www.zdnet.com Open in urlscan Pro
2a04:4e42:1b::444 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://content.upguard.com/e2t/tc/VX8Rxp1bnQdlW8gX6Wn6vthnrW2C4PM94jbQWCN2jjSxX3p_9LV1-WJV7CgBTcW2-JHrH8xFjz5W5sNCvD5nwTk6F...
Effective URL:
https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOn...
Submission: On November 23 via api (November 23rd 2020, 2:30:55 pm UTC) from US

Summary HTTP 170 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 23 domains to perform 170 HTTP transactions. The main IP is 2a04:4e42:1b::444, located in Ascension Island and belongs to FASTLY, US. The main domain is www.zdnet.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on January 24th 2020. Valid for: a year.

This is the only time www.zdnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.28 199.60.103.28	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1 19	2a04:4e42:1b:... 2a04:4e42:1b::444	54113 (FASTLY) (FASTLY)
13	2a04:4e42:3::444 2a04:4e42:3::444	54113 (FASTLY) (FASTLY)
6	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:6c0... 2a02:26f0:6c00:19a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.65.188 151.101.65.188	54113 (FASTLY) (FASTLY)
3	151.101.13.194 151.101.13.194	54113 (FASTLY) (FASTLY)
21	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1	34.102.213.242 34.102.213.242	15169 (GOOGLE) (GOOGLE)
2	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
1 1	2.16.186.75 2.16.186.75	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.55.163.4 23.55.163.4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
24	95.101.185.246 95.101.185.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42:3::645 2a04:4e42:3::645	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:291::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.8.225.221 3.8.225.221	16509 (AMAZON-02) (AMAZON-02)
2	3.9.96.171 3.9.96.171	16509 (AMAZON-02) (AMAZON-02)
1	52.28.196.64 52.28.196.64	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:46:... 2a04:4e42:46::444	54113 (FASTLY) (FASTLY)
2 3	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
11	23.212.157.206 23.212.157.206	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
170	32

2 199.60.103.28 (Canada) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., GB)

content.upguard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a04:4e42:1b::444 (Ascension Island) 1 redirects

ASN54113 (FASTLY, US)

www.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet3.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet4.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a04:4e42:3::444 (Ascension Island)

ASN54113 (FASTLY, US)

zdnet2.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cmg1.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet1.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:19a::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.188 (United States)

ASN54113 (FASTLY, US)

at.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.213.242 (United States)

ASN15169 (GOOGLE, US)
PTR: 242.213.102.34.bc.googleusercontent.com

urs.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.146 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.75 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-75.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.55.163.4 (United States)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-55-163-4.deploy.static.akamaitechnologies.com

yjrwsyyccc5ewx53y6hq-pk3s5u-287550bf9-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba13 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba19 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

fiaqj6absjkbikqce3ygyaaaabp3xr4p-pk3s5u-4b39b38ce-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 95.101.185.246 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-185-246.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::645 (Ascension Island)

ASN54113 (FASTLY, US)

vidtech.cbsinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

559abf2ac226b0e9a1825107f9741d70.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d5d33ed430cb28c48bd3e443f2d4904f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:291::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

686eb719.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.8.225.221 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-8-225-221.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.9.96.171 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-96-171.eu-west-2.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.196.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-196-64.eu-central-1.compute.amazonaws.com

www.summerhamster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:46::444 (Ascension Island)

ASN54113 (FASTLY, US)

rev.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.212.157.206 (United States)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-212-157-206.deploy.static.akamaitechnologies.com

cbsdfp5832910442.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	cbsistatic.com zdnet3.cbsistatic.com zdnet2.cbsistatic.com cmg1.cbsistatic.com zdnet1.cbsistatic.com zdnet4.cbsistatic.com	727 KB
27	moatads.com z.moatads.com mb.moatads.com geo.moatads.com px.moatads.com	831 KB
25	googlesyndication.com 559abf2ac226b0e9a1825107f9741d70.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com d5d33ed430cb28c48bd3e443f2d4904f.safeframe.googlesyndication.com	219 KB
24	doubleclick.net securepubads.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net	259 KB
11	moatpixel.com cbsdfp5832910442.s.moatpixel.com	5 KB
10	ampproject.org cdn.ampproject.org	195 KB
10	googletagservices.com www.googletagservices.com	274 KB
6	cookielaw.org cdn.cookielaw.org	107 KB
5	google.com 2 redirects adservice.google.com www.google.com	1 KB
5	zdnet.com 1 redirects www.zdnet.com urs.zdnet.com	195 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net yjrwsyyccc5ewx53y6hq-pk3s5u-287550bf9-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net fiaqj6absjkbikqce3ygyaaaabp3xr4p-pk3s5u-4b39b38ce-clienttons-s.akamaihd.net	1 KB
3	fastly.net confiant-integrations.global.ssl.fastly.net	116 KB
3	cbsi.com at.cbsi.com rev.cbsi.com	6 KB
3	go-mpulse.net c.go-mpulse.net	53 KB
2	akstat.io 686eb719.akstat.io	708 B
2	nr-data.net bam-cell.nr-data.net	1 KB
2	upguard.com 1 redirects content.upguard.com	3 KB
1	google.de adservice.google.de	803 B
1	summerhamster.com www.summerhamster.com	182 B
1	google.pl adservice.google.pl	803 B
1	cbsinteractive.com vidtech.cbsinteractive.com	281 KB
1	onetrust.com geolocation.onetrust.com	515 B
1	newrelic.com js-agent.newrelic.com	11 KB
170	23

	Domain	Requested by
21	securepubads.g.doubleclick.net	zdnet3.cbsistatic.com securepubads.g.doubleclick.net content.upguard.com www.zdnet.com www.googletagservices.com
16	tpc.googlesyndication.com	www.zdnet.com confiant-integrations.global.ssl.fastly.net securepubads.g.doubleclick.net cdn.ampproject.org tpc.googlesyndication.com
16	px.moatads.com
11	cbsdfp5832910442.s.moatpixel.com
10	cdn.ampproject.org	confiant-integrations.global.ssl.fastly.net
10	www.googletagservices.com	content.upguard.com securepubads.g.doubleclick.net rev.cbsi.com
10	zdnet3.cbsistatic.com	www.zdnet.com zdnet3.cbsistatic.com zdnet2.cbsistatic.com
8	z.moatads.com	zdnet3.cbsistatic.com content.upguard.com securepubads.g.doubleclick.net
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
6	zdnet1.cbsistatic.com	www.zdnet.com zdnet3.cbsistatic.com zdnet2.cbsistatic.com
6	cdn.cookielaw.org	www.zdnet.com cdn.cookielaw.org
6	zdnet2.cbsistatic.com	www.zdnet.com zdnet3.cbsistatic.com
5	zdnet4.cbsistatic.com	zdnet2.cbsistatic.com zdnet3.cbsistatic.com
4	www.zdnet.com	1 redirects content.upguard.com zdnet3.cbsistatic.com
3	www.google.com	2 redirects www.zdnet.com
3	confiant-integrations.global.ssl.fastly.net	zdnet3.cbsistatic.com confiant-integrations.global.ssl.fastly.net
3	c.go-mpulse.net	www.zdnet.com c.go-mpulse.net zdnet1.cbsistatic.com
2	googleads.g.doubleclick.net
2	geo.moatads.com	z.moatads.com
2	686eb719.akstat.io	zdnet1.cbsistatic.com c.go-mpulse.net
2	559abf2ac226b0e9a1825107f9741d70.safeframe.googlesyndication.com	securepubads.g.doubleclick.net confiant-integrations.global.ssl.fastly.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	bam-cell.nr-data.net	js-agent.newrelic.com
2	at.cbsi.com	zdnet3.cbsistatic.com
2	content.upguard.com	1 redirects
1	d5d33ed430cb28c48bd3e443f2d4904f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	rev.cbsi.com	content.upguard.com
1	www.summerhamster.com
1	mb.moatads.com	z.moatads.com
1	adservice.google.pl	securepubads.g.doubleclick.net
1	vidtech.cbsinteractive.com	zdnet2.cbsistatic.com
1	fiaqj6absjkbikqce3ygyaaaabp3xr4p-pk3s5u-4b39b38ce-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	yjrwsyyccc5ewx53y6hq-pk3s5u-287550bf9-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	ad.doubleclick.net
1	urs.zdnet.com	zdnet2.cbsistatic.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	js-agent.newrelic.com	www.zdnet.com
1	cmg1.cbsistatic.com	www.zdnet.com
170	41

This site contains links to these domains. Also see Links.

Domain
www.zdnet.fr
www.zdnet.de
www.zdnet.co.kr
japan.zdnet.com
www.techrepublic.com
downloads.zdnet.com
docoh.com
www.youtube.com
www.cnet.com
redventures.com
www.facebook.com
twitter.com
www.linkedin.com
narratives.zdnet.com
privacyportal.onetrust.com
cbsi.secure.force.com
academy.zdnet.com
onetrust.com

Subject Issuer	Validity	Valid
content.upguard.com Cloudflare Inc ECC CA-3	`2020-10-01` - `2021-10-01`	a year	crt.sh
*.zdnet.com DigiCert SHA2 High Assurance Server CA	`2020-01-24` - `2021-06-18`	a year	crt.sh
*.cbsistatic.com DigiCert SHA2 High Assurance Server CA	`2019-02-22` - `2021-02-26`	2 years	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-23` - `2021-05-07`	6 months	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2020-05-21` - `2022-07-27`	2 years	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-21` - `2021-04-22`	a year	crt.sh
*.at.cbsi.com DigiCert SHA2 High Assurance Server CA	`2019-12-17` - `2021-12-21`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
vidtech.cbsinteractive.com Sectigo RSA Organization Validation Secure Server CA	`2020-11-17` - `2021-11-17`	a year	crt.sh
*.google.pl GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
*.summerhamster.com Let's Encrypt Authority X3	`2020-11-02` - `2021-01-31`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
rev.cbsi.com DigiCert SHA2 High Assurance Server CA	`2020-04-22` - `2022-04-27`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
Frame ID: BBDD8C5B20E280D8DB4039984677E64E
Requests: 102 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Frame ID: B505532B367CEE0E3E06D5B5E94B2979
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstN_vN6D5SzASGM9rKgpcbUdMBHbB12lA0ngEgPZuUDK0tmXy5yV_vMb5NSWCnngnpE9bkHD4bDIkrFggCUHy3TpRcb2b7CPQxbzscK8H3exAAbfizRSsty5M4Z4-1HRvFttJhMb24UG2kVRsFHoLac6jB-nJmjazOF4wJxQtqn7XK16wmNFASMydZ5ruPsjpCILSCmtiXLXxosZUG5vOrpzX1hZpprAMPbV4FTI8Y8a5N1cSsKepH256n8807eMODWBnhy2WTa&sig=Cg0ArKJSzJZWSc9fzeEhEAE&urlfix=1&adurl=
Frame ID: 0F7B5CD24750484AE34B80B031DA4306
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 75280E35BC2B2E131B5890BF4E881D7A
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvh-tsZtGY9Vsi_TvJZKpulmfY0VjoiBilNBUUw1i1qZ8HU_fXVMdGYmXRWQwft72icnVJtdTeDBqpDDV_I04r4RZXAMv1aigqV1AFwgp4hbgKGG99zAUnY0jERnhF1Un7GZnwkn7xj88EsDjng0pHrCoEn_VM7y-yBRn-8alj6A9lLyi_oL9vU-SibRHO-U--zshaokoA3MPtsbGAhxPxmBxRKTSb_NtuJf9RAvJyaQJmC-Q7vXDqSltbl13kyYtxteitZmoI3&sig=Cg0ArKJSzMd-7dXf7OKQEAE&urlfix=1&adurl=
Frame ID: 1E237B21E3EDA08B03785DB9F40A9AA6
Requests: 4 HTTP requests in this frame

Frame: https://559abf2ac226b0e9a1825107f9741d70.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: EEC9D320FF498C20ADE7FF86D9F96A22
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_OaA9TxB6DZdRjnT0-8DzIhvpG_wfWY96CFVe4ZuT2DRCmjH2-ZclVV3B0Dz9n4iPMTiDV24dcIxMUZQls4cg9Qu41bjtLYhM1sVUuXu1nQFERADT3WSbgxPOgPZbrIGje_uL9Jaqt2i9aLzqHsOatX1AqiK9S0Aj96hDNHroH5tBnmpRg8i0k3llF2o8CREj3z5l2nJSIRGKvU1qApJ_CadlXtQAfI8nVRq05RiBxQjpLPLhVNRKEHT595AaYsbzMmCumAVn&sig=Cg0ArKJSzIHYMeGaQHnTEAE&urlfix=1&adurl=
Frame ID: 69A9C12906398FB58D86419A465C9C95
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUqgiD0VtvpNR0LThEjNfRImnEV600o5hEyKrRZCZRzN4pwxdNXw6tmEKpG1OW9fGtDDsc5aXYmuYlWUb626YUyxLtuZQqpAH8hfLWbdPhgwNDP9bNzmXBdQKoRnTgnnNZe1bXxN9EyvYXyi4GxlRIkTqFdREV_VRJ3F9rU5E_vTZrU3G7HiMo0h0sAvn1u6XkMPiO7e86GgxV1HuH5-4jdUUk9jBGuMjSQAJAgmA8k23wPwfzfBVrgtKrbaky568AxHxAJHR2&sig=Cg0ArKJSzPdHuiLMLQKIEAE&urlfix=1&adurl=
Frame ID: 51869AA0B8B38EDC53F44779274A5B22
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 8455855FEC485AB33C6B9647E1349614
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLAynG-XRFv-wJa6swc2t35cSbHp4Esl9wvdSJn0xAmcL31E4nJQUY56kCDkcryuw0LbqnLrcix_ZUqsxANogQIUqs7VFiUfgl5tsFBkXXlXsF7gvO5oU5dF41WfnmaasQybwykFyTJ5GgGVG4Ol7mIk6wg3IK59yUX6ozAmzzrYO_GUgSxVPJVteoErtBbz5btx6Q0R9LtizL6-rBQxFQvhCcDRHadAXNVRkTQSPL98CqmNycA0Na-EjsZNLy7QTm3ARsyETA&sig=Cg0ArKJSzOAO-BM9FuslEAE&urlfix=1&adurl=
Frame ID: 44494F3A5C6AF8D63BB3AA0DE0BA4EFE
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: AB90186CDAF040687C343CC5BA2E5D5B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssupwSY-Zzv2iIeVK6guPdVdbyZ30QrlpIeop3SBr6LXk-_wSvV1bUlp7OFaCye1szsBMFn99JuBz-5VL5tx-1HOQowxj6ODLjj0lwHnLQzQFaXgH_xl-AXB6c4uSlJhyXtX3y_2X-HnKALI729bOebd1bI7-esI5sdIl1hPTkJ6_sGQC7FqsP9KETRGgtOATW0MqUJSR84st70q1fYJJuyLkCpAHs5CRfdz40MJxPbIZx3rmAT4TeKGl-XlSnKilN-P50x1J2u&sig=Cg0ArKJSzExnVzO22k4XEAE&urlfix=1&adurl=
Frame ID: 0F51098F0DE87F9C827ECC5E2C235D40
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvTpsdtqLwUtadbwV09ZcoHiivaC1GSGWqm-nvYOwJl2AAZiskrFeHIA1RKO7wAryKSPGV0WfB_FnNVaLAKDKyDifyLXtKL4-wBsBeZ1i_iKbMj3vmSWAWJXunVO7EJJIA-ocRuyM6sURhuFWcbpMKHqRhEgfqLgAo529jA2zb2YOJJx1x-rPqnUerxeT1yodz9zIcVaargWCmWDk7cjNsO9cGCDV4SFJWf8uyaHdIM1--jAwMQaZWJYTYGa8zKAz2OGPUbojf&sig=Cg0ArKJSzB53k9qXFHKdEAE&urlfix=1&adurl=
Frame ID: 1D6791F51568183DBA5F4552BC595122
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: C8CF6C7F71740F4B67C446894733FD50
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://content.upguard.com/e2t/tc/VX8Rxp1bnQdlW8gX6Wn6vthnrW2C4PM94jbQWCN2jjSxX3p_9LV1-WJV7CgBTcW2-JHrH... Page URL
https://content.upguard.com/events/public/v1/track/tc/VX8Rxp1bnQdlW8gX6Wn6vthnrW2C4PM94jbQWCN2jjSxX3p_9L... HTTP 307
https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack?utm_campaign=newsletter... HTTP 301
https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepW... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

170
Requests

100 %
HTTPS

55 %
IPv6

23
Domains

41
Subdomains

32
IPs

5
Countries

3286 kB
Transfer

9589 kB
Size

5
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: http://www.zdnet.fr/
Title: ZDNet France

Search URL Search Domain Scan URL

URL: http://www.zdnet.de/
Title: ZDNet Germany

Search URL Search Domain Scan URL

URL: http://www.zdnet.co.kr/
Title: ZDNet Korea

Search URL Search Domain Scan URL

URL: http://japan.zdnet.com/
Title: ZDNet Japan

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/whitepapers/
Title: White Papers

Search URL Search Domain Scan URL

URL: https://downloads.zdnet.com/
Title: Downloads

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/forums/
Title: TechRepublic Forums

Search URL Search Domain Scan URL

URL: https://docoh.com/filing/63276/0001628280-20-015358/MAT-10Q-2020Q3
Title: 10-Q quarterly form

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=1eOEoNIlYi0&t=13s
Title: Lessons cybersecurity teams need to learn from hackers to beat them at their own game (ZDNet YouTube)

Search URL Search Domain Scan URL

URL: https://www.cnet.com/how-to/top-cheap-home-security-devices-in-2020-amazon-echo-smart-cam-wyze/?ftag=CMG-01-10aaa1b
Title: Top 6 cheap home security devices in 2020 (CNET)

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/article/cybersecurity-best-practices-an-open-letter-to-end-users/?ftag=CMG-01-10aaa1b
Title: Cybersecurity best practices: An open letter to end users (TechRepublic)

Search URL Search Domain Scan URL

URL: https://redventures.com/CMG-terms-of-use.html
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://redventures.com/privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ZDNet/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/zdnet
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/zdnet-com
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCr9QWb5RKLfaunjKHJZAdQQ
Title:

Search URL Search Domain Scan URL

URL: http://narratives.zdnet.com/
Title: Sponsored Narratives

Search URL Search Domain Scan URL

URL: https://privacyportal.onetrust.com/webform/79ba7c84-ebc2-4740-8d11-bf1cc4501e59/ae88e03f-2b16-4276-9980-27124ba4b2c1
Title: Do Not Sell My Information

Search URL Search Domain Scan URL

URL: https://cbsi.secure.force.com/CBSi/knowledgehome?referer=zdnet.com
Title: Site Assistance

Search URL Search Domain Scan URL

URL: https://academy.zdnet.com/
Title: ZDNet Academy

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://content.upguard.com/e2t/tc/VX8Rxp1bnQdlW8gX6Wn6vthnrW2C4PM94jbQWCN2jjSxX3p_9LV1-WJV7CgBTcW2-JHrH8xFjz5W5sNCvD5nwTk6F55xvFzGcp1W189blt6S8XPfW8MLHrR5K7kd8W7fRZPr65qVBRW7dCbdv2Pc6fCW3q6V0X1vkLtrW5ZSCn74dNnS9W7G9n916nbDtqW2B6PhK6bbFl9VPWNKT9jRl2BVzYNv_3QP-gqW393bR_3xGm5hW3zNf7S8q-cqVW9fZTPB3PccjlW24xFwV5nTgYlW96-Ntm3lB9XmW22ggxN8sb6gMN4hxBH_rJWhDW5v6LHY8mmcntMxLR2HpP4N2W9kCcBc880p_bW8X7_Yv8nqPvFW1ks1_W5kLdwyW1m1s9l6vTq7bW5pnnxM6zF9TyW82_R2f3WJ_jc3g4j1 Page URL
https://content.upguard.com/events/public/v1/track/tc/VX8Rxp1bnQdlW8gX6Wn6vthnrW2C4PM94jbQWCN2jjSxX3p_9LV1-WJV7CgBTcW2-JHrH8xFjz5W5sNCvD5nwTk6F55xvFzGcp1W189blt6S8XPfW8MLHrR5K7kd8W7fRZPr65qVBRW7dCbdv2Pc6fCW3q6V0X1vkLtrW5ZSCn74dNnS9W7G9n916nbDtqW2B6PhK6bbFl9VPWNKT9jRl2BVzYNv_3QP-gqW393bR_3xGm5hW3zNf7S8q-cqVW9fZTPB3PccjlW24xFwV5nTgYlW96-Ntm3lB9XmW22ggxN8sb6gMN4hxBH_rJWhDW5v6LHY8mmcntMxLR2HpP4N2W9kCcBc880p_bW8X7_Yv8nqPvFW1ks1_W5kLdwyW1m1s9l6vTq7bW5pnnxM6zF9TyW82_R2f3WJ_jc3g4j1?_ud=b8d14c8e-444b-4b27-8455-496baf9ecfe6&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack?utm_campaign=newsletters-2020&utm_medium=email&_hsmi=99323374&_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&utm_content=99321731&utm_source=hs_email HTTP 301
https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pk3s5u6ff HTTP 302
https://yjrwsyyccc5ewx53y6hq-pk3s5u-287550bf9-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 41

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pk3s5u6ff HTTP 302
https://fiaqj6absjkbikqce3ygyaaaabp3xr4p-pk3s5u-4b39b38ce-clienttons-s.akamaihd.net/eum/results.txt

Request Chain 121

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 123

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

170 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VX8Rxp1bnQdlW8gX6Wn6vthnrW2C4PM94jbQWCN2jjSxX3p_9LV1-WJV7CgBTcW2-JHrH8xFjz5W5sNCvD5nwTk6F55xvFzGcp1W189blt6S8XPfW8MLHrR5K7kd8W7fRZPr65qVBRW7dCbdv2Pc6fCW3q6V0X1vkLtrW5ZSCn74dNnS9W7G9n916nbDtqW2B6PhK...
content.upguard.com/e2t/tc/ 9 KB
3 KB 371ms
209ms Document
text/html 199.60.103.28
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://content.upguard.com/e2t/tc/VX8Rxp1bnQdlW8gX6Wn6vthnrW2C4PM94jbQWCN2jjSxX3p_9LV1-WJV7CgBTcW2-JHrH8xFjz5W5sNCvD5nwTk6F55xvFzGcp1W189blt6S8XPfW8MLHrR5K7kd8W7fRZPr65qVBRW7dCbdv2Pc6fCW3q6V0X1vkLtrW5ZSCn74dNnS9W7G9n916nbDtqW2B6PhK6bbFl9VPWNKT9jRl2BVzYNv_3QP-gqW393bR_3xGm5hW3zNf7S8q-cqVW9fZTPB3PccjlW24xFwV5nTgYlW96-Ntm3lB9XmW22ggxN8sb6gMN4hxBH_rJWhDW5v6LHY8mmcntMxLR2HpP4N2W9kCcBc880p_bW8X7_Yv8nqPvFW1ks1_W5kLdwyW1m1s9l6vTq7bW5pnnxM6zF9TyW82_R2f3WJ_jc3g4j1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.28 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., GB),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: content.upguard.com
:scheme: https
:path: /e2t/tc/VX8Rxp1bnQdlW8gX6Wn6vthnrW2C4PM94jbQWCN2jjSxX3p_9LV1-WJV7CgBTcW2-JHrH8xFjz5W5sNCvD5nwTk6F55xvFzGcp1W189blt6S8XPfW8MLHrR5K7kd8W7fRZPr65qVBRW7dCbdv2Pc6fCW3q6V0X1vkLtrW5ZSCn74dNnS9W7G9n916nbDtqW2B6PhK6bbFl9VPWNKT9jRl2BVzYNv_3QP-gqW393bR_3xGm5hW3zNf7S8q-cqVW9fZTPB3PccjlW24xFwV5nTgYlW96-Ntm3lB9XmW22ggxN8sb6gMN4hxBH_rJWhDW5v6LHY8mmcntMxLR2HpP4N2W9kCcBc880p_bW8X7_Yv8nqPvFW1ks1_W5kLdwyW1m1s9l6vTq7bW5pnnxM6zF9TyW82_R2f3WJ_jc3g4j1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:37 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=dd52717d7d483161006783218e38537331606141837; expires=Wed, 23-Dec-20 14:30:37 GMT; path=/; domain=.content.upguard.com; HttpOnly; SameSite=Lax __cfruid=8105c1c03da38dfed51160103924a88fe1c59985-1606141837; path=/; domain=.content.upguard.com; HttpOnly; Secure; SameSite=None
cf-ray: 5f6b96d149d49d72-AMS
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 06971c96d100009d72478ff000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/
Redirect Chain

https://content.upguard.com/events/public/v1/track/tc/VX8Rxp1bnQdlW8gX6Wn6vthnrW2C4PM94jbQWCN2jjSxX3p_9LV1-WJV7CgBTcW2-JHrH8xFjz5W5sNCvD5nwTk6F55xvFzGcp1W189blt6S8XPfW8MLHrR5K7kd8W7fRZPr65qVBRW7dCb...
https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack?utm_campaign=newsletters-2020&utm_medium=email&_hsmi=99323374&_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz...
https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=9932337...

504 KB
142 KB

715ms
714ms

Document
text/html

2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email

Requested by

Host: content.upguard.com
URL: https://content.upguard.com/e2t/tc/VX8Rxp1bnQdlW8gX6Wn6vthnrW2C4PM94jbQWCN2jjSxX3p_9LV1-WJV7CgBTcW2-JHrH8xFjz5W5sNCvD5nwTk6F55xvFzGcp1W189blt6S8XPfW8MLHrR5K7kd8W7fRZPr65qVBRW7dCbdv2Pc6fCW3q6V0X1vkLtrW5ZSCn74dNnS9W7G9n916nbDtqW2B6PhK6bbFl9VPWNKT9jRl2BVzYNv_3QP-gqW393bR_3xGm5hW3zNf7S8q-cqVW9fZTPB3PccjlW24xFwV5nTgYlW96-Ntm3lB9XmW22ggxN8sb6gMN4hxBH_rJWhDW5v6LHY8mmcntMxLR2HpP4N2W9kCcBc880p_bW8X7_Yv8nqPvFW1ks1_W5kLdwyW1m1s9l6vTq7bW5pnnxM6zF9TyW82_R2f3WJ_jc3g4j1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9dc6d618cecada2f15dd725abc11d766529d6de7fb8a0664eb818dfc0e88412a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.zdnet.com
:scheme: https
:path: /article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fly_geo={"countryCode": "de"}; fly_device=desktop; fly_preferred_edition=eu; fly_default_edition=eu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://content.upguard.com/e2t/tc/VX8Rxp1bnQdlW8gX6Wn6vthnrW2C4PM94jbQWCN2jjSxX3p_9LV1-WJV7CgBTcW2-JHrH8xFjz5W5sNCvD5nwTk6F55xvFzGcp1W189blt6S8XPfW8MLHrR5K7kd8W7fRZPr65qVBRW7dCbdv2Pc6fCW3q6V0X1vkLtrW5ZSCn74dNnS9W7G9n916nbDtqW2B6PhK6bbFl9VPWNKT9jRl2BVzYNv_3QP-gqW393bR_3xGm5hW3zNf7S8q-cqVW9fZTPB3PccjlW24xFwV5nTgYlW96-Ntm3lB9XmW22ggxN8sb6gMN4hxBH_rJWhDW5v6LHY8mmcntMxLR2HpP4N2W9kCcBc880p_bW8X7_Yv8nqPvFW1ks1_W5kLdwyW1m1s9l6vTq7bW5pnnxM6zF9TyW82_R2f3WJ_jc3g4j1

Response headers

content-encoding: gzip
content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-type: text/html; charset=UTF-8
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
last-modified: Mon, 23 Nov 2020 14:30:38 GMT
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-tx-id: 0446970e-39e4-4884-8439-5e37047629e9
x-xss-protection: 1; mode=block
date: Mon, 23 Nov 2020 14:30:38 GMT
cache-control: max-age=5400, private
expires: Mon, 23 Nov 2020 16:00:38 GMT
vary: Accept-Encoding, User-Agent
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 145127

Redirect headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com;
content-type: text/html; charset=UTF-8
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
last-modified: Mon, 23 Nov 2020 14:30:37 GMT
location: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-tx-id: f50f17dd-8afb-4cc5-b7fd-c46693081119
x-xss-protection: 1; mode=block
date: Mon, 23 Nov 2020 14:30:37 GMT
cache-control: max-age=5400, private
expires: Mon, 23 Nov 2020 16:00:37 GMT
set-cookie: fly_geo={"countryCode": "de"}; max-age=604800; path=/; domain=.zdnet.com; Secure; fly_device=desktop; max-age=604800; path=/; domain=.zdnet.com; Secure; fly_preferred_edition=eu; path=/; domain=.zdnet.com; Secure; fly_default_edition=eu; path=/; domain=.zdnet.com; Secure;
vary: Accept-Encoding, User-Agent
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 10144

GET
H2 200 main-af19460416-rev.css
zdnet3.cbsistatic.com/fly/css/core/ 352 KB
59 KB 21ms
6ms Stylesheet
text/css 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/css/core/main-af19460416-rev.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

52828dfa3529d1c9daeed4a0706834537478c13874b064e7a7671185bed9812f

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17550
vary: Accept-Encoding, Accept
content-length: 59542
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Nov 2020 09:37:09 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "25db43778e7cc1c634f38ef4cb0318ea"
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Nov 2020 09:38:06 GMT

GET
H2 200 controls-6870d3c422-rev.css
zdnet2.cbsistatic.com/fly/css/video/htmlPlayerControls/ 19 KB
4 KB 20ms
6ms Stylesheet
text/css 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/css/video/htmlPlayerControls/controls-6870d3c422-rev.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

dfeddecaf8089d4325e7579019de8adeff79055f53ae4eb91db12aa6003e4376

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17545
vary: Accept-Encoding, Accept
content-length: 3956
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Nov 2020 09:37:10 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "2c3cebf7d623a21903ffd142870efa5d"
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Nov 2020 09:38:10 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 13 KB
5 KB 33ms
18ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d0d33ff3cbe6054d46a549c75a09323fc711113b82fde575003df837cb9f4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 23 Nov 2020 14:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jYDzNb7TDeiVgZ0wAySJVQ==
age: 2220
vary: Accept-Encoding
content-length: 4134
cf-request-id: 06971c9d130000d711e8bf9000000001
x-ms-lease-status: unlocked
last-modified: Mon, 23 Nov 2020 02:33:31 GMT
server: cloudflare
etag: 0x8D88F582ACD4707
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a4b9b703-b01e-004f-1a4c-c11cfe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f6b96db5bf3d711-FRA

GET
H2 200 optanon-v1.1.0.js Show response
cmg1.cbsistatic.com/privacy/optanon/ 36 KB
36 KB 7ms
6ms Script
text/javascript 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cmg1.cbsistatic.com/privacy/optanon/optanon-v1.1.0.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a0a97a5a7dc2b30e9a76ff211332f36d435293c19ed91ca1ad6a66adc1dc50cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=900
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:38 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 05 Nov 2020 17:51:25 GMT
server: ContentServer
age: 1542558
etag: "46e2aa30cbebb708b5fc468d57d56d8b"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: public, max-age=604800
x-content-type-options: nosniff
strict-transport-security: max-age=900
accept-ranges: bytes
content-length: 36582
x-xss-protection: 1; mode=block
expires: Thu, 05 Nov 2020 19:01:20 GMT

GET
H2 200 catalin-cimpanu.jpg
zdnet3.cbsistatic.com/hub/i/r/2018/08/21/a59867e9-8d75-40af-a87c-690638f8afa4/thumbnail/40x40/e9e4d21a35e101b1402c656cf979114c/ 909 B
1016 B 7ms
5ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2018/08/21/a59867e9-8d75-40af-a87c-690638f8afa4/thumbnail/40x40/e9e4d21a35e101b1402c656cf979114c/catalin-cimpanu.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7cd54b3c177c3f63dd51c2dae4ef7ca4e3cd938c1afb60e4b4e9d78df952ac75

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1188933
vary: Accept-Encoding, Accept
content-length: 871
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Aug 2020 16:49:51 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"eea6e0b6dedefcdd0e40680af3f9f5c0"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Jan 2021 20:15:00 GMT

GET
H2 200 mattel.jpg
zdnet1.cbsistatic.com/hub/i/2020/11/04/101f4598-8d4d-443a-8c3f-513ba805cf85/ 227 KB
143 KB 8ms
7ms Image
image/jpeg 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/2020/11/04/101f4598-8d4d-443a-8c3f-513ba805cf85/mattel.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

e425d6fd5a56a45ccc953216686f8e3f6f02408cf3894cf377199d60d10290e6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-goog-meta-imagewidth: 1000
age: 1188728
x-goog-meta-imageheight: 500
x-goog-meta-imageformat: jpeg
vary: Accept-Encoding, Accept
content-length: 145626
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Nov 2020 00:45:11 GMT
server: ContentServer
etag: W/"5c60461ecfc926d41b367093b56959de"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-goog-meta-contentlength: 232519
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Jan 2021 20:15:42 GMT

GET
H2 200 sf-cybersec-thumb.jpg
zdnet3.cbsistatic.com/hub/i/r/2018/04/03/5fe81160-2733-438a-840f-2ad18509ed07/resize/220x165/4e314d9a39ad63e12091730f7254a28d/ 33 KB
21 KB 7ms
6ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2018/04/03/5fe81160-2733-438a-840f-2ad18509ed07/resize/220x165/4e314d9a39ad63e12091730f7254a28d/sf-cybersec-thumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

82f1cc1238504fd9d95f1b80c97f979ad9616a3145e22e639991e12ab19b06c3

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1188874
vary: Accept-Encoding, Accept
content-length: 21416
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Aug 2020 17:15:09 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"d0440316ae8c2c92d8a758288f4e7fd2"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Jan 2021 20:16:02 GMT

GET
H2 200 require-2.1.2.js Show response
zdnet2.cbsistatic.com/fly/js/libs/ 16 KB
6 KB 7ms
6ms Script
application/javascript 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11526
vary: Accept-Encoding, Accept
content-length: 6169
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Nov 2020 09:37:07 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "4109329246fc0f80fed87303509bd457"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Nov 2020 11:18:31 GMT

GET
H/1.1 200
OK YZ2TK-PC7PJ-K64DL-L53CR-P2G4E Show response
c.go-mpulse.net/boomerang/ Frame B505 202 KB
51 KB 23ms
9ms Script
application/javascript 2a02:26f0:6c00:19a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:19a::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Akamai Resource Optimizer /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 14:30:38 GMT
Content-Encoding: br
Last-Modified: Tue, 10 Nov 2020 10:15:28 GMT
Server: Akamai Resource Optimizer
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, s-maxage=604800
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 51580

GET
DATA 200
OK truncated
/ 31 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 917 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 mag-white01.png
zdnet3.cbsistatic.com/fly/1606124051-asset/bundles/zdnetcss/images/core/ 1 KB
1 KB 7ms
6ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/fly/1606124051-asset/bundles/zdnetcss/images/core/mag-white01.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/css/core/main-af19460416-rev.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet3.cbsistatic.com/fly/css/core/main-af19460416-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:38 GMT
x-content-type-options: nosniff
age: 17544
vary: Accept-Encoding, Accept
content-length: 1265
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Nov 2020 09:37:18 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Nov 2020 09:38:06 GMT

GET
H2 200 logo.png
zdnet1.cbsistatic.com/fly/1606124051-asset/bundles/zdnetcss/images/core/ 4 KB
4 KB 6ms
5ms Image
image/png 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/fly/1606124051-asset/bundles/zdnetcss/images/core/logo.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/css/core/main-af19460416-rev.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet3.cbsistatic.com/fly/css/core/main-af19460416-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:38 GMT
x-content-type-options: nosniff
age: 17543
vary: Accept-Encoding, Accept
content-length: 4105
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Nov 2020 18:10:42 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Nov 2020 09:18:41 GMT

GET
H2 200 Semibold.woff2
zdnet3.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/ 20 KB
20 KB 19ms
6ms Font
font/woff2 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/Semibold.woff2

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/css/core/main-af19460416-rev.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.zdnet.com
Referer: https://zdnet3.cbsistatic.com/fly/css/core/main-af19460416-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:38 GMT
x-content-type-options: nosniff
age: 1373328
vary: Accept-Encoding, Accept
content-length: 20344
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Nov 2020 17:19:14 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "a96ff4477074c6395b7305d2d98fde8e"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Sun, 07 Nov 2021 17:00:51 GMT

GET
H2 200 Regular.woff2
zdnet3.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/ 20 KB
20 KB 20ms
7ms Font
font/woff2 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/Regular.woff2

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/css/core/main-af19460416-rev.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.zdnet.com
Referer: https://zdnet3.cbsistatic.com/fly/css/core/main-af19460416-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:38 GMT
x-content-type-options: nosniff
age: 5152124
vary: Accept-Encoding, Accept
content-length: 20256
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Sep 2020 15:27:12 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "2d636d9395b2da27ce67040250333ca4"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
expires: Fri, 24 Sep 2021 23:15:07 GMT

GET
H2 200 e70f246a-fd9b-4805-9fd4-fcd89020aca5.json Show response
cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/ 3 KB
2 KB 46ms
33ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/e70f246a-fd9b-4805-9fd4-fcd89020aca5.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0844bd3c4baeabefa82df5e7dab5789c384a63f93799d25d325923c87941b79b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 23 Nov 2020 14:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /OEOyq06PFOqP2wdlgJHyA==
age: 6904
vary: Accept-Encoding
content-length: 1219
cf-request-id: 06971c9dab00009724da18d000000001
x-ms-lease-status: unlocked
last-modified: Thu, 29 Oct 2020 19:43:56 GMT
server: cloudflare
etag: 0x8D87C42F9703542
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6713cf80-201e-010a-3869-b6873a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f6b96dc4bf69724-FRA

GET
H2 200 nr-1184.min.js Show response
js-agent.newrelic.com/ 27 KB
11 KB 138ms
45ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1184.min.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:38 GMT
content-encoding: gzip
x-amz-request-id: A21809B1C987C063
x-cache: HIT
content-length: 10624
x-amz-id-2: 5/0iWHe8AbcxZN6Jo3BmJ2Q+tztfRSNwr+lcNTrsM79nJm6KurTN6rNwf14f8ELquc1TIDOjlf4=
x-served-by: cache-hhn4053-HHN
last-modified: Mon, 28 Sep 2020 16:34:45 GMT
server: AmazonS3
x-timer: S1606141839.882148,VS0,VE0
etag: "3d7f312be60d08a2568e311e4762f3af"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 38307

GET
H2 200 main.default.js Show response
zdnet3.cbsistatic.com/fly/e8033f-fly/js/ 753 KB
227 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/e8033f-fly/js/main.default.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

727e2cb4c77abe8c29b0e78cdc4413e85a27172a133d44a5e70c756564d7295f

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17551
vary: Accept-Encoding, Accept
content-length: 231709
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Nov 2020 09:37:01 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "e6e8e2b437d3cea16fce3878347530f9"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Nov 2020 09:38:06 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame B505 2 KB
1 KB 57ms
44ms XHR
application/json 2a02:26f0:6c00:19a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&d=www.zdnet.com&t=5353806&v=1.632.0&if=&sl=0&si=k7bv7w4ohz-qk96z3&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=
Requested by: Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:19a::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 1a09d0f4af8194ad4d95da43041cc05e9a17946f699eb0316278f1b02564e5f2

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 14:30:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 847

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
515 B 48ms
35ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0cc0930a1ab7e9ae754783576228f3c32caa07605236711cf81035f3f45f0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:38 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5f6b96dc9eb73258-FRA
cf-request-id: 06971c9ddc00003258bc335000000001

OPTIONS
H2 200 diff
at.cbsi.com/lib/api/v1/zdnet/prod/config/ Frame 0
0 269ms
153ms Other
text/html 151.101.65.188
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://at.cbsi.com/lib/api/v1/zdnet/prod/config/diff

Protocol

Server

151.101.65.188 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cat,content-type,variant,version
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.zdnet.com
access-control-allow-headers: *
allow: GET,HEAD
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
x-cloud-trace-context: ae1f7d71f5e4e0a788c9ec4f9053808e
server: Google Frontend
accept-ranges: bytes
date: Mon, 23 Nov 2020 14:30:39 GMT
via: 1.1 varnish
x-served-by: cache-hhn4034-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1606141839.009882,VS0,VE100
vary: Accept-Encoding
x-abtest: none
strict-transport-security: max-age=300
content-length: 8

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/ 179 KB
40 KB 144ms
47ms Script
text/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Requested by: Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/e8033f-fly/js/main.default.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ab4b2e2145ab40e79cc2648a3a3240af612a1a832a183f58cea80747b1e49f7

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 14:30:38 GMT
Content-Encoding: gzip
Age: 2847
X-Cache: HIT
Connection: keep-alive
Content-Length: 40201
x-amz-id-2: BqQTIisBvghphfpEOMVBvvE8BNMJ6LYM0dU4vtaD2emkwtLYZi59juBfHT7FcSdFNFK+iRA5CFQ=
X-Served-By: cache-fra19122-FRA
Last-Modified: Mon, 23 Nov 2020 12:47:25 GMT
Server: AmazonS3
X-Timer: S1606141839.976063,VS0,VE0
ETag: "aae5284cc8e762e52958c67247365211"
x-amz-request-id: 6C59ABAEB40B2935
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 194

GET
H2 200 diff Show response
at.cbsi.com/lib/api/v1/zdnet/prod/config/ 17 KB
4 KB 54ms
53ms Fetch
application/json 151.101.65.188
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://at.cbsi.com/lib/api/v1/zdnet/prod/config/diff

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/e8033f-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.188 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e3689639e8feff607d84663ebcbcf834cdebc11ec9129345587086a28eeb88de

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
cat: FaINTTd9d
Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
version: v2.19.2
variant: core
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

x-abtest: none
date: Mon, 23 Nov 2020 14:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250
x-dns-prefetch-control: off
x-cache: HIT
ttl: 900s
content-length: 3743
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4034-HHN
access-control-allow-origin: https://www.zdnet.com
server: Google Frontend
x-timer: S1606141839.163866,VS0,VE0
x-frame-options: SAMEORIGIN
etag: W/3bfd888ba928bf90a2b6f643b16288bcbbacb75a
x-download-options: noopen
vary: Accept-Encoding, Origin
strict-transport-security: max-age=300
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 8f54cc7e387d37e8215a2d17e85da0a7
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 2

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
18 KB 154ms
53ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/e8033f-fly/js/main.default.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

b9ba39b5cbc0e5d0c08c16b14acaf33f297c0a854b7e22f376af3e9050f2d553

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "702 / 190 of 1000 / last-modified: 1606134076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18520
x-xss-protection: 0
expires: Mon, 23 Nov 2020 14:30:39 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.7.0/ 338 KB
72 KB 16ms
15ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1e3d87e5966b1193f8e51bec035a9de6de1c02243deb8f2b9bd280a67715112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 23 Nov 2020 14:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 39GJ8QXxSjBaTmaIgt+tLg==
age: 2195
vary: Accept-Encoding
content-length: 73268
cf-request-id: 06971c9e320000d711c30a1000000001
x-ms-lease-status: unlocked
last-modified: Fri, 09 Oct 2020 06:35:45 GMT
server: cloudflare
etag: 0x8D86C1D8DA49AF8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1bed58e2-101e-0049-4551-b6eb86000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f6b96dd181fd711-FRA

GET
H2 200 urs.js Show response
urs.zdnet.com/sdk/ 50 KB
50 KB 273ms
160ms Script
application/javascript 34.102.213.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://urs.zdnet.com/sdk/urs.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.213.242 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

242.213.102.34.bc.googleusercontent.com

Software

Resource Hash

fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
via: 1.1 google
last-modified: Mon, 13 Apr 2020 17:57:02 GMT
etag: "5e94a7ee-c803"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
accept-ranges: bytes
alt-svc: clear
content-length: 51203

GET
H/1.1 200
OK NRJS-04e0f5db0886b3b33ff Show response
bam-cell.nr-data.net/1/ 57 B
646 B 338ms
190ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/NRJS-04e0f5db0886b3b33ff?a=450235099&v=1184.ab39b52&to=ZFMHbUMCXktYWxJZX10ZJFpFCl9WFlkURFlQWgBmQgpeX1Vd&rst=1612&ck=1&ref=https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/&ap=436&be=1261&fe=1454&dc=1400&perf=%7B%22timing%22:%7B%22of%22:1606141837312,%22n%22:0,%22f%22:532,%22dn%22:532,%22dne%22:532,%22c%22:532,%22ce%22:532,%22rq%22:533,%22rp%22:1247,%22rpe%22:1260,%22dl%22:1252,%22di%22:1400,%22ds%22:1400,%22de%22:1400,%22dc%22:1454,%22l%22:1454,%22le%22:1454%7D,%22navigation%22:%7B%7D%7D&fp=1405&fcp=1405&at=SBQQGwsYTRQbWUQKS05L&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 14:30:39 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 5f6b96de6a381eda-AMS
cf-request-id: 06971c9efc00001eda3d9fe000000001
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 mpulse-1.0.2.js Show response
zdnet1.cbsistatic.com/fly/js/libs/ 61 KB
12 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276660
vary: Accept-Encoding, Accept
content-length: 12449
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Nov 2020 18:10:31 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "466cc1a6673c4cdbd42589de01cfe450"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Nov 2020 09:39:38 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/a652efb7-f570-4ba9-a221-2753b7eb30e8/ 60 KB
14 KB 19ms
19ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/a652efb7-f570-4ba9-a221-2753b7eb30e8/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ce8d3bfed7339952b7f3a4143df2e3867ab6ea6555d95d3bd44087d4f672bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 23 Nov 2020 14:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zmR4HzWDnD/K8NKWX2k29A==
age: 5531
vary: Accept-Encoding
content-length: 14179
cf-request-id: 06971c9e5600009724d03e9000000001
x-ms-lease-status: unlocked
last-modified: Thu, 29 Oct 2020 19:43:59 GMT
server: cloudflare
etag: 0x8D87C42FB4B3E93
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 49f866d8-c01e-0144-5e0a-b442df000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f6b96dd5cb49724-FRA

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/v2/ 2 KB
1 KB 39ms
39ms XHR
application/json 2a02:26f0:6c00:19a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/v2/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&t=1606141838954&s=de79047c78ebfb00cca4f26c62cf4a0a136034bea4c79524f2144e91b9489226
Requested by: Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:19a::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: cb8e91af5e4fcfae2ecebeb8a97ee628ee411bc1b0b2e63c8ac0c990ce11ecf5

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 14:30:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 857

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.7.0/assets/ 12 KB
4 KB 12ms
12ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.7.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06b10167b8d0ac41c1b681a2cce2977f08c4bb49f3261d7ff2fce60b0e59f7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 23 Nov 2020 14:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 6g5s6eICehvPXWb9nycIcQ==
age: 5382
vary: Accept-Encoding
content-length: 3328
cf-request-id: 06971c9e7500009724b787e000000001
x-ms-lease-status: unlocked
last-modified: Fri, 09 Oct 2020 06:35:38 GMT
server: cloudflare
etag: 0x8D86C1D890DBAF3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6f0ee0a3-601e-0046-6d17-b30670000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f6b96dd8cd59724-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.7.0/assets/v2/ 45 KB
11 KB 26ms
26ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.7.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c269c820bb1f57a535cbc2b61ddbd902ef33364e5fd1f827ecaccbd1831c1d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 23 Nov 2020 14:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: VdPW9mUL+ZgJ7oO59gDKyw==
age: 963
vary: Accept-Encoding
content-length: 11094
cf-request-id: 06971c9e7500009724d5986000000001
x-ms-lease-status: unlocked
last-modified: Fri, 09 Oct 2020 06:35:40 GMT
server: cloudflare
etag: 0x8D86C1D8A75F320
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 743ef2b2-401e-0037-71d4-b47449000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f6b96dd8cd79724-FRA

GET
H2 200 ;ord=1606141839086
ad.doubleclick.net/ddm/ad/yilc/olqq/otokmny/ 43 B
632 B 155ms
55ms Image
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/ad/yilc/olqq/otokmny/;ord=1606141839086?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 14:30:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

results.txt Show response
yjrwsyyccc5ewx53y6hq-pk3s5u-287550bf9-clientnsv4-s.akamaihd.net/eum/ Frame B505
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pk3s5u6ff
https://yjrwsyyccc5ewx53y6hq-pk3s5u-287550bf9-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

173ms
50ms

XHR
text/plain

23.55.163.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://yjrwsyyccc5ewx53y6hq-pk3s5u-287550bf9-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.55.163.4 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-55-163-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 14:30:39 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://yjrwsyyccc5ewx53y6hq-pk3s5u-287550bf9-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Mon, 23 Nov 2020 14:30:39 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaqj6absjkbikqce3ygyaaaabp3xr4p-pk3s5u-4b39b38ce-clienttons-s.akamaihd.net/eum/ Frame B505
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pk3s5u6ff
https://fiaqj6absjkbikqce3ygyaaaabp3xr4p-pk3s5u-4b39b38ce-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

50ms
6ms

XHR
text/plain

2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqj6absjkbikqce3ygyaaaabp3xr4p-pk3s5u-4b39b38ce-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba19 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 14:30:39 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaqj6absjkbikqce3ygyaaaabp3xr4p-pk3s5u-4b39b38ce-clienttons-s.akamaihd.net/eum/results.txt
Date: Mon, 23 Nov 2020 14:30:39 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt/202011171659/ 164 KB
53 KB 48ms
47ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011171659/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 565987a1d366f4f97f9fc987a96d6ef3db20bed171589a03968bded4bd38a41a

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 14:30:39 GMT
Content-Encoding: gzip
Age: 697
X-Cache: HIT
Connection: keep-alive
Content-Length: 53538
x-amz-id-2: f+VFIpbT0vyzLAsCl6Cq3TudJvb78FwA/+AmxZDp+6KnMPlPQJiIplJ8bRkB/z30vf6bQwOSi8Q=
X-Served-By: cache-fra19122-FRA
Last-Modified: Wed, 18 Nov 2020 17:03:05 GMT
Server: AmazonS3
X-Timer: S1606141839.184154,VS0,VE0
ETag: "53928e26336f384df2d32f911e88a0da"
x-amz-request-id: 14CE28B8D447706F
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 672

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/prebid/202011171659/ 68 KB
23 KB 120ms
47ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202011171659/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 487c0c467355b47e27c90679fdb5d43d7b90d6ae36b7b95ec0e31f5c3a17f950

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 14:30:39 GMT
Content-Encoding: gzip
Age: 693
X-Cache: HIT
Connection: keep-alive
Content-Length: 23314
x-amz-id-2: kKNjpnK2y+bf67VbDe5WkUehSPTe46kzKi6wOpUQPTckgA9u0x/h0vDoENpoSowPwxI39FQZZMs=
X-Served-By: cache-fra19122-FRA
Last-Modified: Wed, 18 Nov 2020 17:03:07 GMT
Server: AmazonS3
X-Timer: S1606141839.256272,VS0,VE0
ETag: "4d29cae717c1d46d24406f839d5c5fea"
x-amz-request-id: 768D31CBEF61C7AC
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 679

GET
H3-Q050 200 pubads_impl_2020111701.js Show response
securepubads.g.doubleclick.net/gpt/ 277 KB
98 KB 121ms
68ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

68963209b16bd2a387c310495d51021d2fc57e5df9cb87ac98a0505c0daeca43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Nov 2020 09:43:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99766
x-xss-protection: 0
expires: Mon, 23 Nov 2020 14:30:39 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/cbsprebidheader506831276743/ 227 KB
78 KB 145ms
47ms Script
application/x-javascript 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Requested by: Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/e8033f-fly/js/main.default.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 602fab312dd82ffb14508d0e186e809e1e27c55a6e62adf5769a9318dc84ce2f

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 21:33:52 GMT
server: AmazonS3
x-amz-request-id: 80EFD6EBC4C81564
etag: "6854e8f5c7ee7172d6d2fe20d9d27f10"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=26842
accept-ranges: bytes
content-length: 79827
x-amz-id-2: bOsr8pBp79PAn1iizcv7/DRObRMK4wWiUq2H2zS8heFYqjsl5987orYr04aYzGTUQQ/fQ8BnUoc=

GET
H2 200 article-ea6d078f02-rev.js Show response
zdnet4.cbsistatic.com/fly/js/pages/ 145 KB
39 KB 9ms
7ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/js/pages/article-ea6d078f02-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

e6e583553cbb5a7bdf3446558cdf29802cda247ce1d63693633b3d74eb749d8e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 503764
vary: Accept-Encoding, Accept
content-length: 39119
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Nov 2020 17:08:33 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "25a4da7bfdd253db9556ff2c6030da84"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Nov 2020 18:34:34 GMT

GET
H2 200 CBSI-PLAYER.js Show response
vidtech.cbsinteractive.com/uvpjs/0.42.297/ 1 MB
281 KB 31ms
8ms Script
application/javascript 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidtech.cbsinteractive.com/uvpjs/0.42.297/CBSI-PLAYER.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
via: 1.1 varnish, 1.1 varnish
age: 2788484
x-cache: HIT, HIT
content-encoding: gzip
content-length: 286838
x-amz-id-2: n53ElNB5hVnkR9qh4cUlg2SOjOhm/ieDwTiWMKEbKvjjvzF40ZAJ27jUeh6G5dcSTKOWVVqV9Rw=
x-served-by: cache-dca17740-DCA, cache-fra19160-FRA
last-modified: Fri, 01 Feb 2019 18:20:56 GMT
server: AmazonS3
x-timer: S1606141839.392979,VS0,VE1
etag: "eb5dd4ed3dcb7641ebbcb604d7ddb038"
vary: Accept-Encoding
x-amz-request-id: 798034E8713D8B8D
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 2, 1

GET
H2 200 / Show response
www.zdnet.com/components/breaking-news/xhr/ 1 KB
624 B 139ms
138ms XHR
application/json 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/components/breaking-news/xhr/?slug=breaking-news-banner

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/e8033f-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3a4a0cd9fba1b85eaa8fc1222f0965fd563dd5631a07ab1c2dff170f1d0bc6e8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 23 Nov 2020 14:21:22 GMT
x-frame-options: SAMEORIGIN
date: Mon, 23 Nov 2020 14:30:39 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
vary: Accept-Encoding, User-Agent
x-tx-id: f7e9f4d1-1c34-46e0-835d-770a4c0512b7
content-type: application/json
cache-control: max-age=5400, private
accept-ranges: bytes
expires: Mon, 23 Nov 2020 15:51:22 GMT

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 109 B
803 B 40ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 14:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 36ms
16ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 14:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 201 KB
39 KB 1112ms
1112ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2822894557790653&correlator=295501291858921&output=ldjh&impl=fifs&eid=21068727%2C21068750%2C21068418%2C21068811&vrg=2020111701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201123&iu_parts=8264%2Cuk-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=5x5%2C728x90%7C970x250%7C970x66%2C300x250%7C300x600%7C300x1050%2C300x250%2C371x771%2C320x50%7C11x11%2C300x250%2C728x90%7C970x250%7C970x66&fluid=0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0&prev_scp=pos%3Dnav%26sl%3Dnav-ad%253FT-1000%7Cpos%3Dtop%26sl%3Dleader-plus-top%253FT-1000%7Cpos%3Dtop%26sl%3Dmpu-plus-top%253FT-1000%7Cpos%3Dmiddle%26sl%3Dmpu-middle%253FT-1000%7Cpos%3Dtop%26sl%3Ddynamic-showcase-top%253FT-1000%7Cpos%3Dtop%26strnativekey%3D8ec3a4f3%26sl%3Dsharethrough-top%253FT-1000%7Cpos%3Dbottom%26sl%3Dmpu-bottom%253FT-1000%7Cpos%3Dbottom%26sl%3Dleader-plus-bottom%253FT-1000&eri=1&cust_params=buyingcycle%3Ddiscover%26topic%3Dsecurity%26mfr%3Dmattel-inc%26tag%3Dransomware%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dtoy-maker-mattel-discloses-ransomware-attack%26env%3Dprod%26user%3Danon%26userGroup%3Dfirst_impression%26type%3Dgpt%26region%3Duk%26subses%3D6%26session%3Da%26pv%3D1%26vguid%3D53e8a26a-feaa-44e9-a58b-d8aa6c8c1450&cookie_enabled=1&bc=31&abxe=1&lmt=1606141838&dt=1606141839461&dlt=1606141838564&idt=847&frm=20&biw=1600&bih=1200&oid=3&adxs=0%2C-20%2C1050%2C1050%2C1015%2C215%2C1050%2C436&adys=0%2C280%2C400%2C2419%2C1618%2C1687%2C3301%2C3601&adks=2072725681%2C3581870410%2C1925781520%2C3289239044%2C3970605601%2C2484431570%2C3509234736%2C519614694&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&dssz=35&icsg=2147485736&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x4061%7C1600x90%7C370x250%7C370x250%7C370x771%7C770x11%7C370x250%7C1210x90&msz=1600x5%7C1600x90%7C370x250%7C370x250%7C370x771%7C770x11%7C370x250%7C1210x90&ga_vid=1338839218.1606141839&ga_sid=1606141839&ga_hid=1684204287&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

3216b8728454cd4e9b83b64154fa8df2ddc3dd0a921c813e8ce3f485cc33bc53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39479
x-xss-protection: 0
google-lineitem-id: 4745699004,-1,4745571990,-1,4825966980,4745189935,-1,4745696286
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138245072116,-1,138247985738,-1,138247024569,138239344475,-1,138239338263
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
559abf2ac226b0e9a1825107f9741d70.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 106ms
40ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://559abf2ac226b0e9a1825107f9741d70.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 image-gallery-modal-426b98fe1d-rev.js Show response
zdnet1.cbsistatic.com/fly/js/components/ 5 KB
2 KB 7ms
7ms Script
application/javascript 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/components/image-gallery-modal-426b98fe1d-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

744ae87db00be85a6a482a3e8036f81aafaa7754be29b05a2330d0fbc8fea803

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329201
vary: Accept-Encoding, Accept
content-length: 1860
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Nov 2020 18:10:37 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "d52e85ba65e246e80154e01e5159303a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Nov 2020 19:03:57 GMT

GET
H2 200 screenshot-2019-06-05-at-13-39-10.png
zdnet3.cbsistatic.com/hub/i/r/2019/06/05/7a1f359d-13f2-4409-bfe9-cc2d8f752f23/thumbnail/170x128/3131d0e3112492e37821163f0f0292b8/ 46 KB
46 KB 8ms
7ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2019/06/05/7a1f359d-13f2-4409-bfe9-cc2d8f752f23/thumbnail/170x128/3131d0e3112492e37821163f0f0292b8/screenshot-2019-06-05-at-13-39-10.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

192c6e1ec42dc4aee608bae2b611495427b006930759bdb7fc355c3483799297

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1155825
vary: Accept-Encoding, Accept
content-length: 47057
x-xss-protection: 1; mode=block
last-modified: Mon, 24 Aug 2020 21:59:18 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"ffadbdd57a6bc0b4343de66cfcb2af27"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Jan 2021 05:26:54 GMT

GET
H2 200 screenshot-2019-06-05-at-13-40-33.png
zdnet1.cbsistatic.com/hub/i/r/2019/06/05/be5a4878-0da9-4682-a256-20516e123752/thumbnail/170x128/a7def579f1487a50cce886ec9f934e57/ 36 KB
36 KB 7ms
6ms Image
image/png 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2019/06/05/be5a4878-0da9-4682-a256-20516e123752/thumbnail/170x128/a7def579f1487a50cce886ec9f934e57/screenshot-2019-06-05-at-13-40-33.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ae7d52f46fede815d7fcdb1d2415d7ff18f05eb651acdfa70ccb8b9d7cf53e81

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1168079
vary: Accept-Encoding, Accept
content-length: 36606
x-xss-protection: 1; mode=block
last-modified: Mon, 24 Aug 2020 21:59:18 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"3ade0bf94b844239b81f6da9a61136d5"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Jan 2021 20:22:57 GMT

GET
H2 200 disqus-loader-e3cab293df-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 1 KB
788 B 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/disqus-loader-e3cab293df-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

2b1068aa007abf0e405b0840844c67718204a0073dc392337d78427a0dba6854

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 528382
vary: Accept-Encoding, Accept
content-length: 667
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Nov 2020 17:08:32 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "eac3a26f962835dccb7790960dc0a8fb"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Nov 2020 11:44:16 GMT

GET
H2 200 20120314-google-chrome-lapel-pin-4sts-011.jpg
zdnet4.cbsistatic.com/hub/i/r/2019/12/10/f5f6e56d-93cd-4542-a6b9-f1caf732ad8e/thumbnail/170x128/c1f4a11dbab9df6fa097dcfc2b0f8220/ 8 KB
8 KB 8ms
6ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/12/10/f5f6e56d-93cd-4542-a6b9-f1caf732ad8e/thumbnail/170x128/c1f4a11dbab9df6fa097dcfc2b0f8220/20120314-google-chrome-lapel-pin-4sts-011.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ac357eec1b219695bc2451c0ce5647eee0af960beee698f90b06de1d8246945c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
x-content-type-options: nosniff
age: 93269
vary: Accept-Encoding, Accept
content-length: 7701
x-xss-protection: 1; mode=block
last-modified: Thu, 03 Sep 2020 06:41:54 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"0482777da787a4d0b86266536af063be"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Jan 2021 12:36:10 GMT

GET
H2 200 manchesterunited.jpg
zdnet2.cbsistatic.com/hub/i/r/2020/11/21/dcf85201-634d-4d43-9314-af45bc9b98aa/thumbnail/170x128/b97b4a84a513e973167486bb1e657c2f/ 9 KB
9 KB 9ms
8ms Image
image/jpeg 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2020/11/21/dcf85201-634d-4d43-9314-af45bc9b98aa/thumbnail/170x128/b97b4a84a513e973167486bb1e657c2f/manchesterunited.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

2a2e21ebff85f5dd9baa3466c6c15c966d40b61aeee43c24198d44e58ec358bc

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
x-content-type-options: nosniff
age: 151505
vary: Accept-Encoding, Accept
content-length: 9136
x-xss-protection: 1; mode=block
last-modified: Sat, 21 Nov 2020 20:25:35 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"e2434976a8942bb377c2296a590c06b8"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jan 2021 20:25:35 GMT

GET
H2 200 microsoft-defender-atp-now-scans-windows-5eef8de69c89f47042ec66fd-1-jun-23-2020-12-00-14-poster.jpg
zdnet2.cbsistatic.com/hub/i/r/2020/06/23/d9ca865a-9aff-4323-abdc-3ec5c014499b/thumbnail/170x128/3f30f04d9c3c27fbf20b7bb5b0338560/ 3 KB
4 KB 8ms
7ms Image
image/jpeg 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2020/06/23/d9ca865a-9aff-4323-abdc-3ec5c014499b/thumbnail/170x128/3f30f04d9c3c27fbf20b7bb5b0338560/microsoft-defender-atp-now-scans-windows-5eef8de69c89f47042ec66fd-1-jun-23-2020-12-00-14-poster.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f00df8e12274e9bb8818b7b81abbf250dbffacd503c5ca5533df1ac0185c54ed

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 975372
vary: Accept-Encoding, Accept
content-length: 3478
x-xss-protection: 1; mode=block
last-modified: Mon, 24 Aug 2020 15:48:57 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"ef0814c8b4db6a263c73dbfd576faeea"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Jan 2021 01:54:32 GMT

GET
H2 200 drupal-logo.jpg
zdnet4.cbsistatic.com/hub/i/r/2019/02/26/cd0f9fdd-2428-49a3-a125-3f92feec1efe/thumbnail/170x128/ef68d7610c5b2869cec5999ada0f6bcd/ 4 KB
4 KB 8ms
7ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/02/26/cd0f9fdd-2428-49a3-a125-3f92feec1efe/thumbnail/170x128/ef68d7610c5b2869cec5999ada0f6bcd/drupal-logo.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7a3e584fe82301b250cd97ebfaf70438c214378a0e5b2c95c5f80c29ec108898

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
x-content-type-options: nosniff
age: 246881
vary: Accept-Encoding, Accept
content-length: 3608
x-xss-protection: 1; mode=block
last-modified: Fri, 20 Nov 2020 17:55:50 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"9313b50ac937c0c2d356b92b007542eb"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jan 2021 17:55:54 GMT

GET
H2 200 / Show response
www.zdnet.com/newsletter/xhr/widget-login/ 2 KB
976 B 149ms
149ms XHR
application/json 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/newsletter/xhr/widget-login/?topic=security

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/e8033f-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

17546b1db18a537c923e612ad42af892a2b56d8f374d15549b37500fbd67c869

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Mon, 23 Nov 2020 14:30:39 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
x-tx-id: 50e8e417-75d3-4c3a-8b59-44f0427e9343
content-type: application/json
cache-control: no-cache
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-xss-protection: 1; mode=block

GET
H2 200 front-door-carousel-d989216481-rev.js Show response
zdnet1.cbsistatic.com/fly/js/components/ 5 KB
2 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/components/front-door-carousel-d989216481-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a0aa48808ddef7604ba969db62e4af3a2ba001b7a8751823cf0ab2d430308ea5

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329363
vary: Accept-Encoding, Accept
content-length: 1542
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Nov 2020 18:10:37 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "15b374003241d75f16514aad8cfd3520"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Nov 2020 19:01:15 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/12/10/f5f6e56d-93cd-4542-a6b9-f1caf732ad8e/thumbnail/170x128/c1f4a11dbab9df6fa097dcfc2b0f8220/20120314-google-chrome-lapel-pin-4sts-011.jpg

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/e8033f-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ac357eec1b219695bc2451c0ce5647eee0af960beee698f90b06de1d8246945c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
x-content-type-options: nosniff
age: 93269
vary: Accept-Encoding, Accept
content-length: 7701
x-xss-protection: 1; mode=block
last-modified: Thu, 03 Sep 2020 06:41:54 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"0482777da787a4d0b86266536af063be"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Jan 2021 12:36:10 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/02/26/cd0f9fdd-2428-49a3-a125-3f92feec1efe/thumbnail/170x128/ef68d7610c5b2869cec5999ada0f6bcd/drupal-logo.jpg

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/e8033f-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7a3e584fe82301b250cd97ebfaf70438c214378a0e5b2c95c5f80c29ec108898

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
x-content-type-options: nosniff
age: 246881
vary: Accept-Encoding, Accept
content-length: 3608
x-xss-protection: 1; mode=block
last-modified: Fri, 20 Nov 2020 17:55:50 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"9313b50ac937c0c2d356b92b007542eb"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jan 2021 17:55:54 GMT

GET
H2 200 microsoft-defender-atp-now-scans-windows-5eef8de69c89f47042ec66fd-1-jun-23-2020-12-00-14-poster.jpg
zdnet2.cbsistatic.com/hub/i/r/2020/06/23/d9ca865a-9aff-4323-abdc-3ec5c014499b/thumbnail/170x128/3f30f04d9c3c27fbf20b7bb5b0338560/ 3 KB
3 KB 6ms
6ms Image
image/jpeg 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/e8033f-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f00df8e12274e9bb8818b7b81abbf250dbffacd503c5ca5533df1ac0185c54ed

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 975372
vary: Accept-Encoding, Accept
content-length: 3478
x-xss-protection: 1; mode=block
last-modified: Mon, 24 Aug 2020 15:48:57 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"ef0814c8b4db6a263c73dbfd576faeea"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Jan 2021 01:54:32 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2020/11/21/dcf85201-634d-4d43-9314-af45bc9b98aa/thumbnail/170x128/b97b4a84a513e973167486bb1e657c2f/manchesterunited.jpg

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/e8033f-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

2a2e21ebff85f5dd9baa3466c6c15c966d40b61aeee43c24198d44e58ec358bc

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
x-content-type-options: nosniff
age: 151505
vary: Accept-Encoding, Accept
content-length: 9136
x-xss-protection: 1; mode=block
last-modified: Sat, 21 Nov 2020 20:25:35 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"e2434976a8942bb377c2296a590c06b8"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jan 2021 20:25:35 GMT

GET
H/1.1 204
No Content / Show response
686eb719.akstat.io/ 0
354 B 50ms
35ms XHR
image/gif 2a02:26f0:6c00:291::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://686eb719.akstat.io/?h.pg=article&when=1606141839564&cdim.Site_View=desktop&t_other=custom4%7C1260&d=zdnet.com&h.key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&h.d=zdnet.com&h.cr=c013a010275a8a6f20977a646ca43e737756050e&h.t=1606141838976&http.initiator=api&rt.start=api&rt.si=6aba5a57-e316-47a0-8eed-05fa2c37ad39&rt.ss=1606141840596&rt.sl=0&api=1&api.v=2&api.l=js&api.lv=0.0.1

Requested by

Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:291::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Nov 2020 14:30:39 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Mon, 23 Nov 2020 14:30:39 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 298 B
474 B 229ms
107ms Script
text/html 3.8.225.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&pcode=cbsprebidheader506831276743&callback=MoatNadoAllJsonpRequest_36849857
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.8.225.221 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-8-225-221.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 929818adeb5e1a02f2b5e5c279aba54bff72d8519fb14727d61c447eb2c496ab

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "ac5d40e42b26680bb68b37cd2665566be76d6f2f"
content-length: 298
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 112 B
287 B 178ms
62ms Script
text/html 3.9.96.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&pcode=cbsprebidheader506831276743&ql=&qo=0&i=CBS_PREBID_HEADER1&hp=1&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1606141839600&de=76491685633&rx=624455427343&m=0&ar=a63e245-clean&iw=b2c8261&q=1&cb=0&cu=1606141839600&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&id=1&ii=4&bo=undefined&bd=undefined&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A1405%3A1405%3A1454%3A1400&fs=186589&na=69931053&cs=0&callback=DOMlessLLDcallback_36849857
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.96.171 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-96-171.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 81985398fc901271c131ff91d91398c003e784a171976a36a274f117cbc1e8ac

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "e8b977f7aa7a7be1707c48f4d3b98422306b1e50"
content-length: 112
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 114 B
288 B 178ms
63ms Script
text/html 3.9.96.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&pcode=cbsprebidheader506831276743&ql=&qo=0&i=CBS_PREBID_HEADER1&hp=1&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1606141839600&de=76491685633&rx=624455427343&m=0&ar=a63e245-clean&iw=b2c8261&q=2&cb=0&cu=1606141839600&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&id=1&ii=4&bo=undefined&bd=undefined&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A1405%3A1405%3A1454%3A1400&fs=186589&na=2083912236&cs=0&callback=MoatDataJsonpRequest_36849857
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.96.171 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-96-171.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 9d5457322d949fe9365ed5c83ee898c653a3cf00f7fe7ec59691adbef197a277

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "8961521f32efd69656507314988cad19d01c911a"
content-length: 114
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 48ms
47ms Image
image/gif 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&t=1606141839600&de=70389876388&d=CBS_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=a63e245-clean&iw=b2c8261&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=zdnet.com&bd=zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack&ac=1&bq=11&f=0&na=1935295628&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 14:30:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 23 Nov 2020 14:30:39 GMT

GET
H2 200 show-hide-1.0-7bf562809f-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 2 KB
1 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/show-hide-1.0-7bf562809f-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

cd715c0fa7d69e85432e8b08d0a02b9613edf40212cca2040bde31670167638e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 367929
vary: Accept-Encoding, Accept
content-length: 671
x-xss-protection: 1; mode=block
last-modified: Wed, 18 Nov 2020 16:48:09 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "b05603b1b4fd765174fc4171bed7290d"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Nov 2020 08:18:30 GMT

POST
H/1.1 204
No Content /
686eb719.akstat.io/ 0
354 B 49ms
37ms Other
image/gif 2a02:26f0:6c00:291::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://686eb719.akstat.io/

Requested by

Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:291::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 23 Nov 2020 14:30:39 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Mon, 23 Nov 2020 14:30:39 GMT

GET
H2 200 bcn
www.summerhamster.com/ 43 B
182 B 186ms
59ms Image
image/gif 52.28.196.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.summerhamster.com/bcn?fe=1606141839919&y=2.0.1105&elg=549832937&flg=68&x=zzz.cgqhw.frp%2Fduwlfoh%2Fwrb-pdnhu-pdwwho-glvforvhv-udqvrpzduh-dwwdfn%2F&vqwo=1&deo=0&g0=vg%3A%3Aer%2Cxd%3A%3Aqexd%3A%3Aqsu%7Cvg%3A%3Ask%3A%3Aqsk%3A%3Aqsu%7Cgisl%3A%3Alp%2Clqi%2Cqh%3A%3Aqoe%3A%3Aqsu%3A%3Axuo%3D%2F%2Fdg.grxeohfolfn.qhw%2Fggp%2Fdg%2Fblof%2Frott%2Frwrnpqb%2F%3Brug%3D1606141839086%3F%7Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.sodlqDg%7Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.sodlqDg%7Cddg%2Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.des_re_halvw%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Csu%3A%3Aid%3A%3Auivv%3A%3Aqsu&hu=0&g2=0%3A%3A0%3A%3A0%3A%3A0%3A%3A0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.196.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-196-64.eu-central-1.compute.amazonaws.com
Software: Jetty(9.2.10.v20150310) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 23 Nov 2020 14:30:40 GMT
server: Jetty(9.2.10.v20150310)
content-length: 43
access-control-allow-methods: *
content-type: image/gif

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0F7B 0
0 56ms
56ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstN_vN6D5SzASGM9rKgpcbUdMBHbB12lA0ngEgPZuUDK0tmXy5yV_vMb5NSWCnngnpE9bkHD4bDIkrFggCUHy3TpRcb2b7CPQxbzscK8H3exAAbfizRSsty5M4Z4-1HRvFttJhMb24UG2kVRsFHoLac6jB-nJmjazOF4wJxQtqn7XK16wmNFASMydZ5ruPsjpCILSCmtiXLXxosZUG5vOrpzX1hZpprAMPbV4FTI8Y8a5N1cSsKepH256n8807eMODWBnhy2WTa&sig=Cg0ArKJSzJZWSc9fzeEhEAE&urlfix=1&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 14:30:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0F7B 75 KB
29 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Mon, 23 Nov 2020 14:30:40 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 0F7B 320 KB
107 KB 51ms
50ms Script
application/x-javascript 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: content.upguard.com
URL: https://content.upguard.com/e2t/tc/VX8Rxp1bnQdlW8gX6Wn6vthnrW2C4PM94jbQWCN2jjSxX3p_9LV1-WJV7CgBTcW2-JHrH8xFjz5W5sNCvD5nwTk6F55xvFzGcp1W189blt6S8XPfW8MLHrR5K7kd8W7fRZPr65qVBRW7dCbdv2Pc6fCW3q6V0X1vkLtrW5ZSCn74dNnS9W7G9n916nbDtqW2B6PhK6bbFl9VPWNKT9jRl2BVzYNv_3QP-gqW393bR_3xGm5hW3zNf7S8q-cqVW9fZTPB3PccjlW24xFwV5nTgYlW96-Ntm3lB9XmW22ggxN8sb6gMN4hxBH_rJWhDW5v6LHY8mmcntMxLR2HpP4N2W9kCcBc880p_bW8X7_Yv8nqPvFW1ks1_W5kLdwyW1m1s9l6vTq7bW5pnnxM6zF9TyW82_R2f3WJ_jc3g4j1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9291d9d87d61a0608d3a6b508cb92fa452e2ad612696a66716201dffdf968927

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:40 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 21:24:39 GMT
server: AmazonS3
x-amz-request-id: 9B7D6983D8E9536A
etag: "6a6dcf414007d90f491fd34c0ded6f44"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=27622
accept-ranges: bytes
content-length: 108768
x-amz-id-2: 2WC5qH/yf09rE/TwErENdg8MtQIVHIedCPAJDF2Z1Z0Be5D+RNI9BmQl0zKNREtHHR6JU/jFUI0=

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 7528 180 KB
50 KB 39ms
12ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011171659/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 105567
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Sun, 22 Nov 2020 09:11:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Nov 2021 09:11:13 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 7528 13 KB
5 KB 38ms
11ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011171659/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 173647
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Sat, 21 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Nov 2021 14:16:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 7528 90 KB
27 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011171659/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 173647
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Sat, 21 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Nov 2021 14:16:33 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 7528 3 KB
2 KB 32ms
5ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011171659/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 105210
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Sun, 22 Nov 2020 09:17:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Nov 2021 09:17:10 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 7528 41 KB
13 KB 42ms
15ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011171659/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 173646
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Sat, 21 Nov 2020 14:16:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Nov 2021 14:16:34 GMT

GET
DATA 200
OK truncated
/ Frame 7528 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9838488c81a32714522c6a1e562ae0674bd1d2c3316a8cc9e4f96cfdf9e5c7c5

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1E23 0
0 63ms
58ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvh-tsZtGY9Vsi_TvJZKpulmfY0VjoiBilNBUUw1i1qZ8HU_fXVMdGYmXRWQwft72icnVJtdTeDBqpDDV_I04r4RZXAMv1aigqV1AFwgp4hbgKGG99zAUnY0jERnhF1Un7GZnwkn7xj88EsDjng0pHrCoEn_VM7y-yBRn-8alj6A9lLyi_oL9vU-SibRHO-U--zshaokoA3MPtsbGAhxPxmBxRKTSb_NtuJf9RAvJyaQJmC-Q7vXDqSltbl13kyYtxteitZmoI3&sig=Cg0ArKJSzMd-7dXf7OKQEAE&urlfix=1&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 14:30:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1E23 75 KB
29 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Mon, 23 Nov 2020 14:30:40 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 1E23 320 KB
107 KB 52ms
50ms Script
application/x-javascript 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: content.upguard.com
URL: https://content.upguard.com/e2t/tc/VX8Rxp1bnQdlW8gX6Wn6vthnrW2C4PM94jbQWCN2jjSxX3p_9LV1-WJV7CgBTcW2-JHrH8xFjz5W5sNCvD5nwTk6F55xvFzGcp1W189blt6S8XPfW8MLHrR5K7kd8W7fRZPr65qVBRW7dCbdv2Pc6fCW3q6V0X1vkLtrW5ZSCn74dNnS9W7G9n916nbDtqW2B6PhK6bbFl9VPWNKT9jRl2BVzYNv_3QP-gqW393bR_3xGm5hW3zNf7S8q-cqVW9fZTPB3PccjlW24xFwV5nTgYlW96-Ntm3lB9XmW22ggxN8sb6gMN4hxBH_rJWhDW5v6LHY8mmcntMxLR2HpP4N2W9kCcBc880p_bW8X7_Yv8nqPvFW1ks1_W5kLdwyW1m1s9l6vTq7bW5pnnxM6zF9TyW82_R2f3WJ_jc3g4j1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9291d9d87d61a0608d3a6b508cb92fa452e2ad612696a66716201dffdf968927

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:40 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 21:24:39 GMT
server: AmazonS3
x-amz-request-id: 9B7D6983D8E9536A
etag: "6a6dcf414007d90f491fd34c0ded6f44"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=27622
accept-ranges: bytes
content-length: 108768
x-amz-id-2: 2WC5qH/yf09rE/TwErENdg8MtQIVHIedCPAJDF2Z1Z0Be5D+RNI9BmQl0zKNREtHHR6JU/jFUI0=

GET
H2 200 13778946079872929366
tpc.googlesyndication.com/simgad/ Frame 7528 47 KB
47 KB 37ms
10ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13778946079872929366?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnJV2Hsht32hL7F_mTdFQDOF7FKTw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

653cc312f4d6245fd0ced6679f2d65bef0005287f4318ada1d2d3cb3f0b367ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 10:55:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 17 Nov 2020 08:42:21 GMT
server: sffe
age: 531286
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47952
x-xss-protection: 0
expires: Wed, 17 Nov 2021 10:55:54 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7528 2 KB
3 KB 34ms
8ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 Nov 2020 23:34:26 GMT
x-content-type-options: nosniff
server: cafe
age: 53774
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 23 Nov 2020 23:34:26 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7528 295 B
761 B 33ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 Nov 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 59839
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 23 Nov 2020 21:53:21 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7528 0
0 59ms
57ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COJvHj8e7X_K0JLCnx_APyvaUkA2Srd2MYJ6876fzDNv86oIBEAEgzJGuImDp5MmF2BqgAa3GmqYCyAEC4AIAqAMByAMIqgSkA0_QbhxvFZSYgtEdpWPg2mbz-1dCi-2IhgU6RgeilKtQBSr8HuBC5f9MCCRGqaDCffExjsM2396-Ymhzi0vOWaeEjtjPGDDZy7G1Mx-RzoJ094bbX6dgeun86zNX0GC8muLbSO7ldvYbH_1uebl7-FYkwTYzM-DfyGQgwsCaP8IWgm3ZFu2FdIbcSijDnHVz2-pSlg2pFUSawRv4Rr05XPaJVmVdMpP4vhS670qQZ_g2EJ52_OynkSJ9wrVMAINmyTNUOhecm3lsFzYTKzKqHuriYnZTVlDgsFDBNsNbsdxODQNqNLFKpA65ZvJWfM4RcNMCsltyP_YPG5NzeUegUvCN7oLObwFu0OXrE8t9TuaA7YQSO0mR_4Lg1tX68QLG7p7KOsHA4dvxDRQFR6K02JlDNJ1_hAmyEsTbeiuQKtD30V9PKEJcGu_-7x9PeDaBs7TD5rQ81IGfUTs_IyZbF9ZJ6AQPQFEkH6iJYacQl780lKH1CvjSPrOeCf_2i1f9vyIAcjeZbPkgB6Or-I5S8BM_UYLqBQ5oJQtrb0atmIZGpQNhm8AEuqHHvKQD4AQBkgUECAQYAZIFBAgFGASgBgKAB7u55dkBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEPPiCdIICQiA4YAQEAEYHYAKA8gLAdgTArIXGgoYCAESFHB1Yi0xOTkxNjc5NjI0MzMxMzY5&sigh=HpSpSbIeeDE&tpd=AGWhJmvf7HOoMK1_36YTvNjXSta3ImXY0OKmgrBVukaGvxw-cQ
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 52ms
46ms Image
image/gif 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBS_PREBID_HEADER1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1606141839600&de=874722729915&rx=624455427343&m=0&ar=a63e245-clean&iw=b2c8261&q=3&cb=0&cu=1606141839600&ll=2&lm=0&ln=0&em=0&en=0&d=25365849%3A465723849%3A4676441751%3A138290752599&zMoatAType=content_article&zMoatTest=zdnet&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&id=1&ii=4&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A1405%3A1405%3A1454%3A1400&fs=186589&na=1550363269&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 14:30:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 23 Nov 2020 14:30:40 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 38ms
22ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Mon, 23 Nov 2020 14:30:40 GMT

GET
H3-Q050 200 container.html
559abf2ac226b0e9a1825107f9741d70.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame EEC9 0
0 35ms
20ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://559abf2ac226b0e9a1825107f9741d70.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011171659/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 559abf2ac226b0e9a1825107f9741d70.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Mon, 23 Nov 2020 14:30:39 GMT
expires: Tue, 23 Nov 2021 14:30:39 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 69A9 0
0 58ms
57ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_OaA9TxB6DZdRjnT0-8DzIhvpG_wfWY96CFVe4ZuT2DRCmjH2-ZclVV3B0Dz9n4iPMTiDV24dcIxMUZQls4cg9Qu41bjtLYhM1sVUuXu1nQFERADT3WSbgxPOgPZbrIGje_uL9Jaqt2i9aLzqHsOatX1AqiK9S0Aj96hDNHroH5tBnmpRg8i0k3llF2o8CREj3z5l2nJSIRGKvU1qApJ_CadlXtQAfI8nVRq05RiBxQjpLPLhVNRKEHT595AaYsbzMmCumAVn&sig=Cg0ArKJSzIHYMeGaQHnTEAE&urlfix=1&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 14:30:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 adKit.min.js Show response
rev.cbsi.com/common/js/ Frame 69A9 6 KB
2 KB 356ms
145ms Script
application/javascript 2a04:4e42:46::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://rev.cbsi.com/common/js/adKit.min.js?428849705

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2bf78db102c9d6e84c8e86cd2bd6134383688ae866a991028728b62f482358ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:41 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 0
x-cache: MISS
content-length: 2149
x-served-by: cache-lga21979-LGA
access-control-allow-origin: *
last-modified: Thu, 16 Apr 2020 15:02:48 GMT
server: AmazonS3
x-timer: S1606141841.001827,VS0,VE55
etag: "e524dc608d5c7c30eef57b6ed95dc6a8"
strict-transport-security: max-age=300
content-type: application/javascript
via: 1.1 varnish
accept-ranges: bytes
x-cache-hits: 0

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 69A9 75 KB
29 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Mon, 23 Nov 2020 14:30:40 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 69A9 320 KB
107 KB 48ms
48ms Script
application/x-javascript 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: content.upguard.com
URL: https://content.upguard.com/e2t/tc/VX8Rxp1bnQdlW8gX6Wn6vthnrW2C4PM94jbQWCN2jjSxX3p_9LV1-WJV7CgBTcW2-JHrH8xFjz5W5sNCvD5nwTk6F55xvFzGcp1W189blt6S8XPfW8MLHrR5K7kd8W7fRZPr65qVBRW7dCbdv2Pc6fCW3q6V0X1vkLtrW5ZSCn74dNnS9W7G9n916nbDtqW2B6PhK6bbFl9VPWNKT9jRl2BVzYNv_3QP-gqW393bR_3xGm5hW3zNf7S8q-cqVW9fZTPB3PccjlW24xFwV5nTgYlW96-Ntm3lB9XmW22ggxN8sb6gMN4hxBH_rJWhDW5v6LHY8mmcntMxLR2HpP4N2W9kCcBc880p_bW8X7_Yv8nqPvFW1ks1_W5kLdwyW1m1s9l6vTq7bW5pnnxM6zF9TyW82_R2f3WJ_jc3g4j1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9291d9d87d61a0608d3a6b508cb92fa452e2ad612696a66716201dffdf968927

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:40 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 21:24:39 GMT
server: AmazonS3
x-amz-request-id: 9B7D6983D8E9536A
etag: "6a6dcf414007d90f491fd34c0ded6f44"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=27622
accept-ranges: bytes
content-length: 108768
x-amz-id-2: 2WC5qH/yf09rE/TwErENdg8MtQIVHIedCPAJDF2Z1Z0Be5D+RNI9BmQl0zKNREtHHR6JU/jFUI0=

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5186 0
0 61ms
60ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUqgiD0VtvpNR0LThEjNfRImnEV600o5hEyKrRZCZRzN4pwxdNXw6tmEKpG1OW9fGtDDsc5aXYmuYlWUb626YUyxLtuZQqpAH8hfLWbdPhgwNDP9bNzmXBdQKoRnTgnnNZe1bXxN9EyvYXyi4GxlRIkTqFdREV_VRJ3F9rU5E_vTZrU3G7HiMo0h0sAvn1u6XkMPiO7e86GgxV1HuH5-4jdUUk9jBGuMjSQAJAgmA8k23wPwfzfBVrgtKrbaky568AxHxAJHR2&sig=Cg0ArKJSzPdHuiLMLQKIEAE&urlfix=1&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 14:30:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5186 75 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Mon, 23 Nov 2020 14:30:40 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 5186 320 KB
107 KB 48ms
48ms Script
application/x-javascript 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: content.upguard.com
URL: https://content.upguard.com/e2t/tc/VX8Rxp1bnQdlW8gX6Wn6vthnrW2C4PM94jbQWCN2jjSxX3p_9LV1-WJV7CgBTcW2-JHrH8xFjz5W5sNCvD5nwTk6F55xvFzGcp1W189blt6S8XPfW8MLHrR5K7kd8W7fRZPr65qVBRW7dCbdv2Pc6fCW3q6V0X1vkLtrW5ZSCn74dNnS9W7G9n916nbDtqW2B6PhK6bbFl9VPWNKT9jRl2BVzYNv_3QP-gqW393bR_3xGm5hW3zNf7S8q-cqVW9fZTPB3PccjlW24xFwV5nTgYlW96-Ntm3lB9XmW22ggxN8sb6gMN4hxBH_rJWhDW5v6LHY8mmcntMxLR2HpP4N2W9kCcBc880p_bW8X7_Yv8nqPvFW1ks1_W5kLdwyW1m1s9l6vTq7bW5pnnxM6zF9TyW82_R2f3WJ_jc3g4j1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9291d9d87d61a0608d3a6b508cb92fa452e2ad612696a66716201dffdf968927

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:40 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 21:24:39 GMT
server: AmazonS3
x-amz-request-id: 9B7D6983D8E9536A
etag: "6a6dcf414007d90f491fd34c0ded6f44"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=27622
accept-ranges: bytes
content-length: 108768
x-amz-id-2: 2WC5qH/yf09rE/TwErENdg8MtQIVHIedCPAJDF2Z1Z0Be5D+RNI9BmQl0zKNREtHHR6JU/jFUI0=

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 8455 180 KB
50 KB 41ms
18ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011171659/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 105567
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Sun, 22 Nov 2020 09:11:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Nov 2021 09:11:13 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 8455 13 KB
5 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011171659/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 173647
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Sat, 21 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 8455 90 KB
28 KB 38ms
16ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011171659/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 173647
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Sat, 21 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 8455 3 KB
1 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011171659/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 105210
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Sun, 22 Nov 2020 09:17:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Nov 2021 09:17:10 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 8455 41 KB
13 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011171659/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 173646
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Sat, 21 Nov 2020 14:16:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Nov 2021 14:16:34 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8455 2 KB
3 KB 42ms
21ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011171659/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 Nov 2020 23:34:26 GMT
x-content-type-options: nosniff
server: cafe
age: 53774
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 23 Nov 2020 23:34:26 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8455 295 B
389 B 43ms
21ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011171659/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 Nov 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 59839
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 23 Nov 2020 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame 8455 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a3c2f4deba7415a3a1106c91c5920f5292c7a602996cbf139ae5b9c3c28e0d3

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4449 0
0 63ms
57ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLAynG-XRFv-wJa6swc2t35cSbHp4Esl9wvdSJn0xAmcL31E4nJQUY56kCDkcryuw0LbqnLrcix_ZUqsxANogQIUqs7VFiUfgl5tsFBkXXlXsF7gvO5oU5dF41WfnmaasQybwykFyTJ5GgGVG4Ol7mIk6wg3IK59yUX6ozAmzzrYO_GUgSxVPJVteoErtBbz5btx6Q0R9LtizL6-rBQxFQvhCcDRHadAXNVRkTQSPL98CqmNycA0Na-EjsZNLy7QTm3ARsyETA&sig=Cg0ArKJSzOAO-BM9FuslEAE&urlfix=1&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 14:30:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4449 75 KB
29 KB 24ms
18ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Mon, 23 Nov 2020 14:30:40 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 4449 320 KB
107 KB 53ms
46ms Script
application/x-javascript 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: content.upguard.com
URL: https://content.upguard.com/e2t/tc/VX8Rxp1bnQdlW8gX6Wn6vthnrW2C4PM94jbQWCN2jjSxX3p_9LV1-WJV7CgBTcW2-JHrH8xFjz5W5sNCvD5nwTk6F55xvFzGcp1W189blt6S8XPfW8MLHrR5K7kd8W7fRZPr65qVBRW7dCbdv2Pc6fCW3q6V0X1vkLtrW5ZSCn74dNnS9W7G9n916nbDtqW2B6PhK6bbFl9VPWNKT9jRl2BVzYNv_3QP-gqW393bR_3xGm5hW3zNf7S8q-cqVW9fZTPB3PccjlW24xFwV5nTgYlW96-Ntm3lB9XmW22ggxN8sb6gMN4hxBH_rJWhDW5v6LHY8mmcntMxLR2HpP4N2W9kCcBc880p_bW8X7_Yv8nqPvFW1ks1_W5kLdwyW1m1s9l6vTq7bW5pnnxM6zF9TyW82_R2f3WJ_jc3g4j1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9291d9d87d61a0608d3a6b508cb92fa452e2ad612696a66716201dffdf968927

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:40 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 21:24:39 GMT
server: AmazonS3
x-amz-request-id: 9B7D6983D8E9536A
etag: "6a6dcf414007d90f491fd34c0ded6f44"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=27622
accept-ranges: bytes
content-length: 108768
x-amz-id-2: 2WC5qH/yf09rE/TwErENdg8MtQIVHIedCPAJDF2Z1Z0Be5D+RNI9BmQl0zKNREtHHR6JU/jFUI0=

GET
H3-Q050 200 14056462587249913301
tpc.googlesyndication.com/simgad/ Frame 8455 43 KB
43 KB 16ms
14ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14056462587249913301?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkwdcRNUUFAVg73sxJMbSwpNVqqMA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f906b565f798e5326fbbf10052b514aa632de65f3de193f48f3bc6d206e60f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 10:35:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Nov 2020 08:31:08 GMT
server: sffe
age: 446118
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44082
x-xss-protection: 0
expires: Thu, 18 Nov 2021 10:35:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8455 0
0 18ms
15ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRd2qv80SK4UQPhak9BNkMm6gMKf7RT7n4OQK6tCoYFFVPWvE1kFdvIKVhwSOTQ1cWv_UboTbDdagbjN1Wny2oX6drZ_A
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8455 0
0 59ms
57ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CyNvYj8e7X_e0JLCnx_APyvaUkA2o_c2JYNSB1vTbDJW06c_IAhABIMyRriJg6eTJhdgaoAGtjKOoAsgBAqkCFqQNK-XRkT7gAgCoAwHIAwiqBKoDT9BAo1CtsBlSFUmUW1K7nR9y7Rk4mP3UNhYzDNyf0ki8429GyWk_Jn7ut7MFDlb7eyhCKXwihIy5ArxdTMWLIdLpxcRtpVei5gQue3R463ZiI74kHswbz3DSYrcXQCzmDzEc8UkHvyqK4EOEnTAw_h6YXbtC88545XuG6ZcC3IwhwF8F75mmQ6biGrxQRVyxUnslQrF2yO2YJTB-ExK0z-a_afJ9wJyW4_Zo7IJinsw-u4KYPW6DmNVw799wxb9E6cziVCSYY-nYs0qngS0v1i9KPl0EQg_wzR6n07P5KAPyzgH70q0i70yNZUb2VMW5EfgI6wrGM51PmZHKiJk1uopj9pgC1N2OxQneHoSLFr5tm4tW19VFxBO_vn_r-Bf7k8nk-Ab8MODMXafNqfULXA9yQwtf79pFVjH-Uiw0t0h3BzMaAgDUcfqphDbsKNn4oYUFfxKLYgZIi1AlbYPdIsxTU-GUQhIY9YWpnI2oZ3gdRvVfwaCRxPexH6Mq_bWpC4mhMjlLd1MqyD6q_rwSj7aT-Vnyn8t7k-iqUP3osaexR8k20dW3DyQHwATdstOJlwPgBAGSBQQIBBgBkgUECAUYBKAGAoAHu_Pc1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwMQiS_SCAkIgOGAEBABGB2ACgPICwHYEw2yFxoKGAgBEhRwdWItMTk5MTY3OTYyNDMzMTM2OQ&sigh=Ayqir0wrnG8&tpd=AGWhJmtp1oqmczd7kSkpk4ODeZ5gdvr-mnl4SaItkvwF5NIp-Q
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 57ms
18ms XHR
application/json 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fac4de8c202a61aa079a9442f868649f7793bf5a1d3b45b5fdbdc821a99c6d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 14:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6490
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0F7B 0
22 B 72ms
72ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst88x8yLfd1Og7zdy4G720Zz3W158pZi_6U8SCwHPSifVJ2KwwL7NsWVoBh7EkvEQGDJJ1w6a5rRpVsSTdXZtkuETx65LFRbXRJjcIddUbs23GHK8je_4Pvl-eqvHuKUxt8qFonMZjafRJTt6o48OfAonNbX2iRc56gCH7qLwc9t8Qc35Kuf3BlRNO34k-zlIk1y4bPzHIJhN0KUCRLHLcLiMMozJNoKWyAG5aaImcHAwTOyFX4kFGWE9ljqObOYqNWkydAhUdW_F4&sig=Cg0ArKJSzFFUg4rhOddkEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 14:30:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1E23 0
45 B 57ms
57ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLK4nRzWIhcSFMpgQync1XMevAgSQc_chE-EGQ9uO5rGH872H2LP-JqdULar8Qx-WugDWFjdl0kxS-1uJIq0n0pM282klaXiSGFeXMtIJJEint8elxq_XJGPnhSGA0VcHXftx5sEP4PtFTPDSMoyfSf7adW46INWHKSxg_MJ3-V5X3ZabHJ6DLyQckA3PCj9_s7xx5v6pwdLtAivk1M02tNN2dEb2yidDClTxieL_RTZdpGDOcYaO3vcoqCQlr2I2b5DDfPRSD8PQ&sig=Cg0ArKJSzKVQRk_oj21PEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 14:30:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 47ms
47ms Image
image/gif 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBS_PREBID_HEADER1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1606141839600&de=752591474514&rx=624455427343&m=0&ar=a63e245-clean&iw=b2c8261&q=4&cb=0&cu=1606141839600&ll=2&lm=0&ln=0&em=0&en=0&d=25365849%3A465723849%3A4676441751%3A138290752599&zMoatAType=content_article&zMoatTest=zdnet&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&id=1&ii=4&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A1405%3A1405%3A1454%3A1400&fs=186589&na=815378043&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 14:30:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5186 0
22 B 56ms
56ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufw52ROvh3M8SODJxvSEJ2rNJZTvxwn5SxiZbbXxoxNaksboqKeVfl-uZ40cH29WSwRzdofWozIRJCqX-YLEnvVKjumpxaXSUao5jDE3VNSrtLVDgQcgHevA3K4MKNMBMAztuWeTWX9wiPxcYvPFTmW2WV6OvQSzTuFkiqH2vapH0CruQIQ4GPfXeP3Np59VrdJu9QeeqjPK91nX0gDkeM3ODYzzfj5_7az7fbj4_2SVA5NLdjXQfV8inqdLfxS32uatXfejbxU6c&sig=Cg0ArKJSzBhzcuByhsWZEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 14:30:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 7528
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Mon, 23 Nov 2020 14:30:41 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4449 0
22 B 59ms
59ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3xPfD1MLNEHWWAspqDOsoPBrR0QeZxDbbTIRz711FFiLGepgu9QyMJTWPJaDvkPlRqcqc17zbcDiB90-FX5sOZbrxfSYJhfpJcGmHp3tBP5YMPebf4AleBBfr8Rk_fV6WaztapfzpNqHq2A3s1mGcafoKaNWWRCZjHaA_W_EHZWV9SchD1vxtDkyNwzAUdQgu9xiOjWnJtjsb7rb-At2m4A061KZOwT4WccbyvqzGRNoOBaKe2mbLzfPwVJZLo-l0I26SfWwCXto&sig=Cg0ArKJSzHRacluiTYJtEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 14:30:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 8455
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
39ms

Image
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Mon, 23 Nov 2020 14:30:41 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 13778946079872929366
tpc.googlesyndication.com/simgad/ Frame 7528 47 KB
47 KB 8ms
8ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13778946079872929366?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnJV2Hsht32hL7F_mTdFQDOF7FKTw

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

653cc312f4d6245fd0ced6679f2d65bef0005287f4318ada1d2d3cb3f0b367ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 10:55:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 17 Nov 2020 08:42:21 GMT
server: sffe
age: 531287
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47952
x-xss-protection: 0
expires: Wed, 17 Nov 2021 10:55:54 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7528 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 Nov 2020 23:34:26 GMT
x-content-type-options: nosniff
server: cafe
age: 53775
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 23 Nov 2020 23:34:26 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7528 295 B
327 B 7ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 Nov 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 59840
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 23 Nov 2020 21:53:21 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 47ms
46ms Image
image/gif 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBS_PREBID_HEADER1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1606141839600&de=59130902996&rx=624455427343&m=0&ar=a63e245-clean&iw=b2c8261&q=5&cb=0&cu=1606141839600&ll=2&lm=0&ln=0&em=0&en=0&d=25365849%3A465723849%3A4676441751%3A138290752599&zMoatAType=content_article&zMoatTest=zdnet&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&id=1&ii=4&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A1405%3A1405%3A1454%3A1400&fs=186589&na=656411423&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 14:30:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 69A9 54 KB
18 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: rev.cbsi.com
URL: https://rev.cbsi.com/common/js/adKit.min.js?428849705

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bd7477a1f989914a7d043526c25094a302a756028682df693dcc7f1d10a14f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "702 / 490 of 1000 / last-modified: 1606134211"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18520
x-xss-protection: 0
expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H3-Q050 200 14056462587249913301
tpc.googlesyndication.com/simgad/ Frame 8455 43 KB
43 KB 7ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14056462587249913301?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkwdcRNUUFAVg73sxJMbSwpNVqqMA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f906b565f798e5326fbbf10052b514aa632de65f3de193f48f3bc6d206e60f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 10:35:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Nov 2020 08:31:08 GMT
server: sffe
age: 446119
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44082
x-xss-protection: 0
expires: Thu, 18 Nov 2021 10:35:22 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8455 2 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 Nov 2020 23:34:26 GMT
x-content-type-options: nosniff
server: cafe
age: 53775
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 23 Nov 2020 23:34:26 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8455 295 B
384 B 8ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 Nov 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 59840
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 23 Nov 2020 21:53:21 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame AB90 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Mon, 23 Nov 2020 13:58:13 GMT
expires: Tue, 23 Nov 2021 13:58:13 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1948
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 180ms
55ms Image
image/gif 23.212.157.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=83&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1606141839600&r=752591474514&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack&zMoatPS=0&zMoatPT=0&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.157.206 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-212-157-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Nov 2020 14:30:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 180ms
55ms Image
image/gif 23.212.157.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=83&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1606141839600&r=752591474514&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack&zMoatPS=0&zMoatPT=0&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.157.206 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-212-157-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Nov 2020 14:30:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 47ms
46ms Image
image/gif 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=8&cm=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1606141841005&de=843608969051&m=0&ar=a63e245-clean&iw=6dd421e&q=13&cb=0&ym=0&cu=1606141841005&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745571990%3A138247985738&zMoatPS=top&zMoatPT=article&zMoatW=300&zMoatH=250&zMoatVGUID=53e8a26a-feaa-44e9-a58b-d8aa6c8c1450&zMoatSN=a&zMoatSL=mpu-plus-top%3FT-1000&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&id=1&ii=4&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1405%3A1405%3A1454%3A1400&iq=na&tt=na&tu=&tp=&fs=186589&na=645578520&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 14:30:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H2 200 pubads_impl_2020111801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 69A9 277 KB
98 KB 54ms
54ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068817

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

35b7f92fe5fa921ff5e686240c5951435b762f2b0b966b3f127245e086e26991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Nov 2020 09:41:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99950
x-xss-protection: 0
expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 47ms
47ms Image
image/gif 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=8&cm=15&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1606141841069&de=318139545043&m=0&ar=a63e245-clean&iw=6dd421e&q=17&cb=0&ym=0&cu=1606141841069&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745189935%3A138239344475&zMoatPS=top&zMoatPT=article&zMoatW=11&zMoatH=11&zMoatVGUID=53e8a26a-feaa-44e9-a58b-d8aa6c8c1450&zMoatSN=a&zMoatSL=sharethrough-top%3FT-1000&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&id=1&ii=4&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=11x11&zMoatSZPS=11x11%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1405%3A1405%3A1454%3A1400&iq=na&tt=na&tu=&tp=&fs=186589&na=1183438667&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 14:30:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 129ms
55ms Image
image/gif 23.212.157.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=200&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1606141839600&r=752591474514&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack&zMoatPS=0&zMoatPT=0&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.157.206 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-212-157-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Nov 2020 14:30:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 47ms
47ms Image
image/gif 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=8&cm=15&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1606141841106&de=107047855645&m=0&ar=a63e245-clean&iw=6dd421e&q=21&cb=0&ym=0&cu=1606141841106&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745696286%3A138239338263&zMoatPS=bottom&zMoatPT=article&zMoatW=970&zMoatH=66&zMoatVGUID=53e8a26a-feaa-44e9-a58b-d8aa6c8c1450&zMoatSN=a&zMoatSL=leader-plus-bottom%3FT-1000&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&id=1&ii=4&bo=23605329&bp=23619609&bd=bottom&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=970x66&zMoatSZPS=970x66%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1405%3A1405%3A1454%3A1400&iq=na&tt=na&tu=&tp=&fs=186589&na=1716142474&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 14:30:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 69A9 109 B
803 B 35ms
15ms Script
application/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068817

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 14:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 69A9 109 B
169 B 16ms
16ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068817

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 14:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 69A9 17 KB
5 KB 108ms
108ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=678038407069514&correlator=4400695915334427&output=ldjh&impl=fifs&eid=21068728%2C21068817%2C21062970%2C21068418%2C21068480%2C21068754&vrg=2020111801&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201123&iu_parts=8264%2Cuk-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=372x142%2C372x142&prev_scp=env%3Dprod%26session%3Da%26subses%3D6%26ptype%3Darticle%26vguid%3D53e8a26a-feaa-44e9-a58b-d8aa6c8c1450%7Cenv%3Dprod%26session%3Da%26subses%3D6%26ptype%3Darticle%26vguid%3D53e8a26a-feaa-44e9-a58b-d8aa6c8c1450&cookie_enabled=1&cdm=www.zdnet.com&bc=31&abxe=1&lmt=1606141841&dt=1606141841552&dlt=1606141840741&idt=791&frm=23&biw=1600&bih=1200&isw=371&ish=771&oid=3&adxs=-12245933%2C-12245933&adys=-12245933%2C-12245933&adks=3261246841%2C3261246840&ucis=ek5e0m1ngpnu%7Co1rkd62yuf33&ifi=1&ifk=1913769584&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&top=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0%7C0x0&msz=0x0%7C0x0&ga_vid=1617009363.1606141842&ga_sid=1606141842&ga_hid=422259689&fws=256%2C256&ohw=0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068817

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

28cada33bfa7887e6bc95ff0644bcafd05c9337e724af384bc0094d0efc2875e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4648
x-xss-protection: 0
google-lineitem-id: 4746066197,4746066197
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138239375540,138239468731
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d5d33ed430cb28c48bd3e443f2d4904f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 69A9 0
0 81ms
38ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d5d33ed430cb28c48bd3e443f2d4904f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068817
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 48ms
48ms Image
image/gif 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2F559abf2ac226b0e9a1825107f9741d70.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=1050&gp=1371&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&id=1&ii=4&f=0&j=&t=1606141839600&de=752591474514&rx=624455427343&cu=1606141839600&m=1771&ar=a63e245-clean&iw=b2c8261&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=1371&lb=3128&le=1&lf=182&lg=1&lh=22&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1405%3A1405%3A1454%3A1400&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=83&cd=0&ah=83&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=186589&na=173721223&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 14:30:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 69A9 0
181 B 56ms
56ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVcVLEQ6hDAjEQx71xYi3HUe2FjKYgFmA8vfO0ozUq9fNR1ptyD-ksE5XWjNNc-dyH6Hb8RIfB78lyd0P057H2iuM_4VaG58NX40eEKTYrsE0guSNjrw-3Amyhw-8IsbsX0sq2JzbWz5_Pj09Z4H2vZo2NcU2F3aUtaogBEaXHYXWpetpvR50QQbxRcwImOIJhsoAakSz8jz1VuMUnRv1oKDGlbV-Qx1n3RUMOiVrf-Fu3kf6-rWJMZjrqXqQ8uR-ptSMC4-dKb_g&sig=Cg0ArKJSzCfvCrsTlYsEEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 14:30:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
31 B 15ms
15ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111701&jk=2822894557790653&bg=!X1ylXHzNAAVGySeIRljJQdfh-97dXwIAAABvUgAAABNoAQcKAc5COBfAdAjn8lw7JtNgQi3t16M2mXnhdzNLLgdhaTa2G1WFF2jAO0ykvaW9Dk1BLL6vwjuPcKeyFnzzmSGFL4SYl45sq3gh0goddjJoL8h5DpsiWfM0zmkNK6Vc42Lj_REFyw-Scj_UITE_8uR7D118cRxliBdjfT8VxCu1iqKMdMgepbtTp-0Uyp0aW2lA9eprDRSfMhNPOKf-nlJ9Yd6hk5naRFwyrN45UJNZbXZeAXBBK6GuYO1C9RkgSX-bY8VLDrg9mxF9pzC0Amv5DLtAOWReAR1DxZ5c_Znxz4QWl7iBWmhAN4goV3tXjiHL7N8aOpSYsV8emif0TprdaRB-tZgN0H-2IjA8kzV5N98B-hbADkmRlcomOO_KRTN-WDf-tqA3Px9KgIdNjkpHgundXrj81vbUkaqm-0ygWvG11C7C5FRxysNuRcatpBeWuaeLxTrifdc0bY_xa_6wYCFLt4LG5TECtdR3OIjrqHdWEDphRgYxTo7UCjG1VFLZ8jPwXoygiL_1lCivixOOYlIXWXd6ZHcnIUG_c-w0UIk0P4yKKhg-m2ug9jJohF6zUP2BPM1FQ59A45YaLadR53qbYFN37n2am9SbFkE8qfKZAbaVMZkZd0uOY29vqGDdydPntWNpasKoiUqzxkiuQVqBzhvINeKr0ED58VbAYUi7Rj7waEqOflgBCq14Vvu2RnaCbjOWqfueM6Ssc8UaiaeXrn2VzvcC1y5VqE0paa04utEHfT87dP3ufsui4nKHMXkY8ZvrhLDKxTSnW2xmYYCz3fVLmPhKcGqHIPP0XWOnukeGbLXduIvzUPWwsAra7e5WEddYD-AQq8mFiTNCO1MlR7sRSC5UUEVwkESw4BnmHBfA4oaLo1BSVG_hTwR9TCSDVbJ1MKdVoDjlVkZPV_Z5cYEdkWFsRTlAqE1zpgChaoZmnccVIYTvjvqCRwW6C-pncxCjmGObigFcyyzBFew7bvgnXw0hVhOt9MfsAk3RrsQAI_rbqepYcUYGl21qrWYPQRytpFoCxBVGIBy6G9I6Y-drgscs8a2yVopG1tQtcCNNhlgivoN2DwePK9cO7vGLCKKSM2XwrO0s0QNTJCnlfl1saYwFVcvFvX-mkXOWc6vco8Uhy_6sue_-BATOYcaMhgk8dhGXJIEErP3FO4ff_4TD4GV3MrGVqET7xuX4WvngXVgTnY0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 14:30:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 69A9 0
0 14ms
13ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=zdnet.com&host=www.zdnet.com&success=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068817

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 14:30:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0F51 0
0 56ms
56ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssupwSY-Zzv2iIeVK6guPdVdbyZ30QrlpIeop3SBr6LXk-_wSvV1bUlp7OFaCye1szsBMFn99JuBz-5VL5tx-1HOQowxj6ODLjj0lwHnLQzQFaXgH_xl-AXB6c4uSlJhyXtX3y_2X-HnKALI729bOebd1bI7-esI5sdIl1hPTkJ6_sGQC7FqsP9KETRGgtOATW0MqUJSR84st70q1fYJJuyLkCpAHs5CRfdz40MJxPbIZx3rmAT4TeKGl-XlSnKilN-P50x1J2u&sig=Cg0ArKJSzExnVzO22k4XEAE&urlfix=1&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 14:30:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0F51 75 KB
29 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068817

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 0F51 320 KB
107 KB 48ms
47ms Script
application/x-javascript 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068817
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9291d9d87d61a0608d3a6b508cb92fa452e2ad612696a66716201dffdf968927

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:41 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 21:24:39 GMT
server: AmazonS3
x-amz-request-id: 9B7D6983D8E9536A
etag: "6a6dcf414007d90f491fd34c0ded6f44"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=27621
accept-ranges: bytes
content-length: 108768
x-amz-id-2: 2WC5qH/yf09rE/TwErENdg8MtQIVHIedCPAJDF2Z1Z0Be5D+RNI9BmQl0zKNREtHHR6JU/jFUI0=

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1D67 0
0 57ms
57ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvTpsdtqLwUtadbwV09ZcoHiivaC1GSGWqm-nvYOwJl2AAZiskrFeHIA1RKO7wAryKSPGV0WfB_FnNVaLAKDKyDifyLXtKL4-wBsBeZ1i_iKbMj3vmSWAWJXunVO7EJJIA-ocRuyM6sURhuFWcbpMKHqRhEgfqLgAo529jA2zb2YOJJx1x-rPqnUerxeT1yodz9zIcVaargWCmWDk7cjNsO9cGCDV4SFJWf8uyaHdIM1--jAwMQaZWJYTYGa8zKAz2OGPUbojf&sig=Cg0ArKJSzB53k9qXFHKdEAE&urlfix=1&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 14:30:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1D67 75 KB
29 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068817

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 1D67 320 KB
107 KB 52ms
52ms Script
application/x-javascript 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068817
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9291d9d87d61a0608d3a6b508cb92fa452e2ad612696a66716201dffdf968927

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:41 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 21:24:39 GMT
server: AmazonS3
x-amz-request-id: 9B7D6983D8E9536A
etag: "6a6dcf414007d90f491fd34c0ded6f44"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=27621
accept-ranges: bytes
content-length: 108768
x-amz-id-2: 2WC5qH/yf09rE/TwErENdg8MtQIVHIedCPAJDF2Z1Z0Be5D+RNI9BmQl0zKNREtHHR6JU/jFUI0=

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 69A9 73 KB
28 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068817

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 69A9 8 KB
7 KB 40ms
27ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068817

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2ebabeed9ffa02600b795c075caf19e29550c0ee15a1db8535ca5121a16cc99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 14:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 69A9 16 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068817

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 14:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0F51 0
22 B 56ms
56ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQFnKx-G0cq8ebP-fuUdgNQt3TG9pCWLwgOpBwozeqbzb7zovLFlKw015Zia0XMuzv7tzNehNHiO7_g5M6WP1q14sHkPJbif8CgajQ8ZW_Ax52etqXD2toGWV4HQ210Ut8PYdG64Dlv4cXfSTumXM50J7AH7QxdbRvRjtNd73ogU01dJqZRQQIgCAGYZoBHkcIPO5WjJuuuZofsA0SHD8DGcgZIZwCqbkWemofJwiEmPs_XohCE07iGSv-6MKSgHw2kj6j0ChEvNM&sig=Cg0ArKJSzKxBOnfYwOLZEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 14:30:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1D67 0
22 B 57ms
56ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstweg-xdbceu6kAHNw6KcCsTKmLxT2J8MhIfB350mQq8I8J6NBEpGrdPuheZvSwXnu-GPQGcZkjx45lWZ5UUR-0zxATrttqp54GEHhF90qcSJJpyJKRTqwVZjhqJVoYZoSSPRPAg2QMLykup_oJY4dE_GCF0yAy9IvPSOTrNX5cxe67PcrI3yzip_-u03XO2bS60augd_AyBj7AEInF9gnz6p6GDmvhwsfpSMyHVbMEwp2hMVPqx7q89huq_1OkHcUykXXytmbVOf4&sig=Cg0ArKJSzEMn9yGpM6poEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 14:30:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 56ms
55ms Image
image/gif 23.212.157.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=40&fi=1&apd=80&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1606141839600&r=874722729915&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack&zMoatPS=0&zMoatPT=0&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.157.206 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-212-157-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Nov 2020 14:30:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 56ms
55ms Image
image/gif 23.212.157.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=40&fi=1&apd=80&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1606141839600&r=874722729915&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack&zMoatPS=0&zMoatPT=0&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.157.206 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-212-157-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Nov 2020 14:30:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 63ms
62ms Image
image/gif 23.212.157.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=40&fi=1&apd=80&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1606141839600&r=874722729915&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack&zMoatPS=0&zMoatPT=0&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.157.206 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-212-157-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Nov 2020 14:30:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 51ms
50ms Image
image/gif 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F13778946079872929366%3Fsqp%3D4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg%26rs%3DAOga4qnJV2Hsht32hL7F_mTdFQDOF7FKTw&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=120&w=970&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&id=1&ii=4&f=0&j=&t=1606141839600&de=874722729915&rx=624455427343&cu=1606141839600&m=2180&ar=a63e245-clean&iw=b2c8261&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3128&le=1&lf=182&lg=1&lh=22&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1405%3A1405%3A1454%3A1400&as=0&ag=40&an=0&gf=40&gg=0&ix=40&ic=40&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=40&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=80&cd=0&ah=80&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=186589&na=1881166582&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 14:30:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame C8CF 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Mon, 23 Nov 2020 13:58:13 GMT
expires: Tue, 23 Nov 2021 13:58:13 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1948
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 64ms
63ms Image
image/gif 23.212.157.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=139&fi=1&apd=179&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1606141839600&r=874722729915&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack&zMoatPS=0&zMoatPT=0&bedc=1&q=4&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.157.206 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-212-157-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Nov 2020 14:30:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 57ms
56ms Image
image/gif 23.212.157.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=99&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1606141839600&r=59130902996&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack&zMoatPS=0&zMoatPT=0&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.157.206 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-212-157-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Nov 2020 14:30:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 56ms
55ms Image
image/gif 23.212.157.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=99&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1606141839600&r=59130902996&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack&zMoatPS=0&zMoatPT=0&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.157.206 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-212-157-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Nov 2020 14:30:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 49ms
48ms Image
image/gif 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F14056462587249913301%3Fsqp%3D4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4%26rs%3DAOga4qkwdcRNUUFAVg73sxJMbSwpNVqqMA&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&id=1&ii=4&f=0&j=&t=1606141839600&de=59130902996&rx=624455427343&cu=1606141839600&m=2280&ar=a63e245-clean&iw=b2c8261&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3128&le=1&lf=182&lg=1&lh=22&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1405%3A1405%3A1454%3A1400&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=99&cd=0&ah=99&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=186589&na=459667205&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 14:30:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 92ms
55ms Image
image/gif 23.212.157.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=121&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1606141839600&r=59130902996&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack&zMoatPS=0&zMoatPT=0&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.157.206 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-212-157-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Nov 2020 14:30:41 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 23 Nov 2020 14:30:41 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 69A9 0
23 B 15ms
15ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111801&jk=678038407069514&bg=!WFulW3vNAAVGySeIRlikn8ICdZb2KQIAAABoUgAAABJoAQcKAWck0Gvf8Ltj3ksAYMHnzDgzydQPIyIo8s4sVPNIXunG4Si0ckdYy8-DVWJOmItyAYLVmWdhd8-cee6cDjdbqzz8qTdX8TcSXBWBAtVcs6gtQt4TTPYPMuUbZtO3ceoYv_R7POQeqT2sdPnVi40vnzHjtGa6FjIYYYlSoEzxR0no-rp0fcvT-vLijLlCk6PT_aH5Tkjm5JOJwXFeyCjZKTmAoIhIfZKqhI-FKjmczLG3w69soY_HukcVcsjFPTUKMDkCsQ4Z3pLVZ6guo1S63Wnzu2SGT9o2d2cItSlgoud70i9P5yPmTBNLDrGgcfW9K1dZlqYJxayWu-RxMI2fH3-ZL7-B8YS0PvxrngazClhctoLEa1lxNc1R0sORMrSorGJgzo4YXxS6_ipWF70yp3PlrQY3O71nvmdlUuJOoB4ZUDIKz2qo84wS5qzKVKg_y9uRe2qBURm9DveXrLxbgpHxLWKWoF7Pz5kBvAnNuCaqRwT9-19yX4y6W-OP5-6UTT4VhKprYxSJlcV3KSE6S8Ho2TkLu1s4iD36MFP0La-ZFv_yCiY-R5lS17P_x89hFiiJ3L3VQrXzTGoezrSsdB9w7lct_VI32TQdPzYI_jOTmIzJhRTRigKiuCrgR5I_ImPFEw9Q2H8fhCFwHyRjhmGLbvqQKnHEog00I3xXWB4Hs3WTG8niN9xkEsIlDH-TGe2_ghmb-dc82PhNgW2zPYmNbJj1zUfVjBKpdSEjVuMOrTR4YAKTR_nKcWqcPua757FsTPf9VJWlVeYRtsXWVnha4xLesBlBavaMbRIogvXQiHkJw7SsHi1bBvKlqF-FYDrC5oDo-Bn0NogcOUMC9jblA-Tzo1khq6jb8JADXZrpSwU_SRHBg2E1WofVNNu6zfLOVYs_CoTs4j1GbvvDcbQ7o4JR2q-B2qRpzFUjIHjH2BteKfVFAJYkB1gc7Uyur5VlgfWYDJRcl_5gPzKsNmLPmc9Hs_VTaubeCAMiextBEuJD-e1RBsV5ECR0VCo-FcznTmRRgwhg_vSOUQNUP2dNNqucAVb6SOf0RJdyydemwFaEiAo2hg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 14:30:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7528 42 B
94 B 19ms
19ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvXmJgGWZFIu5zpWF-I1n2BMW_As3B5tUetBeXO4YG7hWFTpmtcuXeU2Loqi31Fn-rGmqGMK7xJtzMD_mj3NYrcboAgKjMNvj0toILn8MK8wSgWzT8lrzH73DTMlQ&sai=AMfl-YRSEOaq0645KrIHcwKekCU-vTqhLY8JKWV-HlV4R4FZBwuCZv9lZa0IFw7MhhYXbhRG2IG4KruIUvOqxAY-s9bnaNqk06uFa3TMjqZTJECKkbC_0CEKl35OuNIb&sig=Cg0ArKJSzKc1OE78e8ZhEAE&cid=CAASF-RoXBHN8qCjQOSIm4d4sxSpqllcO3R2&id=ampim&o=315,275&d=970,120&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=413&tls=1414&g=100&h=100&tt=1414&r=v&avms=ampa&adk=3581870410

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 14:30:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 48ms
47ms Image
image/gif 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=120&w=970&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&id=1&ii=4&f=0&j=&t=1606141839600&de=874722729915&rx=624455427343&cu=1606141839600&m=3315&ar=a63e245-clean&iw=b2c8261&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3128&le=1&lf=182&lg=1&lh=22&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1405%3A1405%3A1454%3A1400&as=1&ag=1174&an=40&gi=1&gf=1174&gg=40&ix=1174&ic=1174&ez=1&ck=1174&kw=1010&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1174&bx=40&ci=1174&jz=1010&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1010&cd=80&ah=1010&am=80&rf=0&re=0&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=186589&na=84683524&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 14:30:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 23 Nov 2020 14:30:42 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
419 B 60ms
59ms Image
image/gif 23.212.157.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1010&tet=1174&fi=1&apd=1214&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1606141839600&r=874722729915&t=iv&os=1&fi2=0&div1=1&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack&zMoatPS=0&zMoatPT=0&bedc=1&q=5&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.157.206 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-212-157-206.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Nov 2020 14:30:42 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: AkamaiNetStorage
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 23 Nov 2020 14:30:42 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 48ms
47ms Image
image/gif 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=120&w=970&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&id=1&ii=4&f=0&j=&t=1606141839600&de=874722729915&rx=624455427343&cu=1606141839600&m=3319&ar=a63e245-clean&iw=b2c8261&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3128&le=1&lf=182&lg=1&lh=22&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1405%3A1405%3A1454%3A1400&as=1&ag=1174&an=1174&gi=1&gf=1174&gg=1174&ix=1174&ic=1174&ez=1&ck=1174&kw=1010&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1174&bx=1174&ci=1174&jz=1010&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1010&cd=1010&ah=1010&am=1010&rf=0&re=0&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=186589&na=1369502349&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 14:30:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 23 Nov 2020 14:30:43 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 48ms
47ms Image
image/gif 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=120&w=970&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&id=1&ii=4&f=0&j=&t=1606141839600&de=874722729915&rx=624455427343&cu=1606141839600&m=3321&ar=a63e245-clean&iw=b2c8261&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3128&le=1&lf=182&lg=1&lh=22&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1405%3A1405%3A1454%3A1400&as=1&ag=1174&an=1174&gi=1&gf=1174&gg=1174&ix=1174&ic=1174&ez=1&ck=1174&kw=1010&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1174&bx=1174&ci=1174&jz=1010&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1010&cd=1010&ah=1010&am=1010&rf=0&re=0&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=186589&na=1840368439&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 14:30:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 23 Nov 2020 14:30:43 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 48ms
47ms Image
image/gif 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=1050&gp=1371&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&id=1&ii=4&f=0&j=&t=1606141839600&de=752591474514&rx=624455427343&cu=1606141839600&m=6956&ar=a63e245-clean&iw=b2c8261&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=1371&lb=3128&le=1&lf=182&lg=1&lh=22&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1405%3A1405%3A1454%3A1400&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5075&cd=83&ah=5075&am=83&rf=0&re=1&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=186589&na=658770014&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 14:30:46 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 23 Nov 2020 14:30:46 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 48ms
48ms Image
image/gif 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=120&w=970&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&id=1&ii=4&f=0&j=&t=1606141839600&de=874722729915&rx=624455427343&cu=1606141839600&m=7158&ar=a63e245-clean&iw=b2c8261&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3128&le=1&lf=182&lg=1&lh=22&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1405%3A1405%3A1454%3A1400&as=1&ag=5019&an=1174&gi=1&gf=5019&gg=1174&ix=5019&ic=5019&ez=1&ck=1174&kw=1010&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5019&bx=1174&ci=1174&jz=1010&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4858&cd=1010&ah=4858&am=1010&rf=0&re=0&wb=2&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=186589&na=1455808889&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 14:30:46 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 23 Nov 2020 14:30:46 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 47ms
47ms Image
image/gif 95.101.185.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ftoy-maker-mattel-discloses-ransomware-attack%2F%3F_hsenc%3Dp2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w%26_hsmi%3D99323374%26utm_campaign%3Dnewsletters-2020%26utm_content%3D99321731%26utm_medium%3Demail%26utm_source%3Dhs_email&id=1&ii=4&f=0&j=&t=1606141839600&de=59130902996&rx=624455427343&cu=1606141839600&m=7568&ar=a63e245-clean&iw=b2c8261&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3128&le=1&lf=182&lg=1&lh=22&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1405%3A1405%3A1454%3A1400&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5187&cd=99&ah=5187&am=99&rf=0&re=0&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=186589&na=807740943&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.185.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-185-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 14:30:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 23 Nov 2020 14:30:47 GMT

POST
H/1.1 200
OK NRJS-04e0f5db0886b3b33ff Show response
bam-cell.nr-data.net/events/1/ 24 B
489 B 176ms
175ms XHR
image/gif 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/NRJS-04e0f5db0886b3b33ff?a=450235099&v=1184.ab39b52&to=ZFMHbUMCXktYWxJZX10ZJFpFCl9WFlkURFlQWgBmQgpeX1Vd&rst=11612&ck=1&ref=https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 23 Nov 2020 14:30:49 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
CF-Ray: 5f6b971bfb881eda-AMS
Content-Length: 24
cf-request-id: 06971cc57800001eda7028c000000001

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.zdnet.com/	1970-01-19 14:19:06	Name: RT Value: "z=1&dm=zdnet.com&si=k7bv7w4ohz&ss=khundq8u&sl=0&tt=0"
.zdnet.com/	1969-12-31 23:59:59	Name: fly_default_edition Value: eu
.zdnet.com/	1969-12-31 23:59:59	Name: fly_preferred_edition Value: eu
.zdnet.com/	1970-01-19 14:19:06	Name: fly_device Value: desktop
.zdnet.com/	1970-01-19 14:19:06	Name: fly_geo Value: {"countryCode": "de"}

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://content.upguard.com/e2t/tc/VX8Rxp1bnQdlW8gX6Wn6vthnrW2C4PM94jbQWCN2jjSxX3p_9LV1-WJV7CgBTcW2-JHrH8xFjz5W5sNCvD5nwTk6F55xvFzGcp1W189blt6S8XPfW8MLHrR5K7kd8W7fRZPr65qVBRW7dCbdv2Pc6fCW3q6V0X1vkLtrW5ZSCn74dNnS9W7G9n916nbDtqW2B6PhK6bbFl9VPWNKT9jRl2BVzYNv_3QP-gqW393bR_3xGm5hW3zNf7S8q-cqVW9fZTPB3PccjlW24xFwV5nTgYlW96-Ntm3lB9XmW22ggxN8sb6gMN4hxBH_rJWhDW5v6LHY8mmcntMxLR2HpP4N2W9kCcBc880p_bW8X7_Yv8nqPvFW1ks1_W5kLdwyW1m1s9l6vTq7bW5pnnxM6zF9TyW82_R2f3WJ_jc3g4j1(Line 13) Message: toS
console-api	info	URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email(Line 382) Message: Registration of service worker /service-worker.js successful with scope:https://www.zdnet.com/
console-api	log	URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: _injectQueryStringGCP functional
console-api	log	URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_chartbeat performance
console-api	log	URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_tealium functional
console-api	log	URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email(Line 94) Message: Loading iframes
console-api	log	URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email(Line 94) Message: Loading iframes
console-api	log	URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Service loaded: script_sourcepoint with class optanon-category-4
console-api	log	URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_urban_airship targeting
console-api	log	URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_taboola targeting
console-api	log	URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_async_load targeting
console-api	log	URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	(Line 86) Message: blank creative loaded: 138245072116 (5 x 5, pos=nav, slot=nav-ad)
console-api	log	(Line 86) Message: blank creative loaded: 138247985738 (300 x 250, pos=top, slot=mpu-plus-top)
console-api	log	(Line 86) Message: blank creative loaded: 138239344475 (11 x 11, pos=top, slot=sharethrough-top)
console-api	log	(Line 86) Message: blank creative loaded: 138239338263 (970 x 66, pos=bottom, slot=leader-plus-bottom)
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email
console-api	log	URL: https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/?_hsenc=p2ANqtz-8j1tepWWqOaqaCKSwGK3-M02fOnp0dC0Al8qhlP8DXMoz_VW-DVDadQBxOt1w3U56G78BVF1laOQ-35smVvZ75MC2Z-w&_hsmi=99323374&utm_campaign=newsletters-2020&utm_content=99321731&utm_medium=email&utm_source=hs_email(Line 164) Message: Dynamic Showcase Center container ::: creative id = 138247024569
console-api	log	(Line 86) Message: blank creative loaded: 138239375540 (372 x 142, pos=, slot=dynamic_showcase__0)
console-api	log	(Line 86) Message: blank creative loaded: 138239468731 (372 x 142, pos=, slot=dynamic_showcase__1)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

559abf2ac226b0e9a1825107f9741d70.safeframe.googlesyndication.com
686eb719.akstat.io
ad.doubleclick.net
adservice.google.com
adservice.google.de
adservice.google.pl
at.cbsi.com
bam-cell.nr-data.net
c.go-mpulse.net
cbsdfp5832910442.s.moatpixel.com
cdn.ampproject.org
cdn.cookielaw.org
cmg1.cbsistatic.com
confiant-integrations.global.ssl.fastly.net
content.upguard.com
d5d33ed430cb28c48bd3e443f2d4904f.safeframe.googlesyndication.com
fiaqj6absjkbikqce3ygyaaaabp3xr4p-pk3s5u-4b39b38ce-clienttons-s.akamaihd.net
geo.moatads.com
geolocation.onetrust.com
googleads.g.doubleclick.net
js-agent.newrelic.com
mb.moatads.com
pagead2.googlesyndication.com
px.moatads.com
rev.cbsi.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
urs.zdnet.com
vidtech.cbsinteractive.com
www.google.com
www.googletagservices.com
www.summerhamster.com
www.zdnet.com
yjrwsyyccc5ewx53y6hq-pk3s5u-287550bf9-clientnsv4-s.akamaihd.net
z.moatads.com
zdnet1.cbsistatic.com
zdnet2.cbsistatic.com
zdnet3.cbsistatic.com
zdnet4.cbsistatic.com
151.101.114.110
151.101.13.194
151.101.65.188
162.247.243.146
172.217.16.134
199.60.103.28
2.16.186.75
216.58.206.2
23.212.157.206
23.55.163.4
2606:4700:10::6814:b844
2606:4700::6810:9540
2a00:1450:4001:801::2002
2a00:1450:4001:803::2001
2a00:1450:4001:80b::2001
2a00:1450:4001:815::2002
2a00:1450:4001:81a::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:820::2001
2a00:1450:4001:824::2002
2a02:26f0:6c00:19a::11a6
2a02:26f0:6c00:291::11a6
2a02:26f0:6c00::210:ba13
2a02:26f0:6c00::210:ba19
2a04:4e42:1b::444
2a04:4e42:3::444
2a04:4e42:3::645
2a04:4e42:46::444
3.8.225.221
3.9.96.171
34.102.213.242
52.28.196.64
95.101.185.246
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b10167b8d0ac41c1b681a2cce2977f08c4bb49f3261d7ff2fce60b0e59f7c0
0844bd3c4baeabefa82df5e7dab5789c384a63f93799d25d325923c87941b79b
0a3c2f4deba7415a3a1106c91c5920f5292c7a602996cbf139ae5b9c3c28e0d3
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c
17546b1db18a537c923e612ad42af892a2b56d8f374d15549b37500fbd67c869
192c6e1ec42dc4aee608bae2b611495427b006930759bdb7fc355c3483799297
1a09d0f4af8194ad4d95da43041cc05e9a17946f699eb0316278f1b02564e5f2
1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9
1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b
21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a
28cada33bfa7887e6bc95ff0644bcafd05c9337e724af384bc0094d0efc2875e
2a2e21ebff85f5dd9baa3466c6c15c966d40b61aeee43c24198d44e58ec358bc
2b1068aa007abf0e405b0840844c67718204a0073dc392337d78427a0dba6854
2bf78db102c9d6e84c8e86cd2bd6134383688ae866a991028728b62f482358ab
3216b8728454cd4e9b83b64154fa8df2ddc3dd0a921c813e8ce3f485cc33bc53
35b7f92fe5fa921ff5e686240c5951435b762f2b0b966b3f127245e086e26991
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3a4a0cd9fba1b85eaa8fc1222f0965fd563dd5631a07ab1c2dff170f1d0bc6e8
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
487c0c467355b47e27c90679fdb5d43d7b90d6ae36b7b95ec0e31f5c3a17f950
4fac4de8c202a61aa079a9442f868649f7793bf5a1d3b45b5fdbdc821a99c6d9
52828dfa3529d1c9daeed4a0706834537478c13874b064e7a7671185bed9812f
565987a1d366f4f97f9fc987a96d6ef3db20bed171589a03968bded4bd38a41a
5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129
602fab312dd82ffb14508d0e186e809e1e27c55a6e62adf5769a9318dc84ce2f
653cc312f4d6245fd0ced6679f2d65bef0005287f4318ada1d2d3cb3f0b367ab
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
68963209b16bd2a387c310495d51021d2fc57e5df9cb87ac98a0505c0daeca43
69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c
727e2cb4c77abe8c29b0e78cdc4413e85a27172a133d44a5e70c756564d7295f
744ae87db00be85a6a482a3e8036f81aafaa7754be29b05a2330d0fbc8fea803
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
7a3e584fe82301b250cd97ebfaf70438c214378a0e5b2c95c5f80c29ec108898
7ab4b2e2145ab40e79cc2648a3a3240af612a1a832a183f58cea80747b1e49f7
7cd54b3c177c3f63dd51c2dae4ef7ca4e3cd938c1afb60e4b4e9d78df952ac75
7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81985398fc901271c131ff91d91398c003e784a171976a36a274f117cbc1e8ac
82f1cc1238504fd9d95f1b80c97f979ad9616a3145e22e639991e12ab19b06c3
9291d9d87d61a0608d3a6b508cb92fa452e2ad612696a66716201dffdf968927
929818adeb5e1a02f2b5e5c279aba54bff72d8519fb14727d61c447eb2c496ab
95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
9838488c81a32714522c6a1e562ae0674bd1d2c3316a8cc9e4f96cfdf9e5c7c5
9bd7477a1f989914a7d043526c25094a302a756028682df693dcc7f1d10a14f0
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9ce8d3bfed7339952b7f3a4143df2e3867ab6ea6555d95d3bd44087d4f672bd1
9d0d33ff3cbe6054d46a549c75a09323fc711113b82fde575003df837cb9f4e0
9d5457322d949fe9365ed5c83ee898c653a3cf00f7fe7ec59691adbef197a277
9dc6d618cecada2f15dd725abc11d766529d6de7fb8a0664eb818dfc0e88412a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a97a5a7dc2b30e9a76ff211332f36d435293c19ed91ca1ad6a66adc1dc50cd
a0aa48808ddef7604ba969db62e4af3a2ba001b7a8751823cf0ab2d430308ea5
a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
ac357eec1b219695bc2451c0ce5647eee0af960beee698f90b06de1d8246945c
ae7d52f46fede815d7fcdb1d2415d7ff18f05eb651acdfa70ccb8b9d7cf53e81
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b9ba39b5cbc0e5d0c08c16b14acaf33f297c0a854b7e22f376af3e9050f2d553
c269c820bb1f57a535cbc2b61ddbd902ef33364e5fd1f827ecaccbd1831c1d42
cb8e91af5e4fcfae2ecebeb8a97ee628ee411bc1b0b2e63c8ac0c990ce11ecf5
cd715c0fa7d69e85432e8b08d0a02b9613edf40212cca2040bde31670167638e
ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d2ebabeed9ffa02600b795c075caf19e29550c0ee15a1db8535ca5121a16cc99
d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d
dfeddecaf8089d4325e7579019de8adeff79055f53ae4eb91db12aa6003e4376
e0cc0930a1ab7e9ae754783576228f3c32caa07605236711cf81035f3f45f0ea
e3689639e8feff607d84663ebcbcf834cdebc11ec9129345587086a28eeb88de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e425d6fd5a56a45ccc953216686f8e3f6f02408cf3894cf377199d60d10290e6
e6e583553cbb5a7bdf3446558cdf29802cda247ce1d63693633b3d74eb749d8e
ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00df8e12274e9bb8818b7b81abbf250dbffacd503c5ca5533df1ac0185c54ed
f1e3d87e5966b1193f8e51bec035a9de6de1c02243deb8f2b9bd280a67715112
f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0
f906b565f798e5326fbbf10052b514aa632de65f3de193f48f3bc6d206e60f7d
fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127
ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

www.zdnet.com Open in urlscan Pro 2a04:4e42:1b::444 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

170 Requests

100 %HTTPS

55 %IPv6

23 Domains

41 Subdomains

32 IPs

5 Countries

3286 kBTransfer

9589 kBSize

5 Cookies

22 Outgoing links

Page URL History

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.zdnet.com Open in urlscan Pro
2a04:4e42:1b::444 Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

100 %
HTTPS

55 %
IPv6

23
Domains

41
Subdomains

32
IPs

5
Countries

3286 kB
Transfer

9589 kB
Size

5
Cookies

170 HTTP transactions
10 data transactions