf6572458f74%2Fvirtualhometours-button300dpi.jpg
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-118.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: 049aeb7301b64effe35461c68c1ca401911a609a2bad492f9f6bfdc3efd26e23

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 15:09:44 GMT
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
server: Apache
age: 39925
etag: 8a64099aa520496b3a7b432f18b556aa
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
x-robots-tag: nofollow
content-length: 35120
x-amz-cf-id: N7GvgyDEAuBE3mKJOOE6zpKyjGoduQHGi390cJtVNOC-SrMqG1QUDw==
expires: Fri, 13 May 2022 15:09:44 GMT

GET
H2 200 /
ca-times.brightspotcdn.com/dims4/default/95603d9/2147483647/strip/true/crop/3038x2025+202+0/resize/180x120!/format/webp/quality/90/ 9 KB
9 KB 557ms
555ms Image
image/webp 13.224.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-times.brightspotcdn.com/dims4/default/95603d9/2147483647/strip/true/crop/3038x2025+202+0/resize/180x120!/format/webp/quality/90/?url=https%3A%2F%2Fcalifornia-times-brightspot.s3.amazonaws.com%2F0c%2Ffb%2Fe244ca7d4c94be1f567c195b1853%2Fgs-lcc-adehaan2.jpg
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-118.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: 3fefd3a249184780556765e086c2e75fce2e4172a151ab4e80c7fcf06c3b5936

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 02:15:09 GMT
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: ZRH50-C1
etag: 96429a78643acb3a281d856fb68a258e
x-cache: Miss from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 9008
x-amz-cf-id: -W8hPYmMtPm7wiAGQzjWT2Oq6MAw1uKtSEIi_ppvYVOqUwUYuFzb3Q==
expires: Sat, 14 May 2022 02:15:09 GMT

GET
H2 200 /
ca-times.brightspotcdn.com/dims4/default/e9886f2/2147483647/strip/true/crop/312x208+208+0/resize/180x120!/format/webp/quality/90/ 3 KB
3 KB 71ms
69ms Image
image/webp 13.224.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-times.brightspotcdn.com/dims4/default/e9886f2/2147483647/strip/true/crop/312x208+208+0/resize/180x120!/format/webp/quality/90/?url=https%3A%2F%2Fcalifornia-times-brightspot.s3.amazonaws.com%2F9b%2Fad%2Fcef2739a44bba8de54ec2bb64c83%2F0506-bb-city-ballet.jpg
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-118.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: e76d9067d9b89ae068f2d6d84785ca9b3292a1189a1ab1ccd5762c8bddef4a81

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:17:25 GMT
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
server: Apache
age: 7064
etag: 8cfd15c49444c29898fbc760c2a200bd
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
x-robots-tag: nofollow
content-length: 3064
x-amz-cf-id: ZCxq1AfyKXUZ3tRm-JpfMvFqd5i2RJ-_kVJ5SLdEkc3dh7a34MSRpQ==
expires: Sat, 14 May 2022 00:17:25 GMT

GET
H2 200 /
ca-times.brightspotcdn.com/dims4/default/8636151/2147483647/strip/true/crop/5184x3456+0+0/resize/180x120!/format/webp/quality/90/ 6 KB
7 KB 59ms
57ms Image
image/webp 13.224.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-times.brightspotcdn.com/dims4/default/8636151/2147483647/strip/true/crop/5184x3456+0+0/resize/180x120!/format/webp/quality/90/?url=https%3A%2F%2Fcalifornia-times-brightspot.s3.amazonaws.com%2Fc2%2F4c%2Fbddccbe3417fa5c61942552162c0%2Fimg-6159.JPG
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-118.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: 024a17924f35f315f243e519b8401a1a7003a103a9f1b1db94e10551008bb1e8

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 19:08:00 GMT
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
server: Apache
age: 25628
etag: a5e1428906d4e7e591256d40fca8c4db
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
x-robots-tag: nofollow
content-length: 6386
x-amz-cf-id: EeGxNZC1oi0bSwRC1pE4i41BrC_VaaaWRTbedjCtzUuCXVNbPP0w0g==
expires: Fri, 13 May 2022 19:08:01 GMT

GET
H2 200 /
ca-times.brightspotcdn.com/dims4/default/11cc8a7/2147483647/strip/true/crop/902x601+0+2/resize/180x120!/format/webp/quality/90/ 5 KB
5 KB 69ms
68ms Image
image/webp 13.224.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-times.brightspotcdn.com/dims4/default/11cc8a7/2147483647/strip/true/crop/902x601+0+2/resize/180x120!/format/webp/quality/90/?url=https%3A%2F%2Fcalifornia-times-brightspot.s3.amazonaws.com%2Fd4%2F14%2F39be63d24c6da4323d19d552a457%2Fdavid-ellenstein.jpg
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-118.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: 4cb9c0e2d79f4a046fa629cd5ec15640461d1d9b8be2e18f1dd62539fa234797

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 19:08:01 GMT
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
server: Apache
age: 25628
etag: 2532362c5bc051b1cdb50a302c28c9a9
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
x-robots-tag: nofollow
content-length: 5100
x-amz-cf-id: v7fUOFep9c7xP6NTOwqyHfUt46ke_83bGYr3ytfC26EzIKzPtpTGMw==
expires: Fri, 13 May 2022 19:08:01 GMT

GET
H2 200 /
ca-times.brightspotcdn.com/dims4/default/863a247/2147483647/strip/true/crop/1061x707+0+260/resize/180x120!/format/webp/quality/90/ 9 KB
9 KB 71ms
70ms Image
image/webp 13.224.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-times.brightspotcdn.com/dims4/default/863a247/2147483647/strip/true/crop/1061x707+0+260/resize/180x120!/format/webp/quality/90/?url=https%3A%2F%2Fcalifornia-times-brightspot.s3.amazonaws.com%2F12%2Ffc%2F2e7fb17d438e84ae52cfd74595fb%2Fdavidhofferheadshot.jpg
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-118.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: 3dbb8f5ed5f200b7bab832bbd59504aa64b25062bdceb0bf749ba7574707d5db

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 20:39:59 GMT
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
server: Apache
age: 20110
etag: b37493d7b4c70c29d8e482a98ea9a818
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
x-robots-tag: nofollow
content-length: 9246
x-amz-cf-id: dViyVnQQPyZCcuWJVcR-9Qtsnbl7G1YIzj0HFTt18U7YA9oQXYfSPg==
expires: Fri, 13 May 2022 20:39:59 GMT

GET
H3-29 200 pubads_impl_2021051001.js Show response
securepubads.g.doubleclick.net/gpt/ 303 KB
107 KB 94ms
36ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/delmartimes/Bootstrap.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

b19865c2e8366fc6cef8f869b9447b23243e4917d73591e554f1b697a1f8da9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 02:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 May 2021 08:38:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109340
x-xss-protection: 0
expires: Fri, 14 May 2021 02:15:09 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 213 KB
63 KB 42ms
32ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=205392537dda9fde18fa258f064354d9&ua=modern_es6

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/delmartimes/Bootstrap.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c1894d5833d894834a400e180e13193bd8de1a79b6e546959b92a4c0df621dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.delmartimes.net
Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: n1rYiZVostPrZgubOb33tw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 64555
x-fb-rlafr: 0
x-fb-debug: qvCIvJC6WyomHkiqkV2wXLCmxkLsmsDd5RIA3VRiX6xL+WBrFe6AdnkeGRrdscUFp5+uBofkFbAxkw9Jk9K9hQ==
x-fb-content-md5: a9da32da4ea033f4d0621cf0d73a1b28
x-frame-options: DENY
date: Fri, 14 May 2021 02:15:09 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ef7a3c1bd203394480400707e787a3a8"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 14 May 2022 01:32:10 GMT

GET
H2 200 3ddb4d5318c088b013a30c63f06db810.js Show response
activate.platform.californiatimes.com/caltimes/delmartimes/code/ 99 KB
14 KB 50ms
40ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://activate.platform.californiatimes.com/caltimes/delmartimes/code/3ddb4d5318c088b013a30c63f06db810.js?conditionId0=4849544
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/delmartimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: abdf01f7633e9a97e58bd501f11c8574018c920ae88ced9962210b1f3fa1cb46

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 02:15:09 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 16:13:02 GMT
server: nginx
etag: W/"6094158e-18b23"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 07b65093b160bb1fbf174dd53439df6e.js Show response
activate.platform.californiatimes.com/caltimes/delmartimes/code/ 77 KB
6 KB 43ms
40ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://activate.platform.californiatimes.com/caltimes/delmartimes/code/07b65093b160bb1fbf174dd53439df6e.js?conditionId0=4849974
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/delmartimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0373b69821923325046512b0914240b2bf1f6583aed3e42747a44521c5dbdea8

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 02:15:09 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 16:13:02 GMT
server: nginx
etag: W/"6094158e-13563"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 /
ca-times.brightspotcdn.com/dims4/default/fbd6cdd/2147483647/strip/true/crop/3023x2015+0+681/resize/180x120!/format/webp/quality/90/ 2 KB
3 KB 71ms
52ms Image
image/webp 13.224.95.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-times.brightspotcdn.com/dims4/default/fbd6cdd/2147483647/strip/true/crop/3023x2015+0+681/resize/180x120!/format/webp/quality/90/?url=https%3A%2F%2Fcalifornia-times-brightspot.s3.amazonaws.com%2F45%2Fd5%2F968bb1744bd593a4def8a339721a%2Fzami2.jpg
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-118.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: 39dc305914e86a8901828dc31513d16f3124f5f9c493b32bc55119721b11bd06

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 20:12:38 GMT
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
server: Apache
age: 21751
etag: 9d14007a8fba4fec9269d1f85504bb0c
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
x-robots-tag: nofollow
content-length: 2272
x-amz-cf-id: ruW1TcLva9ZTmS9LFmJ08DCbADZz-aAH2U6Go4qWJBOFYWZgNQeY1Q==
expires: Fri, 13 May 2022 20:12:38 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=29820151&ns__t=Fri%20May%2014%202021%2004:15:09%20GMT+0200%20(Central%20European%20Summer%20Time)&ns_c=UTF-8&c8=Ransomware%20shutdown%20continues%20to%20b...
https://sb.scorecardresearch.com/b2?c1=2&c2=29820151&ns__t=Fri%20May%2014%202021%2004%3A15%3A09%20GMT%200200%20(Central%20European%20Summer%20Time)&ns_c=UTF-8&c8=Ransomware%20shutdown%20continues%2...

64 B
331 B

56ms
55ms

Image
image/gif

13.224.95.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=29820151&ns__t=Fri%20May%2014%202021%2004%3A15%3A09%20GMT%200200%20(Central%20European%20Summer%20Time)&ns_c=UTF-8&c8=Ransomware%20shutdown%20continues%20to%20be%20a%20problem%20for%20Scripps%20Health%20-%20Del%20Mar%20Times&c7=https%3A%2F%2Fwww.delmartimes.net%2Fnews%2Fstory%2F2021-05-05%2Fransomware-shutdown-continues-to-be-a-problem-for-scripps-health&c9=
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-46.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 02:15:10 GMT
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: ZRYNNUPmhwElzLcxmIxrj-4L0xQit6SM_WQHlR40KREXPToQThoEmw==

Redirect headers

date: Fri, 14 May 2021 02:15:09 GMT
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=29820151&ns__t=Fri%20May%2014%202021%2004%3A15%3A09%20GMT%200200%20(Central%20European%20Summer%20Time)&ns_c=UTF-8&c8=Ransomware%20shutdown%20continues%20to%20be%20a%20problem%20for%20Scripps%20Health%20-%20Del%20Mar%20Times&c7=https%3A%2F%2Fwww.delmartimes.net%2Fnews%2Fstory%2F2021-05-05%2Fransomware-shutdown-continues-to-be-a-problem-for-scripps-health&c9=
content-length: 426
x-amz-cf-id: v_WHuj-dP9wUXtKTld5i15-L4_CxV0dfiD_nuXkHNOvBoVxOcSnCxg==

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 14 KB
6 KB 26ms
25ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/delmartimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 02:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5863
x-xss-protection: 0
server: cafe
etag: 12453517290502062038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 14 May 2021 03:02:35 GMT

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
106 B 34ms
34ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=%22TypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20ezpay_status%2C%20ID%3A60910.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=delmartimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 02:15:10 GMT
cache-control: no-cache, no-store
server: nginx
expires: Fri, 14 May 2021 02:15:09 GMT

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
106 B 32ms
32ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=%22TypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20ez_pay%2C%20ID%3A59536.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=delmartimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 02:15:10 GMT
cache-control: no-cache, no-store
server: nginx
expires: Fri, 14 May 2021 02:15:09 GMT

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
106 B 32ms
31ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=%22TypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20print_status%2C%20ID%3A60891.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=delmartimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 02:15:10 GMT
cache-control: no-cache, no-store
server: nginx
expires: Fri, 14 May 2021 02:15:09 GMT

GET
H2 204 e.gif
activate.platform.californiatimes.com/error/ 0
106 B 31ms
31ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/error/e.gif?msg=%22TypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20sub_data%2C%20ID%3A60890.&lnn=-1&fn=&cid=2715&client=caltimes&publishPath=delmartimes&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 02:15:10 GMT
cache-control: no-cache, no-store
server: nginx
expires: Fri, 14 May 2021 02:15:09 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/29820151/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
349 B

36ms
36ms

Script
application/javascript

13.224.95.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-46.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 02:11:34 GMT
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 217
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: C_Xbh_-fXk9JP0aQ29xsKN2-DgYXWi1P4V9IEIedpu8OLRAAE3BGeg==

Redirect headers

date: Fri, 14 May 2021 02:15:10 GMT
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: FkrBG-CwgiCTTIZ28X1p0m73-MJVcBJW92YCDNhlkhsmkrdMjJ0oqw==

GET
H2 200 /
activate.delmartimes.net/pc/caltimes/ 42 B
508 B 228ms
132ms Image
image/gif 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.delmartimes.net/pc/caltimes/?pulse2001=https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health&pulse2002=https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health&pulse2003=dmt:news:ransomware-shutdown-continues-to-be-a-problem-for-scripps-health:story.&pulse2004=www.delmartimes.net&pulse2005=delmartimes&pulse2006=news&pulse2007=/news&pulse2008=ransomware-shutdown-continues-to-be-a-problem-for-scripps-health&pulse2009=ransomware-shutdown-continues-to-be-a-problem-for-scripps-health&pulse2010=story&pulse2011=story&pulse2012=Ransomware%20shutdown%20continues%20to%20be%20a%20problem%20for%20Scripps%20Health%20%20Del%20Mar%20Times&pulse2013=22&pulse2021=story&pulse2035=signed-out&pulse2038=89.40.183.133&pulse2039=1600x1200&pulse2040=sdut&pulse2041=false&pulse2045=landscape&pulse2046=%3E1224&pulse2047=0-99&pulse2048=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&pulse2068=%20&pulse2071=%20&pulse2113=%20&pulse2119=%20&pulse2127=%20&pulse2128=%20&pulse2131=00000179-3c3b-d140-a97f-fdfbabc80003&pulse2133=true&pulse2134=Ransomware%20shutdown%20continues%20to%20be%20a%20problem%20for%20Scripps%20Health&pulse2135=Paul%20Sisson&pulse2137=05-05-2021%2004:19&pulse2140=delmartimes&pulse2141=sdut&pulse2152=Sam%20Hodgson%20%20The%20San%20Diego%20UnionTribune&pulse2153=%20&pulse2168=%20&pulse2179=%20&pulse2286=923&pulse2287=https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health&pxlid=6698713174970097763&pbrd=21&pch=4&pei=2&c_rdp=0
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 02:15:10 GMT
server: nginx
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-cache, no-store, must-revalidate
x-ens-event-id: d6f7efb0-270a-4384-a29c-102a2ce1c217
x-offsite-uuid: 980681a1-1424-462e-8b38-d6f9cbdbb8af
access-control-allow-headers: *
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/delmartimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6498
date: Fri, 14 May 2021 00:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 14 May 2021 02:26:52 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 44ms
17ms Script
application/x-javascript 2600:9000:2190:4e00:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/delmartimes/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4e00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 15:20:24 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 00:04:46 GMT
server: nginx
age: 39286
etag: W/"60665f9e-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 6sRYC-eWQZa2Z03DG_8HVe8WR6rGeyJBqPmKjh8xn7M65Tm6Gfl8qg==
expires: Fri, 14 May 2021 15:20:24 GMT

GET
H3-29 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
882 B 22ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/delmartimes/Bootstrap.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2493
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Fri, 14 May 2021 02:33:37 GMT

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/delmartimes/Bootstrap.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1015
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Fri, 14 May 2021 02:58:15 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
539 B 44ms
13ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/delmartimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 14 May 2021 02:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.delmartimes.net
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 285ms
93ms Image
image/gif 18.235.237.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=delmartimes.net&p=%2Fnews%2Fstory%2F2021-05-05%2Fransomware-shutdown-continues-to-be-a-problem-for-scripps-health&u=B9he0t1kjsWB9sHjT&d=delmartimes.net&g=25745&g0=news&g1=Paul%20Sisson&g4=story&n=1&f=00001&c=0&x=0&m=0&y=7822&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2710&t=DkKyRwBcbppzB-BY7kDkR5HYCtcMMR&V=126&i=Ransomware%20shutdown%20continues%20to%20be%20a%20problem%20for%20Scripps%20Health&tz=-120&sn=1&sv=BnIWzoCXAoTuBUFGqCeGKHWDdWhK_&sd=1&im=067b0ff3&_
Requested by: Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.237.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-237-134.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 02:15:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
468 B 36ms
13ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/delmartimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 14 May 2021 02:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.delmartimes.net
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-1860662-59&cid=325688881.1620958510&jid=894823755&gjid=191447961&_gid=1753647705.1620958510&_u=aGBAgEIrAAQCAE~&z=425743951

Requested by

Host: activate.platform.californiatimes.com
URL: https://activate.platform.californiatimes.com/caltimes/delmartimes/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 14 May 2021 02:15:10 GMT
content-type: text/plain
access-control-allow-origin: https://www.delmartimes.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1917280018&t=pageview&cu=USD&_s=1&dl=https%3A%2F%2Fwww.delmartimes.net%2Fnews%2Fstory%2F2021-05-05%2Fransomware-shutdown-continues-to-be-a-problem-for-scripps-health&dp=%2Fnews%2Fstory%2F2021-05-05%2Fransomware-shutdown-continues-to-be-a-problem-for-scripps-health&dh=www.delmartimes.net&ul=en-us&de=UTF-8&dt=Ransomware%20shutdown%20continues%20to%20be%20a%20problem%20for%20Scripps%20Health%20%20Del%20Mar%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEIrAAQC~&jid=894823755&gjid=191447961&cid=325688881.1620958510&uid=&tid=UA-1860662-59&_gid=1753647705.1620958510&cd29=&cd2=news&cd4=dmt%3Anews%3Aransomware-shutdown-continues-to-be-a-problem-for-scripps-health%3Astory.&cd5=22&cd6=story&cd7=&cd8=story&cd9=ransomware-shutdown-continues-to-be-a-problem-for-scripps-health&cd10=&cd11=&cd12=Ransomware%20shutdown%20continues%20to%20be%20a%20problem%20for%20Scripps%20Health&cd13=Paul%20Sisson&cd14=89.40.183.133&cd15=05-05-2021%2004%3A19&cd16=&cd17=delmartimes&cd18=sdut&cd19=00000179-3c3b-d140-a97f-fdfbabc80003&cd20=&cd21=&cd22=Sam%20Hodgson%20%20The%20San%20Diego%20UnionTribune&cd23=&cd24=923&cd32=&cd33=%20&cd34=&cd37=&cd38=&cd42=0-99&cd43=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd44=%3E1224&cd49=&cd50=&cd51=&cd52=&cd53=&cd54=&cd69=&cd95=&cd96=signed-out&cd97=&cd98=&cd102=&cd103=&cd111=&cd119=1&cd124=&cd127=&cd128=&cd129=&cd130=&cd131=&cd165=false&cd174=0&z=2144132003

Requested by

Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 04:17:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79048
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 19ms
17ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-1860662-59&cid=325688881.1620958510&jid=894823755&_u=aGBAgEIrAAQCAE~&z=1830229757

Requested by

Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 02:15:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 28ms
27ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-1860662-59&cid=325688881.1620958510&jid=894823755&_u=aGBAgEIrAAQCAE~&z=1830229757

Requested by

Host: www.delmartimes.net
URL: https://www.delmartimes.net/news/story/2021-05-05/ransomware-shutdown-continues-to-be-a-problem-for-scripps-health

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 02:15:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 1.gif
activate.platform.californiatimes.com/privacy/v1/b/ 0
106 B 32ms
32ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activate.platform.californiatimes.com/privacy/v1/b/1.gif?n=1&c=2715&i=8vkpow&p=delmartimes&s=7328&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNDQUAPAlY2xpZW50SWQiOjI3MTUsInB1Ymxpc2hQYXRoIjoiZGVsbWFydGltZXMiLCJpbnN0YW5jZS4A8k4iOHZrcG93IiwicGFja2V0IjoxLCJtb2RlIjoiZW5mb3JjZSIsImNvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6Im5vbmUiLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS3APAkaHR0cHM6Ly9zZWN1cmVwdWJhZHMuZy5kb3VibGVjbGljay5uZXQvdGFnL2pzL2dwdC5qpgBAc3Rhco8AwDYyMDk1ODUwODg5Mn0ARGQiOjEUAJA5Mzc5LCJzb3WnAFE6Im11dHUA8QtPYnNlcnZlckNMIiwic3RhdHVzIjoibG9hZKoAQGFzb26pANRdLCJkYXRhUGF0dGVyEgC4bGlzdCI6W10sImlqAAJ-ADB0eXAZAZ9zY3JpcHQifSzrAAXwBWFqYXguZ29vZ2xlYXBpcy5jb20vFADzAy9saWJzL2pxdWVyeS8zLjUuMQ0ATy5taW73AAYeN_cALzg49wBWPzcsIvcAFfIAY29ubmVjdC5mYWNlYm9v2AGfZW5fVVMvc2Rr4AAFLjg54AAnOTbgALBpbnNlcnRCZWZvco0CD9EBNQB4AA_aAEsvOTHaAAwMsQIfQbACOR8xuQE48Bs_aGFzaD0yMDUzOTI1MzdkZGE5ZmRlMThmYTI1OGYwNjQzNTRkOSZ1YT08BGJybl9lczbMAAnEAy85MxMBACg2OcQDD-0BQgJ4AA_tATYPDgE3HTMhAgoOAQ8hAkdPOTM5MyECFw-8BQxCZ3B0L9kF_wFfaW1wbF8yMDIxMDUxMDAx9QMDTTkzNzb6ACg4NfUDoGFwcGVuZENoaWy1BQ_0AzMCdwAPBwIVD_QAPx849AAMD-4BSS83OO4BF3NwYWdlYWQywgZhc3luZGljWQcByQYCHgD_Ay9zaG93X2NvbXBhbmlvbl9hZOsBBCw4NbcHOTEwMOsBD_MDQwF4AA_sARUC1AAP8gA2GzXpAQzyAA_pAUg_ODU16QEXY2FtcGNpZOgBAd0BIHYxyQMAOwpzZXI6Z2V0Q1gK_h0_a2V5PUFJemFTeUE2NWxFSFVFaXpJc050bGJOby1sMksxOGRUNjgwbnNhTfkFTDEwMTAMBwMUAAW9CbJYSFJfTUFOQUdFUkEAArYJYGFsbG93ZQQEL3JluQkgA2YAAwgCP3hocrYJCQ8OAWwXMvQIDw4BbzN3d3cZApMtYW5hbHl0aWPJCgUOAA-oCwFOMTAwOPEDNzEwNN0AD_8CRgN9AAPuAQ-nCw7xBXNiLnNjb3JlY2FyZHJlc2VhcmNoBgPvYzIvMjk4MjAxNTEvY3PZBAJMMTAwMpkLVzEwMTIw6AAP2QRBA3gAD-MAVB8zywEACeMAD8sBSQB9AA_oABUPrgIG33BsdWdpbnMvdWEvZWPKAQUAggonZW7wDV8xMDEzM8oBTwB4AA_iAFIBgAMP4gAKD8kBSAF9AA_nADlfbGlua2lwCANMMTAwOWcJAM0BCFsKD5cDRAB4AA_mAFYsMTA7DAzmAA_RAUoPOwwZAJQRsWMuY2hhcnRiZWF0YQU2anMvEQAPRwYFD-IAABg2lQMP4gBILzA44gAYCkYJP2RlL0UJRh42WQoQMRQAD0UJTwBmAAPdAg9FCRkPDQHsALcOD-wUAfAMai9jb2xsZWN0P3Q9ZGMmYWlwPTEmX3I9MyZ2CQD0F3Y9ajkwJnRpZD1VQS0xODYwNjYyLTU5JmNpZD0zMjU2ODg4ODEuBhXwAzEwJmppZD04OTQ4MjM3NTUmZw8A-AoxOTE0NDc5NjEmX2dpZD0xNzUzNjQ3NzA1OADyD191PWFHQkFnRUlyQUFRQ0FFfiZ6PTQyNTc0Mzk1MYcLCMERTDEwMzKuEwMUAA-DAk4BegAPgwISD3YBwC0zMFIOEDMUAA92AU8AZgAPdgESBoIJAeIF9gZhZHMvZ2EtYXVkaWVuY2VzP3Q9c3LqAq80JnNsZl9yZD0x8wIyD8kCAq8xODMwMjI5NzU3ygICHjS_CxAzFAAFVAHxAmltZ19ET01BdHRyTW9kaWZphw4AXgIBUBgPmg4uAW4AA1wBP2ltZ5oOCAdcAT9kZS9bAZAOgwkoMzSzGA9bAU8G7xIPWwG8D4AFAB83FglU8AQzNDksInR5cGUiOiJpbWcifV19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.delmartimes.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 02:15:11 GMT
cache-control: no-cache, no-store
server: nginx
expires: Fri, 14 May 2021 02:15:10 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.delmartimes.net/	1970-01-19 18:17:24	Name: _gid Value: GA1.2.1753647705.1620958510
.delmartimes.net/	1970-01-20 11:47:10	Name: _ga Value: GA1.2.325688881.1620958510
.delmartimes.net/	1970-01-21 14:03:58	Name: uuid Value: 980681a1-1424-462e-8b38-d6f9cbdbb8af
.delmartimes.net/	1970-01-19 18:16:02	Name: AMP_TOKEN Value: %24NOT_FOUND
www.delmartimes.net/	1970-01-19 18:16:00	Name: _cb_svref Value: null
www.delmartimes.net/	1970-01-20 03:44:46	Name: _chartbeat2 Value: .1620958510145.1620958510145.1.BnIWzoCXAoTuBUFGqCeGKHWDdWhK_.1
www.delmartimes.net/	1970-01-20 03:44:46	Name: _cb Value: B9he0t1kjsWB9sHjT
.delmartimes.net/	1970-01-19 18:15:58	Name: _gat Value: 1
www.delmartimes.net/	1970-01-20 03:44:46	Name: _cb_ls Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activate.delmartimes.net
activate.platform.californiatimes.com
ajax.googleapis.com
ampcid.google.com
ampcid.google.de
ca-times.brightspotcdn.com
connect.facebook.net
libs.platform.californiatimes.com
pagead2.googlesyndication.com
ping.chartbeat.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.chartbeat.com
stats.g.doubleclick.net
www.delmartimes.net
www.google-analytics.com
www.google.com
www.google.de
13.224.95.118
13.224.95.46
13.224.95.70
13.32.6.66
142.250.181.226
18.235.237.134
2600:9000:2190:4e00:18:1fcd:34e:d2a1
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:827::200e
2a00:1450:4001:829::2003
2a00:1450:400c:c08::9c
2a03:2880:f01c:8012:face:b00c:0:3
3.124.173.63
024a17924f35f315f243e519b8401a1a7003a103a9f1b1db94e10551008bb1e8
0373b69821923325046512b0914240b2bf1f6583aed3e42747a44521c5dbdea8
049aeb7301b64effe35461c68c1ca401911a609a2bad492f9f6bfdc3efd26e23
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0c1894d5833d894834a400e180e13193bd8de1a79b6e546959b92a4c0df621dc
13df5799b5e8aa7d7bb9ff94595bce56f960fbffa1d29d0a810a17418b184a19
241ec1b063e5e32c080295aaf50ef14de57a99685ad082e7daa1b567481c5f74
2c419f753d2f4b332cc37d7b0a14326da3bf8b522d34d988ecd97d83f88f73d8
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
39dc305914e86a8901828dc31513d16f3124f5f9c493b32bc55119721b11bd06
3dbb8f5ed5f200b7bab832bbd59504aa64b25062bdceb0bf749ba7574707d5db
3fefd3a249184780556765e086c2e75fce2e4172a151ab4e80c7fcf06c3b5936
41b56391a3bcb6166d36d0ad707cc610d83c93a95b123cd7830ba69ef743b18c
474cf96639b913d82cc8ddaa86d4147688f9bb40dd4469abd4f360d34a5d1300
4cb9c0e2d79f4a046fa629cd5ec15640461d1d9b8be2e18f1dd62539fa234797
56f9f2e33fb21c580d6ba2fec273f9553803ae3f5d183b7b7af35d5ac19a6723
7b2f2e8215456822f8cd90d5c69234461baad3bd2e85b00fb5251ad9004c5db5
7d12680bfc77396330439d134956e2f0c67c5ef889ad0b9396e5e22bba81dfdb
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9be7d9f4a0623366c77008723f077fa4fec9d0fdf47b113c12d9a91e45824220
a5e092896c35be0cef791d941ccb1c71fc241f69314eb4e8861549cd25cd91dd
abdf01f7633e9a97e58bd501f11c8574018c920ae88ced9962210b1f3fa1cb46
b19865c2e8366fc6cef8f869b9447b23243e4917d73591e554f1b697a1f8da9a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd75aa1890ab86fafc043907ebddf99a78bc09a8ea922850e8336c68d4c4e01a
beae4f0dc1480bf0f9f686b0b70858f79bc5fe793a0d2bf64670392e5f101e84
c53ea495e43386054567a488d1e6e03f8b93b0bfb4cd85602212df7bf182a7ea
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e025d564837c49fe19deaec1dd96cca7b9f343dc6bab0ca18a50a4fe5638b809
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76d9067d9b89ae068f2d6d84785ca9b3292a1189a1ab1ccd5762c8bddef4a81
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13939cb7a684e424a07b29d2b5d7edbe7d7d03425db78608701af2af65d56b4
f48af33787a4da5addab5af30804dbdbc54025d85eb7997a39de6ed8bd28fce9
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
faf9d8a0aaad67f389822224a487c77856849cbb97d4d5b37527f72fb676cf0e
fe83c90a0aeb2c558f23e054821eb26dd7e5f1b3349cbc73932e189cdc728cc9

www.delmartimes.net Open in urlscan Pro 13.224.95.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

56 %IPv6

13 Domains

18 Subdomains

17 IPs

3 Countries

995 kBTransfer

2532 kBSize

9 Cookies

22 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.delmartimes.net Open in urlscan Pro
13.224.95.70 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

56 %
IPv6

13
Domains

18
Subdomains

17
IPs

3
Countries

995 kB
Transfer

2532 kB
Size

9
Cookies

51 HTTP transactions
1 data transactions