urlscan.io logo urlscan.io
SecurityTrails logo

www.wired.co.uk Open in urlscan Pro
2600:9000:2057:da00:f:4ddd:5d80:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.wired.co.uk/article/samsam-ransomware
Submission: On September 03 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 6 countries across 28 domains to perform 136 HTTP transactions. The main IP is 2600:9000:2057:da00:f:4ddd:5d80:93a1, located in United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.wired.co.uk.
TLS certificate: Issued by Amazon on January 12th 2019. Valid for: a year.
This is the only time www.wired.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 2600:9000:205... 16509 (AMAZON-02)
1 35.190.75.210 15169 (GOOGLE)
2 2600:9000:205... 16509 (AMAZON-02)
3 151.139.128.10 20446 (HIGHWINDS3)
1 2 34.249.189.245 16509 (AMAZON-02)
2 3 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f02... 32934 (FACEBOOK)
1 35.201.93.216 15169 (GOOGLE)
1 3 23.5.97.37 16625 (AKAMAI-AS)
1 11 151.101.114.133 54113 (FASTLY)
3 152.195.132.202 15133 (EDGECAST)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
1 34.200.196.96 14618 (AMAZON-AES)
1 1 2a03:2880:f22... 32934 (FACEBOOK)
1 2 2a03:2880:f22... 32934 (FACEBOOK)
2 151.101.112.193 54113 (FASTLY)
1 3.122.44.141 16509 (AMAZON-02)
1 2.19.38.84 20940 (AKAMAI-ASN1)
1 3 35.190.59.101 15169 (GOOGLE)
1 35.190.80.55 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
8 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 35.201.67.47 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 216.58.207.34 15169 (GOOGLE)
3 69.173.144.143 26667 (RUBICONPR...)
6 2.18.235.40 16625 (AKAMAI-AS)
8 199.166.0.26 7415 (ADSAFE-1)
8 199.166.0.32 7415 (ADSAFE-1)
1 2606:2800:233... 15133 (EDGECAST)
16 104.244.36.20 7415 (ADSAFE-1)
6 2a00:1450:400... 15169 (GOOGLE)
1 23.37.55.184 16625 (AKAMAI-AS)
136 39
15    2600:9000:2057:da00:f:4ddd:5d80:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
www.wired.co.uk
1    35.190.75.210 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 210.75.190.35.bc.googleusercontent.com
cdn.permutive.com
2    2600:9000:2057:b400:2:75ac:ea80:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
covers.condenast.co.uk
3    151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
s.skimresources.com
p.skimresources.com
2    34.249.189.245 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-249-189-245.eu-west-1.compute.amazonaws.com
secure-uk.imrworldwide.com
3    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
6    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
1    35.201.93.216 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 216.93.201.35.bc.googleusercontent.com
gwiqcdn.globalwebindex.net
3    23.5.97.37 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-5-97-37.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
11    151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
wi-images.condecdn.net
3    152.195.132.202 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
cdn.cookielaw.org
2    2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
4    2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
2    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
platform.twitter.com
1    34.200.196.96 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-200-196-96.compute-1.amazonaws.com
platform.vine.co
1    2a03:2880:f22d:c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
platform.instagram.com
2    2a03:2880:f22d:e5:face:b00c:0:4420 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.instagram.com
2    151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
s.imgur.com
1    3.122.44.141 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-122-44-141.eu-central-1.compute.amazonaws.com
widgets.skyscanner.net
1    2.19.38.84 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-38-84.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
3    35.190.59.101 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
1    35.190.80.55 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 55.80.190.35.bc.googleusercontent.com
gwiq-v3.globalwebindex.net
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com
8    2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
pagead2.googlesyndication.com
1    2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
geolocation.onetrust.com
1    35.201.67.47 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
1    2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
9    216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f2.1e100.net
securepubads.g.doubleclick.net
3    69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com
6    2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
8    199.166.0.26 (United States)

ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US)
PTR: anycast.pixel.adsafeprotected.com
pixel.adsafeprotected.com
8    199.166.0.32 (United States)

ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US)
PTR: anycast.static.adsafeprotected.com
static.adsafeprotected.com
1    2606:2800:233:e50:1eb4:1000:1d3b:1502 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
cookies.onetrust.mgr.consensu.org
16    104.244.36.20 (United States)

ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US)
PTR: nyidt.adsafeprotected.com
dt.adsafeprotected.com
6    2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
1    23.37.55.184 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-37-55-184.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
Apex Domain
Subdomains		 Transfer
32 adsafeprotected.com
pixel.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
339 KB
15 wired.co.uk
www.wired.co.uk
294 KB
11 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
95 KB
11 condecdn.net
wi-images.condecdn.net
83 KB
8 googlesyndication.com
tpc.googlesyndication.com Failed
pagead2.googlesyndication.com
102 KB
7 skimresources.com
s.skimresources.com
p.skimresources.com
r.skimresources.com
t.skimresources.com
20 KB
6 moatads.com
z.moatads.com
px.moatads.com
365 KB
6 googletagservices.com
www.googletagservices.com
152 KB
5 rubiconproject.com
ads.rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
30 KB
5 google.com
www.google.com
adservice.google.com
358 B
5 facebook.net
connect.facebook.net
164 KB
3 facebook.com
www.facebook.com
staticxx.facebook.com
253 B
3 instagram.com
platform.instagram.com
www.instagram.com
5 KB
3 cookielaw.org
cdn.cookielaw.org
56 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 google-analytics.com
www.google-analytics.com
18 KB
2 imgur.com
s.imgur.com
4 KB
2 twitter.com
platform.twitter.com
28 KB
2 google.de
www.google.de
adservice.google.de
280 B
2 globalwebindex.net
gwiqcdn.globalwebindex.net
gwiq-v3.globalwebindex.net
15 KB
2 imrworldwide.com
secure-uk.imrworldwide.com
808 B
2 condenast.co.uk
covers.condenast.co.uk
51 KB
1 consensu.org
cookies.onetrust.mgr.consensu.org
1 onetrust.com
geolocation.onetrust.com
325 B
1 jquery.com
code.jquery.com
30 KB
1 skyscanner.net
widgets.skyscanner.net
9 KB
1 vine.co
platform.vine.co
2 KB
1 permutive.com
cdn.permutive.com
134 KB
136 28
Domain Requested by
16 dt.adsafeprotected.com
15 www.wired.co.uk www.wired.co.uk
11 wi-images.condecdn.net 1 redirects www.wired.co.uk
9 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.wired.co.uk
8 static.adsafeprotected.com pixel.adsafeprotected.com
www.wired.co.uk
8 pixel.adsafeprotected.com www.wired.co.uk
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
6 www.googletagservices.com www.wired.co.uk
securepubads.g.doubleclick.net
5 connect.facebook.net www.wired.co.uk
connect.facebook.net
4 z.moatads.com securepubads.g.doubleclick.net
4 www.google.com 1 redirects securepubads.g.doubleclick.net
3 fastlane.rubiconproject.com ads.rubiconproject.com
3 r.skimresources.com 1 redirects www.wired.co.uk
s.skimresources.com
3 cdn.cookielaw.org www.wired.co.uk
cdn.cookielaw.org
3 sb.scorecardresearch.com 1 redirects www.wired.co.uk
3 www.google-analytics.com 2 redirects www.wired.co.uk
2 pagead2.googlesyndication.com
2 px.moatads.com www.wired.co.uk
2 www.facebook.com www.wired.co.uk
connect.facebook.net
2 p.skimresources.com www.wired.co.uk
2 s.imgur.com www.wired.co.uk
s.imgur.com
2 www.instagram.com 1 redirects www.wired.co.uk
2 platform.twitter.com www.wired.co.uk
platform.twitter.com
2 stats.g.doubleclick.net 1 redirects www.wired.co.uk
2 secure-uk.imrworldwide.com 1 redirects www.wired.co.uk
2 covers.condenast.co.uk www.wired.co.uk
1 eus.rubiconproject.com ads.rubiconproject.com
1 cookies.onetrust.mgr.consensu.org cdn.cookielaw.org
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 t.skimresources.com s.skimresources.com
1 geolocation.onetrust.com code.jquery.com
1 code.jquery.com cdn.cookielaw.org
1 staticxx.facebook.com connect.facebook.net
1 gwiq-v3.globalwebindex.net gwiqcdn.globalwebindex.net
1 ads.rubiconproject.com www.wired.co.uk
1 widgets.skyscanner.net www.wired.co.uk
1 platform.instagram.com 1 redirects
1 platform.vine.co www.wired.co.uk
1 www.google.de www.wired.co.uk
1 gwiqcdn.globalwebindex.net www.wired.co.uk
1 s.skimresources.com www.wired.co.uk
1 cdn.permutive.com www.wired.co.uk
136 43

This site contains links to these domains. Also see Links.

Domain
www.condenast.co.uk
cookiepedia.co.uk
www.ericsson-emodo.com
www.33across.com
www.we-are-adot.com
getcake.com
www.instytut-pollster.pl
www.acuityads.com
www.ad6media.fr
www.adacado.com
adara.com
www.adclear.de
www.addapptr.com
adelement.com
adelphic.com
site.adform.com
adhese.com
v3.adhood.com
www.adikteev.com
adimo.co
www.adition.com
adkernel.com
www.adman.gr
admanmedia.com
www.admaxim.com
admetrics.io
admixer.net
www.admotion.com
www.adobe.com
www.adrollgroup.com
www.adrule.net
www.adspirit.de
www.adsquare.com
adtelligent.com
adtheorent.com
www.adtiming.com
www.adux.com
www.adventori.com
www.adyoulike.com
www.aerserv.com
www.affili.net
affle.com
www.alliancegravity.com
www.amobee.com
www.antvoice.com
www.applift.com
www.appnexus.com
s3.eu-west-2.amazonaws.com
armis.tech
advandeo.com
privacy.audienceproject.com
www.audiens.com
www.audio-cc.com
en.blog.wordpress.com
www.avidglobalmedia.eu
www.selfcampaign.com
corp.bandsintown.com
www.beemray.com
www.beeswax.com
www.adspert.net
bidstack.com
www.bidswitch.com
www.bidtellect.com
bitqueen.com
www.blis.com
www.bmind.es
bombora.com
www.bouncex.com
collector.brandmetrics.com
gobrowsi.com
www.bucksense.com
cablato.com
www.captify.co.uk
www.celtra.com
www.centro.net
www.channelsight.com
www.chargeplatform.com
www.cheq.ai
carbondmp.com
clipcentric.com
www.onaudience.com
voluumdsp.com
www.timeincuk.com
www.vistohub.com
privacy-policy.colpirio.com
freewheel.tv
www.commandersact.com
www.comscore.com
www.confiant.com
connatix.com
connectadrealtime.com
converge-digital.com
www.conversantmedia.eu
crimtan.com
www.criteo.com
www.cuebiq.com
www.cxense.com
cybba.com
www.cpex.cz
www.dataxu.com
www.definemedia.de
www.deltaprojects.com
www.demandbase.com
www.digilant.com
advolution.de
digitalaudience.io
www.digitize.ie
www.digitru.st
districtm.net
www.doubleverify.com
drbanner.com
www.drawbridge.com
eu.dynadmic.com
dynamic-tracking.com
login.rtbmarket.com
inter.effiliation.com
www.emerse.com
www.emetriq.com
emxdigital.com
www.etarget.sk
www.eulerian.com
www.exactag.com
exponential.com
www.eyeota.com
www.ezoic.com
www.fidzup.com
fifty.io
www.flashtalking.com
www.flexoffers.com
fortvision.com
samba.tv
www.fyber.com
www.gamned.com
fiksu.com
www.gemius.com
www.geniussports.com
getintent.com
legal.trendstream.net
goldenbees.fr
www.lemonpi.io
www.groupm.com
gumgum.com
haensel-ams.com
www.iubenda.com
www.dma-institute.com
hybrid.ai
www.id5.io
www.weareilluma.com
impactify.io
impressiondesk.com
www.improvedigital.com
www.indexexchange.com
www.infiniamobile.com
www.inmobi.com
www.innity.com
www.innovid.com
www.inskinmedia.com
instinctive.io
www.insurads.com
intentmedia.com
www.intowow.com
www.invibes.com
www.iotecglobal.com
www.iponweb.com
jampp.com
www.teamjoin.fr
www.jointag.com
justpremium.com
www.kairosfire.com
www.keymantics.com
www.leboncoin.fr
temelio.com
www.leiki.com
www.lemomedia.com
www.lifestreet.com
dtxngr.com
liveintent.com
www.liveramp.com
www.localsensor.com
www.locationsciences.ai
loopme.com
www.lotame.com
luc.id
m32.media
madvertise.com
www.mainad.com
mairdumont-netletix.com
www.marfeel.com
maytrics.com
www.media.net
www.mediamath.com
www.mediarithmics.com
mediasmart.io
www.mgid.com
wearemiq.com
wwwmirando.de
www.mobalo.com
www.mobfox.com
mobpro.com
www.mobusi.com
my6sense.com
www.myntelligence.com
www.nativo.com
near.co
www.neodatagroup.com
www.neory.com
spoldzielnia.nsaudience.pl
www.inres.sk
www.netzeffekt.de
web.neural.one
www.home.neustar
www.newsandmedia.sk
nexd.com
www.nielsen.com
ads.1000mercis.com
policies.oath.com
www.ogury.com
s.on-device.com
www.onetag.net
adsafety.net
www.onnetwork.tv
ooyala.com
www.openx.com
optomaton.com
www.oracle.com
www.addthis.com
static.orion-semantics.com
www.outbrain.com
www.makethunder.com
www.parsec.media
permodo.com
pexi.nl
pilotx.tv
piximedia.com
platform161.com
playground.xyz
www.plista.com
www.pocketmath.com
www.powerlinks.com
datmean.com
proxi.cloud
www.proxistore.com
rta.pubocean.com
www.publicismedia.de
www.pi-rate.com.au
pubmatic.com
pubnative.net
www.pulsepoint.com
www.purch.com
purposelab.com
www.qriously.com
www.quantcast.com
www.qwertize.com
www.tradedoubler.com
rakutenmarketing.com
readpeak.com
www.realeyesit.com
realzeitmedia.com
www.reignn.com
remerge.io
www.valuedopinions.co.uk
revealmobile.com
www.revlifter.com
rezonence.com
www.rhythmone.com
richaudience.com
www.rms.de
scoota.com
rockyou.com
www.roq.ad
www.r-target.com
www.rtbhouse.com
www.rtk.io
www.salesforce.com
sanoma.fi
scenestealer.tv
www.schibsted.com
www.seedtag.com
www.sharethis.com
platform-cdn.sharethrough.com
corporate.shemedia.com
www.shortlyst.com
www.shopstyle.co.uk
www.sift.co
www.signal.co
signalsdata.com
www.simpli.fi
www.singlespot.com
www.sirdata.com
www.sizmek.com
skimlinks.com
www.slimcutmedia.com
www.smaato.com
smadex.com
smartadserver.com
smart-traffik.io
rgpd-smartclip.com
privacy-portal.smartclip.net
www.smartstream.tv
smartyads.com
sortable.com
woobi.com
www.sojern.com
client.adhslx.com
somoaudience.com
sonobi.com
www.sovrn.com
www.spolecznosci.pl
www.spotad.co
www.spotx.tv
steelhouse.com
stroeermobileperformance.com
www.sub2tech.com
ayads.co
www.sunmedia.tv
www.switchconcepts.com
redirect.sync.tv
static.tabmo.io.s3.amazonaws.com
www.taboola.com
tacticrealtime.com
www.tapad.com
www.taptapnetworks.com
teads.tv
tealium.com
teemo.co
telaria.com
www.e-planning.net
www.theadex.com
www.kantar.com
ozoneproject.com
www.reachgroup.com
www.rubiconproject.com
www.thetradedesk.com
www.thirdpresence.com
privacy.timeonegroup.com
www.totaljobs.com
tradelab.com
travelaudience.com
www.tresensa.com
appreciate.mobi
www.shinystat.com
triplelift.com
tunnl.com
www.turboadv.com
ubermedia.com
underdogmedia.com
uprival.com
chocolateplatform.com
www.vectaury.io
www.venatusmedia.com
www.vibrantmedia.com
www.vi.ai
www.videoreach.de
vidoomy.com
viewpay.tv
viralize.com
primo.design
www.vuble.tv
privacy.webads.eu
www.webedia-group.com
weborama.com
www.whenevermedia.com
www.widespace.com
www.wizaly.com
www.groundtruth.com
xmode.io
www.yhmg.com
www.yieldmo.com
www.yieldr.com
yoc.com
www.yormedia.com
zbo.media
www.zemanta.com
www.ziffdavis.com
zighzag.com
onetrust.com
wired.co.uk
www.facebook.com
www.twitter.com
www.instagram.com
www.youtube.com
twitter.com
citycouncil.atlantaga.gov
www.ajc.com
www.sophos.com
www.renditioninfosec.com
www.cbs46.com
www.wired.com
web.mhanet.com
Subject Issuer Validity Valid
*.wired.co.uk
Amazon		 2019-01-12 -
2020-02-12		 a year crt.sh
*.permutive.com
DigiCert SHA2 Secure Server CA		 2019-06-18 -
2020-06-24		 a year crt.sh
*.condenast.co.uk
Amazon		 2019-07-31 -
2020-08-31		 a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2018-09-13 -
2020-10-07		 2 years crt.sh
*.imrworldwide.com
DigiCert SHA2 Secure Server CA		 2019-02-25 -
2020-02-25		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-08-13 -
2019-11-11		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-08-24 -
2019-10-19		 2 months crt.sh
*.globalwebindex.net
RapidSSL RSA CA 2018		 2017-12-13 -
2020-12-19		 3 years crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA		 2018-11-28 -
2019-12-26		 a year crt.sh
cni-digital2.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-06-03 -
2020-03-04		 9 months crt.sh
sa437gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2018-05-17 -
2020-08-19		 2 years crt.sh
www.google.de
GTS CA 1O1		 2019-08-13 -
2019-11-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-08-13 -
2019-11-11		 3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2018-11-19 -
2019-11-27		 a year crt.sh
*.vine.co
DigiCert SHA2 High Assurance Server CA		 2019-01-14 -
2020-01-23		 a year crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2019-07-11 -
2019-10-09		 3 months crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA		 2018-12-14 -
2020-02-12		 a year crt.sh
*.skyscanner.net
Thawte RSA CA 2018		 2019-03-22 -
2021-05-20		 2 years crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-02-13 -
2021-02-17		 2 years crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.onetrust.com
DigiCert SHA2 Secure Server CA		 2018-03-12 -
2020-06-14		 2 years crt.sh
*.google.com
GTS CA 1O1		 2019-08-13 -
2019-11-11		 3 months crt.sh
moatads.com
DigiCert ECC Secure Server CA		 2018-11-10 -
2020-02-09		 a year crt.sh
*.adsafeprotected.com
COMODO RSA Domain Validation Secure Server CA		 2018-08-20 -
2020-09-17		 2 years crt.sh
snic232gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2018-08-09 -
2020-08-12		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2019-08-13 -
2019-11-11		 3 months crt.sh
www.google.com
GTS CA 1O1		 2019-08-13 -
2019-11-11		 3 months crt.sh

This page contains 18 frames:

Primary Page: https://www.wired.co.uk/article/samsam-ransomware
Frame ID: 17724122BFC5D267C7CA852755A61737
Requests: 96 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.097c1f5038f9e8a0d62a39a892838d66.html?origin=https%3A%2F%2Fwww.wired.co.uk
Frame ID: 435FDEB86D8DD4D058163FF7666A3376
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: B3167DA118EFA63588CCA28ED33E3FC8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8dmOmP5iyoqS_ErqSYgqGOcd2nl5iDq_ip3TL__1S_VITMka_FUkUclRyXsJXS7xfTMkaPFRo1PXVA3Vu670Ufjtt1Scewy_Z7nDgdVe_qZf9dlj0qGtrvhdxghUoumCav0Ov1BIvvMR_rMTLVdinF3F7iIgM5RHF5HTLp6enXvN_ZDiQy-8M-Aau6O8q4QMVeIdHQ20rmCgdqzEpgmt48tdSOBxWXjWZxYc3_wDo6KH8LC-jHB7s49wWRkJQt0ObcGu1wlcGqlYMjf_whqqsfLK_rliKh-atg946TseQcrc&sai=AMfl-YRDQkI5KReIErq-q3fZ2TVI4Gf0L4yWEgiUdYmo3c6n0DV-7FoWqcjVpWq9uOcilNLH8dsjyne-9xzEnxEahv0a6ATcGaRKpt7K2rW6&sig=Cg0ArKJSzCn_zzveoFq4EAE&urlfix=1&adurl=
Frame ID: E6B06C4F93EE1E12AFB2B928992E37D9
Requests: 4 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=930423&campId=5x5&pubId=12541037&chanId=118208237&placementId=776821277&pubCreative=98972786717&pubOrder=369010877&cb=1315491132&adsafe_par&impId=&custom=&custom2=&custom3=
Frame ID: 7E62C2C6B6BE08FFDF4AC0CDA6B359E6
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E20F53B1679CD6EF3F0E67D158FC353D
Requests: 1 HTTP requests in this frame

Frame: https://cookies.onetrust.mgr.consensu.org/?name=euconsent&value=&expire=0&isFirstRequest=true
Frame ID: 53F71B0AAF92124D93F224C674CE81D0
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.95.js
Frame ID: 5E806C3D2FBAC92947DB037AC3936B37
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXNqhjnXmGjM3ihF1XjMgQ9hb2GBwQjFabOW9c6ef1B4uNx9i9p9HJ9J4-hvLWigu_mN4-RppRyEUKtL8QniSwhkN3DPs8wMxwyPUIwLKIPV2dQeutHb_CgqjYEZGQFOqcH0kEg9rucRD-nitkZN3AziHbFAOGqG2onVnLKbFg5c82eaSU1CW_ZFw4-ZJUolIISt1MDcoIPIVjBsI1qsTx_euMTOlTZbvGEB8iWqU2ZuBpDVcyf3FoaPdf0oNb6odJ9XAt_k_wbvhggtuKs1fHsTQ4XWV5xnnBVFfNzsH3nh6_SkQ180hD0q7TMg&sig=Cg0ArKJSzIwrEAHauHQ8EAE&adurl=
Frame ID: 2D270213CFC8D85188B58FA1D288F98B
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdbYD9PQYXWzGdd-6PoT18xVmxUgw66cce-u_hP4cMCuUlcUKClTLaczISZowr6bvH6qDtEsy_z9k3UzuCgRHq1ISTiTmVrfY2G6QIXBv-i-f3_qZXr97S8rW4XNWc8DY6ZJj4zcok9oj4T-e9uG1LjmM9M6t3xANTYXvr7xM8XfjX7GhHPZBh57gV7YKyr3ruWkRyVIxHn1nA0mm7QlywOzstJRYcB6fkvQEI5yDPNUY-jLGsyJhZfO1H_p_y1q53tY437T1sIIZya7dXFHC8rE2JCQcEm78ntXsA0SCjfu7y5JCtKw6Tp_HXwA&sig=Cg0ArKJSzG8Ey6ZlsYVvEAE&adurl=
Frame ID: 44E80AD1BBA65FB9D08B7611090DAF5A
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7eTMZJp_4ZOusXGw99piCuOWj9MIx-rWsSzkvVHmwMcIkPwlo6vTdD2HCWmG7Em1zmdVxl_Y_Uzt29eeZ6KGi8g8HtuErAqft8zMcghaXnCqg55wl8yG5yxoKsGP_iEiBdheHzYczLuaLPb8FDtsS1D0HFRsX1YiunK6bF1mSG2h9Vyv7g6SkpcHOG0BUg5bBev5_Btbt_hy2Gk0T5LKFEFDdBll5dESdUV1y680tSWA90_eQ9dSpn9RXg0SRma96FIYo1DsbN3ODNCOH46nzVVa6QPKvimfDW2YlYBtkp39lr1Z6rYJcMzEs5Q&sig=Cg0ArKJSzFySCNJK6p0QEAE&adurl=
Frame ID: 50D28C9ABE70AE867B16F215F615DA6F
Requests: 7 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=930423&campId=728x90&pubId=37412957&chanId=118208237&placementId=5025146136&pubCreative=138266510660&pubOrder=2249627994&cb=2045303301&adsafe_par&impId=&custom=&custom2=&custom3=
Frame ID: AF5A02FB1A82D4AB5E33B66762E43B71
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=930423&campId=300x250&pubId=37412957&chanId=118208237&placementId=5139842783&pubCreative=138279795232&pubOrder=2249627994&cb=916963413&adsafe_par&impId=&custom=&custom2=&custom3=
Frame ID: B7E2605DE25DED3A0E1F183D8A2892A2
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=930423&campId=300x250&pubId=37412957&chanId=118208237&placementId=5025146136&pubCreative=138266510636&pubOrder=2249627994&cb=641859184&adsafe_par&impId=&custom=&custom2=&custom3=
Frame ID: 66BB48467D5DE00EB532B31B8E4FC430
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.95.js
Frame ID: 287F832AF7E2E12A5A1FB05A3154E20F
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.95.js
Frame ID: 5769CD43D8811FB3905BA97B2E7ED008
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.95.js
Frame ID: 7239B51F5CF674ED03CAB37D6C0AC923
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?geo=na&co=us
Frame ID: 74FCE356E4162DF66483BDAEE0041D02
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

136
Requests

99 %
HTTPS

46 %
IPv6

28
Domains

43
Subdomains

39
IPs

6
Countries

1996 kB
Transfer

5735 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://secure-uk.imrworldwide.com/cgi-bin/m?ci=uk-405185h&cg=0&cc=1&si=https%3A//www.wired.co.uk/article/samsam-ransomware&rp=&ts=compact&rnd=1567518458728 HTTP 302
  • https://secure-uk.imrworldwide.com/cgi-bin/m?ci=uk-405185h&cg=0&cc=1&si=https%3A//www.wired.co.uk/article/samsam-ransomware&rp=&ts=compact&rnd=1567518458728&ja=1
Request Chain 22
  • https://wi-images.condecdn.net/image/Pyznj0v4kJw/crop/200/square/f/Matt-Burgess_V1.jpg HTTP 302
  • https://wi-images.condecdn.net/image/Pyznj0v4kJw/crop/200
Request Chain 25
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=58496288&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&ul=en-us&de=UTF-8&dt=SamSam%20ransomware%3A%20The%20mysterious%20group%20shutting%20down%20cities%2C%20hospitals%20and%20transport%20%7C%20WIRED%20UK&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=6GDAAEAB~&jid=20801941&gjid=2008966891&cid=1154345201.1567518459&tid=UA-8086546-1&_gid=1212987205.1567518459&_r=1&cd5=web&cd43=false&cd1=Article&cd3=%2Farticle%2Fsamsam-ransomware&cd22=Wed%2C%2001%20Aug%202018%2007%3A00%3A00%20BST&cd10=Wed%2C%2001%20Aug%202018%2007%3A00%3A00%20BST&cd41=Wednesday&cd42=07&cd9=398&cd45=Wed%2C%2001%20Aug%202018%2007%3A00%3A00%20BST&cd7=Matt%20Burgess&cd4=Hacking&cd6=Hacking%7CSecurity&cd19=false&cd36=76RbaPv1JNz&cd8=988&cd49=null&cd50=null&cd51=null&cd48=false&cd24=16&cd46=false&cd107=1154345201.1567518459&z=748871366 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8086546-1&cid=1154345201.1567518459&jid=20801941&_gid=1212987205.1567518459&gjid=2008966891&_v=j79&z=748871366 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8086546-1&cid=1154345201.1567518459&jid=20801941&_v=j79&z=748871366 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8086546-1&cid=1154345201.1567518459&jid=20801941&_v=j79&z=748871366&slf_rd=1&random=2190139448
Request Chain 26
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=58496288&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&ul=en-us&de=UTF-8&dt=SamSam%20ransomware%3A%20The%20mysterious%20group%20shutting%20down%20cities%2C%20hospitals%20and%20transport%20%7C%20WIRED%20UK&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=6GDAAEAB~&jid=1958255364&gjid=50792192&cid=1154345201.1567518459&tid=UA-15982414-1&_gid=1212987205.1567518459&_r=1&z=729253984 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15982414-1&cid=1154345201.1567518459&jid=1958255364&_gid=1212987205.1567518459&gjid=50792192&_v=j79&z=729253984
Request Chain 31
  • https://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js
Request Chain 36
  • https://sb.scorecardresearch.com/b?c1=2&c2=15335235&cs_ucfr=&ns__t=1567518458824&ns_c=UTF-8&cv=3.1&c8=SamSam%20ransomware%3A%20The%20mysterious%20group%20shutting%20down%20cities%2C%20hospitals%20and%20transport%20%7C%20WIRED%20UK&c7=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=15335235&cs_ucfr=&ns__t=1567518458824&ns_c=UTF-8&cv=3.1&c8=SamSam%20ransomware%3A%20The%20mysterious%20group%20shutting%20down%20cities%2C%20hospitals%20and%20transport%20%7C%20WIRED%20UK&c7=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&c9=
Request Chain 40
  • https://r.skimresources.com/api/ HTTP 307
  • https://r.skimresources.com/api/?xguid=01DKVP3108JPDMNQA454NRTD7V&persistence=1&checksum=8d97436abf9974d0e024f467e307e0fa6a7c9cff1f1ec816cd65a66c59bcff6d

136 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request samsam-ransomware
www.wired.co.uk/article/ 		98 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:da00:f:4ddd:5d80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
' DROP TABLE server_types; -- /
Resource Hash
69aedd2b2e4972e79f9161c962de3c370be68400b4f9c6474434c41c67ebbd39
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

:method
GET
:authority
www.wired.co.uk
:scheme
https
:path
/article/samsam-ransomware
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
content-type
text/html; charset=utf-8
date
Tue, 03 Sep 2019 13:47:38 GMT
cache-control
max-age=600
content-encoding
gzip
content-security-policy-report-only
default-src https: 'self'; connect-src https: wss: 'self'; font-src https: data: 'self'; frame-src https:; img-src https: data: 'self'; manifest-src https: 'self'; media-src https: 'self'; object-src none; script-src https: 'self' 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline' 'self'; upgrade-insecure-requests; report-uri https://csp.condenet.co.uk/r/wi/prod
expires
Tue, 03 Sep 2019 13:57:00 GMT
last-modified
Tue, 03 Sep 2019 13:47:38 GMT
server
' DROP TABLE server_types; --
server-timing
content-api=180.00000715255737,bbcode-render-all-total;dur=80.00000566244125;desc="Render all bbcode",render-template-total;dur=9.999997913837433;desc="Render mustache template",complete-total;dur=219.9999988079071;desc="Complete total time"
strict-transport-security
max-age=63072000; includeSubDomains;
x-arnie
See you at the party, Richter!
x-men
Professor X, Cyclops, Beast, Angel and Marvel Girl
x-sigma
revproxy
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 507b5edb20d0e1a0b73c8687f53defa9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
kRHOE52T3RFCU_9okmL3OjUUQQSG7It-ygfqYJrkvKdwSsbg0ihLVQ==
page.min.css
www.wired.co.uk/static/css/ 		246 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wired.co.uk/static/css/page.min.css
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:da00:f:4ddd:5d80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
1a4e52ad82419da201955d1a266c719de20e7f97bbb0f40b8d9a766961df4f12

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 08:43:09 GMT
content-encoding
gzip
age
173
x-cache
Hit from cloudfront
status
200
x-sigma
revproxy
pragma
public
last-modified
Wed, 24 Jul 2019 20:52:23 GMT
server
nginx
etag
W/"5d38c507-3d8e6"
vary
Accept-Encoding
content-type
text/css
via
1.1 507b5edb20d0e1a0b73c8687f53defa9.cloudfront.net (CloudFront)
cache-control
max-age=900, public
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
L2ZjZ58DjZWoxRaIrSYxVU7VZJzuK1YnZTnrKncr6mptZ2nQvJjp7w==
expires
Tue, 03 Sep 2019 08:58:09 GMT
bd1cec50-00d1-4ce9-9572-785857419a1e-web.js
cdn.permutive.com/ 		574 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/bd1cec50-00d1-4ce9-9572-785857419a1e-web.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.75.210 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
210.75.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e5312973c73f6ec06d9dc603ce82f86bb909e0f0eefd0d9574b3e975d3d9c3fd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:42:40 GMT
content-encoding
gzip
age
298
x-guploader-uploadid
AEnB2UogWm2HbZFg45AXytyQE5w242PZJnxr_VN7sI0hcwPif8cLU6MI_z7m6C1uPOvAV3nGAw2Y4FCkkvcVvR5Xkd05Acv7ag
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
136543
last-modified
Tue, 03 Sep 2019 11:37:55 GMT
server
UploadServer
etag
"f1a27065114b58cee3d122c6ae1b5f8d"
vary
Accept-Encoding
x-goog-hash
crc32c=E87RiQ==, md5=8aJwZRFLWM7j0SLGrhtfjQ==
x-goog-generation
1567510675874670
cache-control
max-age=300, public
x-goog-stored-content-length
136543
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 03 Sep 2019 13:47:40 GMT
/
covers.condenast.co.uk/api/v1/wi/latest/image/print/300/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covers.condenast.co.uk/api/v1/wi/latest/image/print/300/
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:b400:2:75ac:ea80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
4746a8c470066c85cd2241b8970a3ac6faef9310b0371c881a7b78484eac7d27

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 12:08:21 GMT
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified
Tue, 03 Sep 2019 12:08:21 GMT
server
nginx
age
5957
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=21600
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
Dc0RHBjFaJtLpcUjVsN_zcI8o9bTKThzMpO8Qpe_xMWm5QNWpdA7Tw==
expires
Tue, 03 Sep 2019 18:08:21 GMT
/
covers.condenast.co.uk/api/v1/wi/latest/image/tablet/300/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covers.condenast.co.uk/api/v1/wi/latest/image/tablet/300/
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:b400:2:75ac:ea80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
b64496421dc2338ca414bf78bcdcb375e6d2699948a2d3820c435cc02a207be6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:35:27 GMT
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified
Tue, 03 Sep 2019 13:35:27 GMT
server
nginx
age
731
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=21600
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
qwEzGkZwcQS8hy7xtK_b3XeflYY22X-FlB467d9jzM4E-DO-P0ufjg==
expires
Tue, 03 Sep 2019 19:35:27 GMT
tiny.gif
www.wired.co.uk/static/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wired.co.uk/static/img/tiny.gif
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:da00:f:4ddd:5d80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
8c2789be580b7cd332e266ef9ea3fd3b0e3e51dc1cfd0f3474e8a54b6eb08b8e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:44:45 GMT
via
1.1 507b5edb20d0e1a0b73c8687f53defa9.cloudfront.net (CloudFront)
age
313
x-cache
Hit from cloudfront
status
200
x-sigma
revproxy
content-length
1097
pragma
public
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
nginx
etag
"1dc09d84-449"
content-type
image/gif
cache-control
max-age=900, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
NLhUe4L3ASHDKi7MK0wjADHp2zecugo4pxSHd3iXw-rf0CDzS-gzzA==
expires
Tue, 03 Sep 2019 13:57:25 GMT
100796X1589915.skimlinks.js
s.skimresources.com/js/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/100796X1589915.skimlinks.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57aae00d0e01665328927b13cbed2fbd9e47711d5657d2fa5cd34848e7ee53c9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:38 GMT
content-encoding
gzip
last-modified
Wed, 28 Aug 2019 08:45:24 GMT
server
AmazonS3
x-amz-request-id
70E8E754C2615C39
etag
"bd97af3f291369710148f07f2f6751be"
x-hw
1567518458.cds083.fr8.hn,1567518458.cds013.fr8.c
content-type
application/octet-stream
status
200
cache-control
max-age=3600
accept-ranges
bytes
content-length
18101
x-amz-id-2
mgkHpn+v45WeMhUQ7NBWifZn/470OEJVEhTxp75C8eoKwx2WvDCf3H6030mRVNVdYyYCFkvEtAs=
ads.js
www.wired.co.uk/static/js/ 		27 B
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wired.co.uk/static/js/ads.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:da00:f:4ddd:5d80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
1228207bc671da7b6cce0ca73c10ee4e059055f521c0dcc9bffe6fbca1c16306

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:38:34 GMT
via
1.1 507b5edb20d0e1a0b73c8687f53defa9.cloudfront.net (CloudFront)
age
631
x-cache
Hit from cloudfront
status
200
x-sigma
revproxy
content-length
27
pragma
public
last-modified
Wed, 24 Jul 2019 20:52:23 GMT
server
nginx
etag
"5d38c507-1b"
content-type
application/javascript
cache-control
max-age=900, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
dSzG6_loqWx5dzU-yK_ucQjZ3lAgoqxxg35SpxMSwIVryKgiwLwQ4g==
expires
Tue, 03 Sep 2019 13:52:07 GMT
core.min.js
www.wired.co.uk/static/js/ 		113 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wired.co.uk/static/js/core.min.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:da00:f:4ddd:5d80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
5d9b8a3b37a72b6fc1218e3d026286026177e70f431e4bd279d8a90415a7f3af

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:23:28 GMT
content-encoding
gzip
age
544
x-cache
Hit from cloudfront
status
200
x-sigma
revproxy
pragma
public
last-modified
Wed, 24 Jul 2019 20:53:52 GMT
server
nginx
etag
W/"5d38c560-1c57d"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 507b5edb20d0e1a0b73c8687f53defa9.cloudfront.net (CloudFront)
cache-control
max-age=900, public
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
ndbKKn1t2txwLPZy7mvmxXxJ2gF7pGio6V_ZB-XYzt8v0mCfonOFUw==
expires
Tue, 03 Sep 2019 13:38:28 GMT
article.min.js
www.wired.co.uk/static/js/ 		84 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wired.co.uk/static/js/article.min.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:da00:f:4ddd:5d80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
a7641164ae3a09306d092ddadeb0e9a4f43106027bfcb684f530aba8fa87aff6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 07:51:23 GMT
content-encoding
gzip
age
544
x-cache
Hit from cloudfront
status
200
x-sigma
revproxy
pragma
public
last-modified
Wed, 24 Jul 2019 20:53:52 GMT
server
nginx
etag
W/"5d38c560-14e87"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 507b5edb20d0e1a0b73c8687f53defa9.cloudfront.net (CloudFront)
cache-control
max-age=900, public
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
-RBwj_7XcjR5y2zsbjarlsSPfCllrNqrYsu307aSkDkOh33HyN8eJw==
expires
Tue, 03 Sep 2019 08:06:23 GMT
Exchange-Web-Roman.woff2
www.wired.co.uk/static/fonts/exchange-web/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.co.uk/static/fonts/exchange-web/Exchange-Web-Roman.woff2
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:da00:f:4ddd:5d80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
f061903e91136a670ee391e65b5b85f0dfa50939e3c7febb662e30502a5540a2

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.wired.co.uk/static/css/page.min.css
Origin
https://www.wired.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:35:56 GMT
via
1.1 507b5edb20d0e1a0b73c8687f53defa9.cloudfront.net (CloudFront)
age
708
x-cache
Hit from cloudfront
status
200
x-sigma
revproxy
content-length
27052
pragma
public
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
nginx
etag
"1dc09d84-69ac"
content-type
application/octet-stream
cache-control
max-age=900, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
DRdJ40qsdy1R1Br3hLJx45-08StaVd6gq6la0S3leNQHbC1L1jSi2g==
expires
Tue, 03 Sep 2019 13:50:50 GMT
BrutalType-Medium.woff2
www.wired.co.uk/static/fonts/brutal-type/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.co.uk/static/fonts/brutal-type/BrutalType-Medium.woff2
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:da00:f:4ddd:5d80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
70ccb2c9bbcaff90719cf917e90b949cf9b2cb71fb6d27e3cc0f6f69ac813725

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.wired.co.uk/static/css/page.min.css
Origin
https://www.wired.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:38 GMT
via
1.1 507b5edb20d0e1a0b73c8687f53defa9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
status
200
x-sigma
revproxy
content-length
19216
pragma
public
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
nginx
etag
"1dc09d84-4b10"
content-type
application/octet-stream
cache-control
max-age=900, public
accept-ranges
bytes
x-amz-cf-id
QvMYMcM9eMgr6iZ0cK5OFk8YIE1mzXipWrl7qh044GGkXnOJZpyidA==
expires
Tue, 03 Sep 2019 14:01:38 GMT
BrutalType-Light.woff2
www.wired.co.uk/static/fonts/brutal-type/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.co.uk/static/fonts/brutal-type/BrutalType-Light.woff2
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:da00:f:4ddd:5d80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
1aac7ab7b21ee9a7169669311e9858868ad5c0e98214bfb1b21f5e45ddb1f322

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.wired.co.uk/static/css/page.min.css
Origin
https://www.wired.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:38 GMT
via
1.1 507b5edb20d0e1a0b73c8687f53defa9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
status
200
x-sigma
revproxy
content-length
20248
pragma
public
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
nginx
etag
"1dc09d84-4f18"
content-type
application/octet-stream
cache-control
max-age=900, public
accept-ranges
bytes
x-amz-cf-id
ATa8rhCgU_-aRIWzxnogaIKUlt2IUq6KpkRDTjgdcebqqoGIdS9W2A==
expires
Tue, 03 Sep 2019 14:01:38 GMT
BrutalType-Bold.woff2
www.wired.co.uk/static/fonts/brutal-type/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.co.uk/static/fonts/brutal-type/BrutalType-Bold.woff2
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:da00:f:4ddd:5d80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
285c72953eb85aeef5a80f8f900d0066e0a714565dd63c1adee46c67e1138159

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.wired.co.uk/static/css/page.min.css
Origin
https://www.wired.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:38 GMT
via
1.1 507b5edb20d0e1a0b73c8687f53defa9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
status
200
x-sigma
revproxy
content-length
19600
pragma
public
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
nginx
etag
"1dc09d84-4c90"
content-type
application/octet-stream
cache-control
max-age=900, public
accept-ranges
bytes
x-amz-cf-id
L6NFuOgZY-ZeKMcfe-PVqJq8HE7WOrMSmUtRpwxVq8Q36cx4tu-RdA==
expires
Tue, 03 Sep 2019 14:01:38 GMT
New-Grotesk-Square-Light.woff2
www.wired.co.uk/static/fonts/new-grotesk-square/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.co.uk/static/fonts/new-grotesk-square/New-Grotesk-Square-Light.woff2
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:da00:f:4ddd:5d80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
913529a1ab355be3064eee81a60e3d79fbbd2702df8a1da88437ee7fb80115e3

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.wired.co.uk/static/css/page.min.css
Origin
https://www.wired.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:44:45 GMT
via
1.1 507b5edb20d0e1a0b73c8687f53defa9.cloudfront.net (CloudFront)
age
476
x-cache
Hit from cloudfront
status
200
x-sigma
revproxy
content-length
46704
pragma
public
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
nginx
etag
"1dc09d84-b670"
content-type
application/octet-stream
cache-control
max-age=900, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
ArGknKYYu4GRAixgekPY0HATcQf2tGM2QRUMtG04JyZOqjc1W6qjzw==
expires
Tue, 03 Sep 2019 13:54:42 GMT
Exchange-Web-Italic.woff2
www.wired.co.uk/static/fonts/exchange-web/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.co.uk/static/fonts/exchange-web/Exchange-Web-Italic.woff2
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:da00:f:4ddd:5d80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
c5b6a6c4915c90208d9b974b47815e9ec73ded1494a1793ed28eae2ff0e23b9a

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.wired.co.uk/static/css/page.min.css
Origin
https://www.wired.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:44:45 GMT
via
1.1 507b5edb20d0e1a0b73c8687f53defa9.cloudfront.net (CloudFront)
age
476
x-cache
Hit from cloudfront
status
200
x-sigma
revproxy
content-length
22824
pragma
public
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
nginx
etag
"1dc09d84-5928"
content-type
application/octet-stream
cache-control
max-age=900, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
7FsGpHs1FWsf2GwFgZabYpnjSL1t4R-CFHzYdHtjseJ49xeWqbMzIA==
expires
Tue, 03 Sep 2019 13:54:42 GMT
Exchange-Web-Semibold.woff2
www.wired.co.uk/static/fonts/exchange-web/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.co.uk/static/fonts/exchange-web/Exchange-Web-Semibold.woff2
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:da00:f:4ddd:5d80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
c937f9cdc6de247e1b571b2210a1c0a853cc324aff18b8598649daaa4bdec25a

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.wired.co.uk/static/css/page.min.css
Origin
https://www.wired.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:45:16 GMT
via
1.1 507b5edb20d0e1a0b73c8687f53defa9.cloudfront.net (CloudFront)
age
145
x-cache
Hit from cloudfront
status
200
x-sigma
revproxy
content-length
27656
pragma
public
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
nginx
etag
"1dc09d84-6c08"
content-type
application/octet-stream
cache-control
max-age=900, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
mLihn4xdG-w9k94FTNWAhjcxKHDvyo00YQXDh12bkByRvV5le7-UpA==
expires
Tue, 03 Sep 2019 14:00:13 GMT
m
secure-uk.imrworldwide.com/cgi-bin/
Redirect Chain
  • https://secure-uk.imrworldwide.com/cgi-bin/m?ci=uk-405185h&cg=0&cc=1&si=https%3A//www.wired.co.uk/article/samsam-ransomware&rp=&ts=compact&rnd=1567518458728
  • https://secure-uk.imrworldwide.com/cgi-bin/m?ci=uk-405185h&cg=0&cc=1&si=https%3A//www.wired.co.uk/article/samsam-ransomware&rp=&ts=compact&rnd=1567518458728&ja=1
44 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-uk.imrworldwide.com/cgi-bin/m?ci=uk-405185h&cg=0&cc=1&si=https%3A//www.wired.co.uk/article/samsam-ransomware&rp=&ts=compact&rnd=1567518458728&ja=1
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.189.245 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-189-245.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2019 13:47:38 GMT
server
nginx
status
200
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Sep 2019 13:47:38 GMT
server
nginx
status
302
location
https://secure-uk.imrworldwide.com/cgi-bin/m?ci=uk-405185h&cg=0&cc=1&si=https%3A//www.wired.co.uk/article/samsam-ransomware&rp=&ts=compact&rnd=1567518458728&ja=1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-length
0
expires
Thu, 01 Dec 1994 16:00:00 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1301
date
Tue, 03 Sep 2019 13:25:57 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Tue, 03 Sep 2019 15:25:57 GMT
fbevents.js
connect.facebook.net/en_US/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
23404
x-xss-protection
0
pragma
public
x-fb-debug
LMjDHfmOc64p4fPw9zR8p/Pzq+GoPR3pmvI3UCPEnFSzO3JUwdW97oPP/V7Okx96SCCDxLf+rozTP1KeUlXIEQ==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Tue, 03 Sep 2019 13:47:38 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
gwiq.js
gwiqcdn.globalwebindex.net/gwiq/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gwiqcdn.globalwebindex.net/gwiq/gwiq.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.93.216 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
216.93.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2f78a9f3d1d4b5078213d39c3f51ea1f5b72d91793a9e3fa14612e9d1add543d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:26:13 GMT
age
1285
x-guploader-uploadid
AEnB2Up0Wnyeoz19pNzR55gtj-lfJSX0-LURyQqJZuEktGuXJa-SVntR_Ij0Qus1mhTqWSjcZ4eWZ9N1AQB5beroy5IeP_2stXW3ND8ym1nS30w1Gg96l9A
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
14561
last-modified
Fri, 22 Mar 2019 17:21:14 GMT
server
UploadServer
etag
"7bb2a0f8543ca52adc2740318f3b8331"
x-goog-hash
crc32c=CMb65Q==, md5=e7Kg+FQ8pSrcJ0AxjzuDMQ==
x-goog-generation
1553275274038866
cache-control
public, max-age=3600
x-goog-stored-content-length
14561
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 03 Sep 2019 14:26:13 GMT
infobar
www.wired.co.uk/xhr/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wired.co.uk/xhr/infobar
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/static/js/core.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:da00:f:4ddd:5d80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
' DROP TABLE server_types; -- /
Resource Hash
bd2002c0e0ba0996db827dfd463ef9bc4a73ea49b55bc36128cd11a295e9d018
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
rollbar-referrer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 03 Sep 2019 13:47:38 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA6-C1
x-men
Professor X, Cyclops, Beast, Angel and Marvel Girl
content-security-policy-report-only
default-src https: 'self'; connect-src https: wss: 'self'; font-src https: data: 'self'; frame-src https:; img-src https: data: 'self'; manifest-src https: 'self'; media-src https: 'self'; object-src none; script-src https: 'self' 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline' 'self'; upgrade-insecure-requests; report-uri https://csp.condenet.co.uk/r/wi/prod
x-cache
Miss from cloudfront
status
200
x-sigma
revproxy
server-timing
complete-total;dur=0.0;desc="Complete total time"
content-length
570
last-modified
Tue, 03 Sep 2019 13:47:38 GMT
server
' DROP TABLE server_types; --
strict-transport-security
max-age=63072000; includeSubDomains;
x-arnie
Snakes?! DID YOU SAY SNAKES?!
via
1.1 507b5edb20d0e1a0b73c8687f53defa9.cloudfront.net (CloudFront)
cache-control
max-age=600
content-type
application/json
x-amz-cf-id
bkgE_aLytpZlqfWGkovCmqilCNQtssAXgWXNu_4ARo05Nuz263DDlA==
expires
Tue, 03 Sep 2019 13:57:00 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/static/js/core.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.5.97.37 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-5-97-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 13:47:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
901
Expires
Wed, 04 Sep 2019 13:47:38 GMT
200
wi-images.condecdn.net/image/Pyznj0v4kJw/crop/
Redirect Chain
  • https://wi-images.condecdn.net/image/Pyznj0v4kJw/crop/200/square/f/Matt-Burgess_V1.jpg
  • https://wi-images.condecdn.net/image/Pyznj0v4kJw/crop/200
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wi-images.condecdn.net/image/Pyznj0v4kJw/crop/200
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
f0a29ee8ce6b516737b9723291e447e7b674a1257d63284f949a066a021eca6e
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:38 GMT
via
1.1 varnish
age
1432166
x-cache
HIT
status
200
x-conde-cache-key
Pyznj0v4kJw_200_fd992185f9646c9de19770285606e267eabb277482fe474ab791ee080153e41c_q70
x-cache-hits
1
content-length
4745
x-served-by
cache-hhn4067-HHN
x-conde-cache
hit
last-modified
Sat, 17 Aug 2019 23:58:12 GMT
server
nginx
x-timer
S1567518459.891397,VS0,VE1
strict-transport-security
max-age=900
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
expires
Wed, 16 Oct 2019 23:58:12 GMT

Redirect headers

date
Tue, 03 Sep 2019 13:47:38 GMT
via
1.1 varnish
age
818419
x-cache
HIT
status
302
x-cache-hits
1
content-length
321
x-served-by
cache-hhn4067-HHN
last-modified
Sun, 25 Aug 2019 02:27:19 GMT
server
nginx
x-timer
S1567518459.857656,VS0,VE0
strict-transport-security
max-age=900
content-type
text/html; charset=utf-8
location
https://wi-images.condecdn.net/image/Pyznj0v4kJw/crop/200
cache-control
max-age=5184000
accept-ranges
bytes
expires
Thu, 24 Oct 2019 02:27:19 GMT
ransomware.jpg
wi-images.condecdn.net/image/eVeaqVr3lz5/crop/810/f/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wi-images.condecdn.net/image/eVeaqVr3lz5/crop/810/f/ransomware.jpg
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
ac43b3536339de782f37fe09391c3ca4b6ee81081140d4024f3cfb8c8049c00b
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:38 GMT
via
1.1 varnish
age
1055919
x-cache
HIT
status
200
x-conde-cache-key
eVeaqVr3lz5_810_a74499218db96d383e121e7511e40bd2a8581c689ebfc037336d2907f8e31e97_q70
x-cache-hits
1
content-length
30332
x-served-by
cache-hhn4067-HHN
x-conde-cache
hit
last-modified
Thu, 22 Aug 2019 08:28:59 GMT
server
nginx
x-timer
S1567518459.857637,VS0,VE2
strict-transport-security
max-age=900
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
expires
Mon, 21 Oct 2019 08:28:59 GMT
46c8ac55-ae1c-4efe-a5f0-eedce5fee322.js
cdn.cookielaw.org/langswitch/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/langswitch/46c8ac55-ae1c-4efe-a5f0-eedce5fee322.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/static/js/core.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.132.202 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (ama/8AAC) /
Resource Hash
4384442f865214c374cd5720e2f6bede06120213117089ff7d6ced5308aa4ee3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Sep 2019 13:47:39 GMT
content-encoding
gzip
content-md5
zrfrQHqssJJVRGlYF3K1cA==
x-cache
HIT
status
200
content-length
667
x-ms-lease-status
unlocked
last-modified
Mon, 05 Aug 2019 16:13:42 GMT
server
ECAcc (ama/8AAC)
etag
0x8D719BFE248704C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
cb4c3a64-101e-0060-2943-629dc4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Tue, 03 Sep 2019 17:47:39 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=58496288&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&ul=en-us&de=UTF-8&dt=SamSam%20ransomware%3A%20The%20m...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8086546-1&cid=1154345201.1567518459&jid=20801941&_gid=1212987205.1567518459&gjid=2008966891&_v=j79&z=748871366
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8086546-1&cid=1154345201.1567518459&jid=20801941&_v=j79&z=748871366
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8086546-1&cid=1154345201.1567518459&jid=20801941&_v=j79&z=748871366&slf_rd=1&random=2190139448
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8086546-1&cid=1154345201.1567518459&jid=20801941&_v=j79&z=748871366&slf_rd=1&random=2190139448
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2019 13:47:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Sep 2019 13:47:38 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8086546-1&cid=1154345201.1567518459&jid=20801941&_v=j79&z=748871366&slf_rd=1&random=2190139448
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=58496288&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&ul=en-us&de=UTF-8&dt=SamSam%20ransomware%3A%20The%20m...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15982414-1&cid=1154345201.1567518459&jid=1958255364&_gid=1212987205.1567518459&gjid=50792192&_v=j79&z=729253984
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15982414-1&cid=1154345201.1567518459&jid=1958255364&_gid=1212987205.1567518459&gjid=50792192&_v=j79&z=729253984
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 03 Sep 2019 13:47:38 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Sep 2019 13:47:38 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15982414-1&cid=1154345201.1567518459&jid=1958255364&_gid=1212987205.1567518459&gjid=50792192&_v=j79&z=729253984
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
181847449123027
connect.facebook.net/signals/config/ 		307 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/181847449123027?v=2.9.4&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
8c0387799f73fb82ec76244ef39d831e8ebc6db67b89b3f8acf20ea031fb2654
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
79752
x-xss-protection
0
pragma
public
x-fb-debug
JORE5i30nbDpNbt5V89ds5agPGylLAaGth12tqe8wScqeSDnLWwPibZE7KiN8pZzl46LTlhp/RLzNeFXPEM8Fg==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Tue, 03 Sep 2019 13:47:38 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
widgets.js
platform.twitter.com/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/static/js/core.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AF) /
Resource Hash
f1106d00331995db22eee14181b1510b7ec3b7e780e0e4fa6827c66aaa2a99b4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 13:47:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Aug 2019 22:13:27 GMT
Server
ECS (fcn/41AF)
Etag
"c94e1412de2586837b1f5f0a672cec7e+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
28055
embed.js
platform.vine.co/static/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.vine.co/static/scripts/embed.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/static/js/core.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.196.96 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-200-196-96.compute-1.amazonaws.com
Software
/ Express
Resource Hash
73f8849c1fbf8a9a7a6886c9efe3bcdae4627d1b08451b1424cada88232e5792

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 13:47:39 GMT
Content-Encoding
gzip
ETag
W/"eab-162bb0b51c0"
Last-Modified
Thu, 12 Apr 2018 18:08:24 GMT
X-Powered-By
Express
Vary
X-Vine-Client, Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1520
sdk.js
connect.facebook.net/en_GB/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/static/js/core.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
33fe603fc2f3ab91d7ea358e480783d3a0fd46db18c7dec98ae6c1b8c05cadfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
eVKzGoej8zz26WXuoGSvMw==
status
200
content-length
1781
etag
"4786e3feffaf3aae2bafc5898889559e"
x-fb-debug
LcRy40vlfV8/ItVEZU4xTlbvElzkvgOpl7coCCkRfOiJemGAIQfXUwHyBPtT6VSpFRj5SEtIPkdCd1kIke98UA==
x-fb-trip-id
420120009
x-fb-content-md5
f62635407270e1a2aabbb95a3f385822
x-frame-options
DENY
date
Tue, 03 Sep 2019 13:47:38 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 03 Sep 2019 13:57:32 GMT
47c7ec92d91e.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
8f2e37cf4e314907e37bf11c3205be713c048968afb0af99f791b1f336308a33

Request headers

Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 20:25:21 GMT
x-fb-trip-id
1679558926
status
200
etag
"47c7ec92d91e"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
4822

Redirect headers

status
302
date
Tue, 03 Sep 2019 13:47:38 GMT
x-fb-trip-id
1679558926
cache-control
max-age=21600
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js
content-type
text/html; charset=utf-8
embed.js
s.imgur.com/min/ 		433 B
669 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.imgur.com/min/embed.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/static/js/core.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
2832c93ada0b6b4cecfc1cb12191921dcdd570fc5fcc54f7a5da359df716a061

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
HmkOZ_gMtP_GMI7OdmzmGvgjCt0BsHm6
via
1.1 varnish
last-modified
Tue, 20 Aug 2019 18:31:36 GMT
age
110
etag
"35a7c25618062b8160cabdc53e2f03a1"
x-served-by
cache-hhn4069-HHN
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
date
Tue, 03 Sep 2019 13:47:38 GMT
accept-ranges
bytes
x-timer
S1567518459.842306,VS0,VE0
content-length
433
x-cache-hits
8
loader.js
widgets.skyscanner.net/widget-server/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.skyscanner.net/widget-server/js/loader.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/static/js/core.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.44.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-44-141.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
dfaede937ef770a23131669df5fa79ca4e9749cf68bdbf4d174f8f623fae4b52

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-gateway-dr
eu-central-1
date
Tue, 03 Sep 2019 13:47:38 GMT
www-authenticate
Key realm="kong"
x-powered-by
Express
status
200
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
content-length
9151
etag
W/"23bf-hFaqmvzAefoBwdt4/gtbtDCnyvw"
expires
Tue, 10 Sep 2019 13:47:38 GMT
top-stories
www.wired.co.uk/xhr/ 		26 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wired.co.uk/xhr/top-stories?article_uid=76RbaPv1JNz
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/static/js/core.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:da00:f:4ddd:5d80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
' DROP TABLE server_types; -- /
Resource Hash
79401fd650fdacaae2f7a16b2aa9aa6ae4c0c64f42f1b675eee805c79680fb5b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
rollbar-referrer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:38 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA6-C1
x-men
Professor X, Cyclops, Beast, Angel and Marvel Girl
content-security-policy-report-only
default-src https: 'self'; connect-src https: wss: 'self'; font-src https: data: 'self'; frame-src https:; img-src https: data: 'self'; manifest-src https: 'self'; media-src https: 'self'; object-src none; script-src https: 'self' 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline' 'self'; upgrade-insecure-requests; report-uri https://csp.condenet.co.uk/r/wi/prod
x-cache
Miss from cloudfront
status
200
x-sigma
revproxy
server-timing
content-api=19.999995827674866,complete-total;dur=50.00000447034836;desc="Complete total time"
last-modified
Tue, 03 Sep 2019 13:47:38 GMT
server
' DROP TABLE server_types; --
strict-transport-security
max-age=63072000; includeSubDomains;
x-arnie
I'll be back.
via
1.1 507b5edb20d0e1a0b73c8687f53defa9.cloudfront.net (CloudFront)
cache-control
max-age=600
content-type
application/json
x-amz-cf-id
MJjmoqyRfSl6Idy07PgWBbTONpNvGT1Hm6E3syEOM3NUkaWMy1RMFw==
expires
Tue, 03 Sep 2019 13:57:00 GMT
11644.js
ads.rubiconproject.com/header/ 		79 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/header/11644.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/static/js/core.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.38.84 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-38-84.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
e2ca7bd70b92c03593d8be6131b1713802f45144836466752e2ede4bbef9f6d4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 13:47:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 Jan 2019 21:43:24 GMT
Server
Apache
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
25322
Expires
Tue, 03 Sep 2019 15:21:09 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=15335235&cs_ucfr=&ns__t=1567518458824&ns_c=UTF-8&cv=3.1&c8=SamSam%20ransomware%3A%20The%20mysterious%20group%20shutting%20down%20cities%2C%20hospitals%20a...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=15335235&cs_ucfr=&ns__t=1567518458824&ns_c=UTF-8&cv=3.1&c8=SamSam%20ransomware%3A%20The%20mysterious%20group%20shutting%20down%20cities%2C%20hospitals%20...
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=15335235&cs_ucfr=&ns__t=1567518458824&ns_c=UTF-8&cv=3.1&c8=SamSam%20ransomware%3A%20The%20mysterious%20group%20shutting%20down%20cities%2C%20hospitals%20and%20transport%20%7C%20WIRED%20UK&c7=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&c9=
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.5.97.37 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-5-97-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:38 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=15335235&cs_ucfr=&ns__t=1567518458824&ns_c=UTF-8&cv=3.1&c8=SamSam%20ransomware%3A%20The%20mysterious%20group%20shutting%20down%20cities%2C%20hospitals%20and%20transport%20%7C%20WIRED%20UK&c7=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&c9=
Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:38 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
p.skimresources.com/ 		43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=8.418959179906262
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
UploadServer /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-goog-hash
crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
date
Tue, 03 Sep 2019 13:47:38 GMT
x-guploader-uploadid
AEnB2Upt2JF3TDoClD9MYGFC0XMeHqVbj6R8Z3pzxhYJH0UPfQaa6vxy69FWZuhRptQ4ZHPVCmaSI7FZhzR-dPNsM_ub8TNjCw
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
4
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Tue, 23 Oct 2018 13:19:28 GMT
server
UploadServer
etag
"f837aa60b6fe83458f790db60d529fc9"
x-hw
1567518458.cds083.fr8.hn,1567518458.cds054.fr8.c
x-goog-generation
1540300768038458
cache-control
public, max-age=7200
x-goog-stored-content-length
43
accept-ranges
bytes
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=8.418959179906262
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
UploadServer /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-goog-hash
crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
date
Tue, 03 Sep 2019 13:47:38 GMT
x-guploader-uploadid
AEnB2Upt2JF3TDoClD9MYGFC0XMeHqVbj6R8Z3pzxhYJH0UPfQaa6vxy69FWZuhRptQ4ZHPVCmaSI7FZhzR-dPNsM_ub8TNjCw
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
4
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Tue, 23 Oct 2018 13:19:28 GMT
server
UploadServer
etag
"f837aa60b6fe83458f790db60d529fc9"
x-hw
1567518458.cds083.fr8.hn,1567518458.cds054.fr8.c
x-goog-generation
1540300768038458
cache-control
public, max-age=7200
x-goog-stored-content-length
43
accept-ranges
bytes
content-type
image/gif
sdk.js
connect.facebook.net/en_GB/ 		200 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js?hash=be230e177381bc99ef043d050f391480&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
f7140603c1c0a729bc44f3baf059b1134d9ac29d4cd6ac143b0dd4bfafe393fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
Origin
https://www.wired.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
9O5u/woz/85xbdHzjbbjzQ==
status
200
content-length
60750
etag
"da20f88170063d5e681b77317cc002cf"
x-fb-debug
PdfoUSCYMKQmpHE0g5RGl/MXJJ8LqbUk3XC6/aIEiwCmlwX2m1cWYvkYJpt7MQfkU40l4GZXHEjYiThQ1qIgVQ==
x-fb-trip-id
420120009
x-fb-content-md5
ad48a2c1d404bf9b4348038c1e45e65a
x-frame-options
DENY
date
Tue, 03 Sep 2019 13:47:38 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Wed, 02 Sep 2020 13:04:22 GMT
/
r.skimresources.com/api/
Redirect Chain
  • https://r.skimresources.com/api/
  • https://r.skimresources.com/api/?xguid=01DKVP3108JPDMNQA454NRTD7V&persistence=1&checksum=8d97436abf9974d0e024f467e307e0fa6a7c9cff1f1ec816cd65a66c59bcff6d
130 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/?xguid=01DKVP3108JPDMNQA454NRTD7V&persistence=1&checksum=8d97436abf9974d0e024f467e307e0fa6a7c9cff1f1ec816cd65a66c59bcff6d
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
64633aa4fb84814b7e4f3ec62d2bf51589e56be7bd663daeeeb6b61a50ee947a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
status
200
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.wired.co.uk
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
via
1.1 google

Redirect headers

date
Tue, 03 Sep 2019 13:47:38 GMT
via
1.1 google
server
openresty/1.11.2.5
status
307
location
//r.skimresources.com/api/?xguid=01DKVP3108JPDMNQA454NRTD7V&persistence=1&checksum=8d97436abf9974d0e024f467e307e0fa6a7c9cff1f1ec816cd65a66c59bcff6d
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.wired.co.uk
access-control-allow-credentials
true
content-type
text/html
alt-svc
clear
content-length
193
inferredEvents.js
connect.facebook.net/signals/plugins/ 		1 KB
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
772
x-xss-protection
0
pragma
public
x-fb-debug
17p0N9oZD73wY6thTlXCHNqtXM5LfS3VUY6UrurLVn7No03O4G/pKVGyYiAaJVAX4gXD2q44g5je0+UIHJKCFA==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Tue, 03 Sep 2019 13:47:38 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
widget_iframe.097c1f5038f9e8a0d62a39a892838d66.html
platform.twitter.com/widgets/ Frame 435F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.097c1f5038f9e8a0d62a39a892838d66.html?origin=https%3A%2F%2Fwww.wired.co.uk
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A4) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.wired.co.uk/article/samsam-ransomware
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.wired.co.uk/article/samsam-ransomware

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 03 Sep 2019 13:47:38 GMT
Etag
"7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified
Tue, 20 Aug 2019 22:11:31 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/41A4)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5816
wvn14oj
gwiq-v3.globalwebindex.net/v2/gwiq/campaign/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gwiq-v3.globalwebindex.net/v2/gwiq/campaign/wvn14oj
Requested by
Host: gwiqcdn.globalwebindex.net
URL: https://gwiqcdn.globalwebindex.net/gwiq/gwiq.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.80.55 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
55.80.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

status
204
date
Tue, 03 Sep 2019 13:47:38 GMT
via
1.1 google
access-control-allow-credentials
true
access-control-allow-origin
https://www.wired.co.uk
alt-svc
clear
content-type
application/json
4d610bde-2c94-4167-bec9-76f1ab7b7bec.js
cdn.cookielaw.org/consent/ 		243 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/4d610bde-2c94-4167-bec9-76f1ab7b7bec.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/langswitch/46c8ac55-ae1c-4efe-a5f0-eedce5fee322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.132.202 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (ama/8B04) /
Resource Hash
67f44eb1ee56bb479a625988e909d2e0994320fe37189fdf976b62ab5d937251

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Sep 2019 13:47:38 GMT
content-encoding
gzip
content-md5
EFe4ofsV13wcQGvlWG7bwQ==
x-cache
HIT
status
200
content-length
50394
x-ms-lease-status
unlocked
last-modified
Mon, 05 Aug 2019 16:13:49 GMT
server
ECAcc (ama/8B04)
etag
0x8D719BFE6C55366
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e504bd93-b01e-0169-6e54-62c11f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Tue, 03 Sep 2019 17:47:38 GMT
embed-controller.js
s.imgur.com/min/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.imgur.com/min/embed-controller.js
Requested by
Host: s.imgur.com
URL: https://s.imgur.com/min/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
4d5630e6cb7cdcca363cf81a7eb4a09202835166a613c002a27fac54fa87ba50

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
2_ITKXnBJCVhLWU4ZlnbXeBsuHeTuGIG
via
1.1 varnish
last-modified
Thu, 08 Aug 2019 17:32:58 GMT
age
41
etag
"9ed8fe2752ce22d6cdf0488bd3ad0802"
x-served-by
cache-hhn4069-HHN
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
date
Tue, 03 Sep 2019 13:47:38 GMT
accept-ranges
bytes
x-timer
S1567518459.910417,VS0,VE0
content-length
2809
x-cache-hits
4
/
www.facebook.com/tr/ 		44 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=181847449123027&ev=PageView&dl=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&rl=&if=false&ts=1567518458904&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.2.1567518458903.963896266&it=1567518458797&coo=false&rqm=GET
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:38 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 03 Sep 2019 13:47:38 GMT
xd_arbiter.php
staticxx.facebook.com/connect/ Frame B316 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=be230e177381bc99ef043d050f391480&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.wired.co.uk/article/samsam-ransomware
accept-encoding
gzip, deflate, br
cookie
fr=0JrQQ2GSTrdsm3JMD..Bdbm76...1.0.Bdbm76.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.wired.co.uk/article/samsam-ransomware

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Sat, 29 Aug 2020 21:02:02 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
xQOxi3omo9uxxxdtXRjLdZQlNEPaYsXvfRkTy3ipRhsfRdUvLSM/sTI/cL2YQDgQR4zthYu59ZUrUi78bpuz6Q==
content-length
11735
x-fb-trip-id
420120009
date
Tue, 03 Sep 2019 13:47:38 GMT
optanon.css
cdn.cookielaw.org/skins/5.2.0/default_flat_bottom_two_button_black/v2/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/skins/5.2.0/default_flat_bottom_two_button_black/v2/css/optanon.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/4d610bde-2c94-4167-bec9-76f1ab7b7bec.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.132.202 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (ama/8AD4) /
Resource Hash
1d682ca843c2bb9d498a2c1c534a242528c2ae5af4e245aff7274743467c7abe

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Sep 2019 13:47:38 GMT
content-encoding
gzip
content-md5
VBp+UKTF9yOHK8Bm013U6A==
x-cache
HIT
status
200
content-length
5547
x-ms-lease-status
unlocked
last-modified
Fri, 09 Aug 2019 22:10:10 GMT
server
ECAcc (ama/8AD4)
etag
0x8D71D16584A0BCD
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
c9e1411d-e01e-00b2-678e-52239c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=2592000
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Tue, 03 Sep 2019 17:47:38 GMT
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/4d610bde-2c94-4167-bec9-76f1ab7b7bec.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
Origin
https://www.wired.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 13:47:38 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2018 17:26:44 GMT
Server
nginx
ETag
W/"5a637bd4-1538f"
Vary
Accept-Encoding
X-HW
1567518458.dop018.fr8.shc,1567518458.dop018.fr8.t,1567518458.cds057.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30288
/
r.skimresources.com/api/ 		130 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/100796X1589915.skimlinks.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
64633aa4fb84814b7e4f3ec62d2bf51589e56be7bd663daeeeb6b61a50ee947a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 03 Sep 2019 13:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
status
200
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.wired.co.uk
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
via
1.1 google
gpt.js
www.googletagservices.com/tag/js/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/static/js/core.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f4ce67688b22d141487d3064c9e540ec1626002af53a3ba58fcee3e622445f10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"268 / 261 of 1000 / last-modified: 1567440284"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
12518
x-xss-protection
0
expires
Tue, 03 Sep 2019 13:47:38 GMT
EU
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 		32 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery33109989303115344197_1567518458992&_=1567518458993
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
status
200
cf-ray
51082d40ea4059e8-VIE
content-length
32
page
t.skimresources.com/api/v2/ 		22 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/100796X1589915.skimlinks.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.67.47 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Sep 2019 13:47:39 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.wired.co.uk
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.wired.co.uk
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 03 Sep 2019 13:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wired.co.uk
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 03 Sep 2019 13:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
pubads_impl_2019082701.js
securepubads.g.doubleclick.net/gpt/ 		158 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082701.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
sffe /
Resource Hash
d1d597a740d4b09db2d6491af33397944f7dddc5d7e21d95cb33066f2e747ca8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Aug 2019 11:19:55 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
59715
x-xss-protection
0
expires
Tue, 03 Sep 2019 13:47:39 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11644&size_id=15&alt_size_ids=2%2C57&p_pos=btf&rf=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&kw=rp.fastlane&tg_fl.eid=ad_1316d4ca-9f03-47e7-ab95-351b1b18fca5&tg_fl.uname=%2F5574%2Fuk.n5574.wired%2Fbusiness-politics%2Farticles&tg_fl.pr_acctid=11644&tk_flint=plain&x_source.tid=dfa4741a-89e8-4aaf-ae5a-5fd10befa2e6&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rand=0.762614996631384
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/header/11644.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
dca6fba838ae5d9ee0e87ee86aac6ad2eb3bda6ed878f032c80de9e922ed7b4f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:39 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.wired.co.uk
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=78
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		259 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11644&size_id=15&alt_size_ids=10&p_pos=btf&rf=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&kw=rp.fastlane&tg_fl.eid=ad_50666340-4cfa-49f2-8a44-6a31e62ac4ab&tg_fl.uname=%2F5574%2Fuk.n5574.wired%2Fbusiness-politics%2Farticles&tg_fl.pr_acctid=11644&tk_flint=plain&x_source.tid=dfa4741a-89e8-4aaf-ae5a-5fd10befa2e6&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rand=0.6859831882116763
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/header/11644.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
cef52b944abeb9ba5fc7b58b50db01d3205b06c5fa739f9c6f8de2827f9a0820

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:39 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.wired.co.uk
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=71
Content-Length
259
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		239 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11644&size_id=15&p_pos=btf&rf=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&kw=rp.fastlane&tg_fl.eid=ad_ad316c45-8b8c-4494-8b69-7400042bc03c&tg_fl.uname=%2F5574%2Fuk.n5574.wired%2Fbusiness-politics%2Farticles&tg_fl.pr_acctid=11644&tk_flint=plain&x_source.tid=dfa4741a-89e8-4aaf-ae5a-5fd10befa2e6&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rand=0.8732102751612807
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/header/11644.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
4df1c47e7ba0d9ca65316f89063487b92c84ed7fe3a4528043fa39859da831c5

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:39 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.wired.co.uk
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=66
Content-Length
239
Expires
Wed, 17 Sep 1975 21:32:10 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4321131353839126&correlator=2369510613011609&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21062415&vrg=2019082701&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190903&iu_parts=5574%2Cuk.n5574.wired%2Cbusiness-politics%2Carticles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=5x5&prev_scp=doctype%3Darticle%26uk-wi-tags%3DHacking%2CSecurity&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1567518458&dt=1567518459108&dlt=1567518458670&idt=413&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3839191266&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&dssz=37&icsg=4237887&mso=1&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=5x0&blev=1&bisch=1&ga_vid=1154345201.1567518459&ga_sid=1567518459&ga_hid=58496288&fws=132&ohw=1585
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
b4216d6992e1f1584cd65129885f0ab8a13e30a2fa6307c1157b9d58a6753bab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
2503
x-xss-protection
0
google-lineitem-id
776821277
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
98972786717
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wired.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019082701.js
securepubads.g.doubleclick.net/gpt/ 		66 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
sffe /
Resource Hash
062aef80c07aa0f3d7ccffd31c292c44754798f065a72d6f21b00370e83811b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Aug 2019 11:19:55 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
25316
x-xss-protection
0
expires
Tue, 03 Sep 2019 13:47:39 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		401 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4321131353839126&correlator=2369510613011609&output=ldjh&callback=googletag.impl.pubads.callbackProxy2&impl=fifs&adsid=NT&json_a=1&eid=21062415&vrg=2019082701&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190903&iu_parts=5574%2Cuk.n5574.wired%2Cbusiness-politics%2Carticles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&prev_scp=position%3Dpromotion-small%26pos%3Dpromotionbutton%26doctype%3Darticle%26uk-wi-tags%3DHacking%2CSecurity&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1567518458&dt=1567518459127&dlt=1567518458670&idt=413&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=420497116&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&dssz=38&icsg=4237887&mso=1&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=1x0&blev=1&bisch=1&ga_vid=1154345201.1567518459&ga_sid=1567518459&ga_hid=58496288&fws=132&ohw=1440
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
733880eff2c1731c151f1e85e225fb1a786da9fdb7e6c16937ced4d4368970b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
202
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wired.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
wired-uk-ff-2.jpg
wi-images.condecdn.net/image/xbXORLoeAZ8/crop/200/square/f/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wi-images.condecdn.net/image/xbXORLoeAZ8/crop/200/square/f/wired-uk-ff-2.jpg
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
a365411864d3369a7a919d3484b0c04da1a370e4bba56783c9900719f3386f2c
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:39 GMT
via
1.1 varnish
age
2836
x-cache
HIT
status
200
x-conde-cache-key
xbXORLoeAZ8_200_b04ba3e28e132837b8239bcfb3b5ae882e4e25c64d103bf09844ef43f69f67f4_q70
x-cache-hits
4
content-length
3872
x-served-by
cache-hhn4067-HHN
x-conde-cache
hit
last-modified
Tue, 03 Sep 2019 13:00:23 GMT
server
nginx
x-timer
S1567518459.176896,VS0,VE0
strict-transport-security
max-age=900
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
expires
Sat, 02 Nov 2019 13:00:23 GMT
wired-buggatti.jpg
wi-images.condecdn.net/image/GQDQnbXPblo/crop/200/square/f/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wi-images.condecdn.net/image/GQDQnbXPblo/crop/200/square/f/wired-buggatti.jpg
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
fc6e1466697c8bc84d5f4c216c98f06ec3b866a3cb5d5ca3ad792a244f74a58c
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:39 GMT
via
1.1 varnish
age
8474
x-cache
HIT
status
200
x-conde-cache-key
GQDQnbXPblo_200_149379bead9bcbf49a3aac8db840dd40ea5eeac11dfaf460bdbb268346e820fc_q70
x-cache-hits
3
content-length
6671
x-served-by
cache-hhn4067-HHN
x-conde-cache
hit
last-modified
Tue, 03 Sep 2019 11:26:25 GMT
server
nginx
x-timer
S1567518459.176924,VS0,VE0
strict-transport-security
max-age=900
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
expires
Sat, 02 Nov 2019 11:26:25 GMT
09-19-ftdarktargets__04.jpg
wi-images.condecdn.net/image/rElEAGn3V4l/crop/200/square/f/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wi-images.condecdn.net/image/rElEAGn3V4l/crop/200/square/f/09-19-ftdarktargets__04.jpg
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
bd44606d334aed32b0f7d96364aded9527c6b5e1c5cf815fd2f484191ee71fc1
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:39 GMT
via
1.1 varnish
age
31607
x-cache
HIT
status
200
x-conde-cache-key
rElEAGn3V4l_200_6292ba354f998106420fe6f5163814b4e099f0f96ba7f1f4794989dc902ba3c6_q70
x-cache-hits
3
content-length
8413
x-served-by
cache-hhn4067-HHN
x-conde-cache
hit
last-modified
Tue, 03 Sep 2019 05:00:52 GMT
server
nginx
x-timer
S1567518459.177057,VS0,VE0
strict-transport-security
max-age=900
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
expires
Sat, 02 Nov 2019 05:00:52 GMT
aagettyimages-1165668680.jpg
wi-images.condecdn.net/image/VyQyDpm8yo4/crop/200/square/f/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wi-images.condecdn.net/image/VyQyDpm8yo4/crop/200/square/f/aagettyimages-1165668680.jpg
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
d0f97cd0491a85cc069b732cb021bb5912dda2eb42f75e80edb218b51c47e60f
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:39 GMT
via
1.1 varnish
age
31607
x-cache
HIT
status
200
x-conde-cache-key
VyQyDpm8yo4_200_3f60b32dd36b7a2931db90a8d5f87c920dbfef33668fa3d746f61303efff678b_q70
x-cache-hits
3
content-length
7200
x-served-by
cache-hhn4067-HHN
x-conde-cache
hit
last-modified
Tue, 03 Sep 2019 05:00:52 GMT
server
nginx
x-timer
S1567518459.177071,VS0,VE0
strict-transport-security
max-age=900
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
expires
Sat, 02 Nov 2019 05:00:52 GMT
wired-zao-app.jpg
wi-images.condecdn.net/image/Vo9omneyP9V/crop/200/square/f/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wi-images.condecdn.net/image/Vo9omneyP9V/crop/200/square/f/wired-zao-app.jpg
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
b7c92991d1f89ce3314806fb8e5602d58a5453753e6837f827a6fc8b312d9dd6
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:39 GMT
via
1.1 varnish
age
31607
x-cache
HIT
status
200
x-conde-cache-key
Vo9omneyP9V_200_378b3711a4cc7a5348f310422d069cac00552d4f90636388427e22faa53db380_q70
x-cache-hits
3
content-length
4789
x-served-by
cache-hhn4067-HHN
x-conde-cache
hit
last-modified
Tue, 03 Sep 2019 05:00:52 GMT
server
nginx
x-timer
S1567518459.177285,VS0,VE0
strict-transport-security
max-age=900
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
expires
Sat, 02 Nov 2019 05:00:52 GMT
wired-beosoundstage_wood_detail_1.jpg
wi-images.condecdn.net/image/97njlZoZMll/crop/200/square/f/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wi-images.condecdn.net/image/97njlZoZMll/crop/200/square/f/wired-beosoundstage_wood_detail_1.jpg
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
f752b97f6b35bf2bf0f226e74190dbcaf5a67ffbe76738abdd71574c932c96d4
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:39 GMT
via
1.1 varnish
age
78388
x-cache
HIT
status
200
x-conde-cache-key
97njlZoZMll_200_4acb39d086bda04e742b6667cebd6592617453d403d06fdca2bf591e16011f3a_q70
x-cache-hits
3
content-length
3282
x-served-by
cache-hhn4067-HHN
x-conde-cache
hit
last-modified
Mon, 02 Sep 2019 16:01:11 GMT
server
nginx
x-timer
S1567518459.177275,VS0,VE0
strict-transport-security
max-age=900
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
expires
Fri, 01 Nov 2019 16:01:11 GMT
gettyimages-697479380.jpg
wi-images.condecdn.net/image/xkbQGVvw8mo/crop/200/square/f/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wi-images.condecdn.net/image/xkbQGVvw8mo/crop/200/square/f/gettyimages-697479380.jpg
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
77799d085344a6b034b291ef16a9e449493abb648933a6ad20f7ce7b827f666c
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:39 GMT
via
1.1 varnish
age
117836
x-cache
HIT
status
200
x-conde-cache-key
xkbQGVvw8mo_200_efa8f98b7d12e942c294148fe053eb51ff7a836303e4b559bf03dc0acb757bb6_q70
x-cache-hits
2
content-length
9390
x-served-by
cache-hhn4067-HHN
x-conde-cache
hit
last-modified
Mon, 02 Sep 2019 05:03:42 GMT
server
nginx
x-timer
S1567518459.177267,VS0,VE0
strict-transport-security
max-age=900
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
expires
Fri, 01 Nov 2019 05:03:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E6B0 		0
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8dmOmP5iyoqS_ErqSYgqGOcd2nl5iDq_ip3TL__1S_VITMka_FUkUclRyXsJXS7xfTMkaPFRo1PXVA3Vu670Ufjtt1Scewy_Z7nDgdVe_qZf9dlj0qGtrvhdxghUoumCav0Ov1BIvvMR_rMTLVdinF3F7iIgM5RHF5HTLp6enXvN_ZDiQy-8M-Aau6O8q4QMVeIdHQ20rmCgdqzEpgmt48tdSOBxWXjWZxYc3_wDo6KH8LC-jHB7s49wWRkJQt0ObcGu1wlcGqlYMjf_whqqsfLK_rliKh-atg946TseQcrc&sai=AMfl-YRDQkI5KReIErq-q3fZ2TVI4Gf0L4yWEgiUdYmo3c6n0DV-7FoWqcjVpWq9uOcilNLH8dsjyne-9xzEnxEahv0a6ATcGaRKpt7K2rW6&sig=Cg0ArKJSzCn_zzveoFq4EAE&urlfix=1&adurl=
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 03 Sep 2019 13:47:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Tue, 03 Sep 2019 13:47:39 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame E6B0 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
873e3c6a7c6b70c11f3174e4a16f13f1719a00e409ae4e4be6e8cfc53e2d5034
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1566990918459966"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
28570
x-xss-protection
0
expires
Tue, 03 Sep 2019 13:47:39 GMT
moatad.js
z.moatads.com/condenastuk573198052690/ Frame E6B0 		270 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastuk573198052690/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082701.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e78e49265b0455d4ef9f67786c160ae88fe95188980606cd44aa5e35cb94e44f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 13:47:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Aug 2019 19:37:54 GMT
Server
AmazonS3
x-amz-request-id
FA185DCE5F8AB9B9
ETag
"1b339431f4717ac084bd809873a0cfa4"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=44069
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
92729
x-amz-id-2
XVWM9WhP8hAOGZSzasIh4fDNWF5sXMvUmWlrgMx3sh0KIgHLasmLIj12pgXK6ojOOTNXrY9vKfk=
osd.js
www.googletagservices.com/activeview/js/current/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d52524070b2e4a2456997d37766b9462267226491f74f2b270157a419f86738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1566990918459966"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
28401
x-xss-protection
0
expires
Tue, 03 Sep 2019 13:47:39 GMT
truncated
/ Frame E6B0 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6aa86e7e4298bd10133a30a92c9cdb5722758e7377852b8a3659118b47a4a3b5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ 		61 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4321131353839126&correlator=2369510613011609&output=ldjh&callback=googletag.impl.pubads.callbackProxy3&impl=fifs&adsid=NT&json_a=1&eid=21062415&vrg=2019082701&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190903&iu_parts=5574%2Cuk.n5574.wired%2Cbusiness-politics%2Carticles&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C970x250%7C1520x300%2C300x600%7C300x250%2C300x250%7C300x251&prev_scp=position%3Dbanner-top%26doctype%3Darticle%26uk-wi-tags%3DHacking%2CSecurity%26rpfl_elemid%3Dad_1316d4ca-9f03-47e7-ab95-351b1b18fca5%7Cposition%3Darticle-top%26doctype%3Darticle%26uk-wi-tags%3DHacking%2CSecurity%26rpfl_elemid%3Dad_50666340-4cfa-49f2-8a44-6a31e62ac4ab%7Cposition%3Darticle-bottom%26doctype%3Darticle%26uk-wi-tags%3DHacking%2CSecurity%26rpfl_elemid%3Dad_ad316c45-8b8c-4494-8b69-7400042bc03c&eri=1&cookie=ID%3D714bcaaaf42fc868%3AT%3D1567518459%3AS%3DALNI_MbJn25aUklFCnYbAZlu97bRrH4V6A&cookie_enabled=1&bc=31&abxe=1&lmt=1567518458&dt=1567518459288&dlt=1567518458670&idt=413&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933%2C-12245933%2C-12245933&adys=-12245933%2C-12245933%2C-12245933&adks=99435877%2C3459663621%2C1070971377&ucis=5%7C6%7C7&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&dssz=39&icsg=4237887&mso=1&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0%7C0x0%7C0x0&msz=728x0%7C300x0%7C300x0&blev=1&bisch=1&ga_vid=1154345201.1567518459&ga_sid=1567518459&ga_hid=58496288&fws=132%2C132%2C132&ohw=1585%2C300%2C300
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
5741713e0d03c1cafde95d818366599283c49b55cf712dbd3037fe38b91010d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
8086
x-xss-protection
0
google-lineitem-id
5025146136,5025146136,5139842783
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138266510660,138266510636,138279795232
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wired.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CONDEUK1&hp=1&wf=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1567518459383&de=509824421084&m=0&ar=8bfa19b07e-clean&q=2&cb=0&ym=0&cu=1567518459383&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=12541037%3A369010877%3A776821277%3A98972786717&zMoatPS=-&zMoatST=-&zMoatDT=article&zMoatJS=-&qs=1&gu=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&id=1&bo=8881277&bd=118208237&zMoatOrigSlicer1=8881277&zMoatOrigSlicer2=118208237&dfp=0%2C1&la=118208237&gw=condenastuk573198052690&fd=1&ac=1&it=500&ti=0&ih=1&fs=170200&na=1412838567&cs=0
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:39 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
Apache
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Tue, 03 Sep 2019 13:47:39 GMT
jload
pixel.adsafeprotected.com/ Frame 7E62 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=930423&campId=5x5&pubId=12541037&chanId=118208237&placementId=776821277&pubCreative=98972786717&pubOrder=369010877&cb=1315491132&adsafe_par&impId=&custom=&custom2=&custom3=
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
e966b7b4db4fd0568bcd89d4044d4f543a28833d872b1c166504e55d503e930a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:39 GMT
Content-Encoding
gzip
X-Server-Name
app10ami.ami.303net.pvt
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=utf-8
Access-Control-Allow-Origin
pixel.adsafeprotected.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Server
nginx
Expires
Wed, 31 Dec 1969 23:59:59 GMT
/
www.facebook.com/tr/ Frame E20F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
4634
pragma
no-cache
cache-control
no-cache
origin
https://www.wired.co.uk
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.wired.co.uk/article/samsam-ransomware
accept-encoding
gzip, deflate, br
cookie
fr=0JrQQ2GSTrdsm3JMD..Bdbm76...1.0.Bdbm76.
Origin
https://www.wired.co.uk
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.wired.co.uk/article/samsam-ransomware

Response headers

status
200
content-type
text/plain
access-control-allow-origin
https://www.wired.co.uk
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
date
Tue, 03 Sep 2019 13:47:39 GMT
main.19.8.5.js
static.adsafeprotected.com/ Frame 7E62 		156 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.5.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=930423&campId=5x5&pubId=12541037&chanId=118208237&placementId=776821277&pubCreative=98972786717&pubOrder=369010877&cb=1315491132&adsafe_par&impId=&custom=&custom2=&custom3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
ae5003ea3c48afcd6e9f59a592e4f08175aeb3912f43fe1956366cda283ff6a2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 13:47:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Aug 2019 21:42:45 GMT
X-Server-Name
app25ami.ami.303net.pvt
ETag
"5d645255-c531"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
50481
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
cookies.onetrust.mgr.consensu.org/ Frame 53F7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cookies.onetrust.mgr.consensu.org/?name=euconsent&value=&expire=0&isFirstRequest=true
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/4d610bde-2c94-4167-bec9-76f1ab7b7bec.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:e50:1eb4:1000:1d3b:1502 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F13) /
Resource Hash

Request headers

:method
GET
:authority
cookies.onetrust.mgr.consensu.org
:scheme
https
:path
/?name=euconsent&value=&expire=0&isFirstRequest=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.wired.co.uk/article/samsam-ransomware
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.wired.co.uk/article/samsam-ransomware

Response headers

status
200
content-encoding
gzip
content-type
text/html
date
Tue, 03 Sep 2019 13:47:39 GMT
etag
"5d365cac-825+gzip"
last-modified
Tue, 23 Jul 2019 01:02:36 GMT
server
ECAcc (frc/8F13)
vary
Accept-Encoding
x-cache
HIT
content-length
879
sca.17.4.95.js
static.adsafeprotected.com/ Frame 5E80 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.4.95.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 13:47:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Jun 2018 17:20:43 GMT
X-Server-Name
app25ami.ami.303net.pvt
ETag
"5b293b6b-4fda"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
20442
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
mon
pixel.adsafeprotected.com/ 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=930423&campId=5x5&pubId=12541037&chanId=118208237&placementId=776821277&pubCreative=98972786717&pubOrder=369010877&cb=1315491132&adsafe_par&impId=&custom=&custom2=&custom3=&adsafe_url=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&adsafe_type=abdfq&adsafe_jsinfo=,id:4233a166-1d10-7cb8-4fb0-7dd63006aea2,c:naaf3o,sl:outOfView,em:true,fr:true,mn:app10ami,pt:1-5-15,wc:0.0.1600.1200,ac:0.5196.0.5,am:i,cc:0.5196.0.5,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rB11I2f+11|12|13|14*.930423|141|15|16,idMap:14*,pl:,rend:0,renddet:WINDOW,rmeas:0,es:0,sc:1,ha:1,gm:1,tt:jload,thd:1,et:156,oid:650f3914-ce51-11e9-8d16-00259088293c,v:19.8.5,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:39 GMT
X-Server-Name
app10ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930423&asId=4233a166-1d10-7cb8-4fb0-7dd63006aea2&tv={c:naaf3C,pingTime:-2,time:169,type:a,im:{sf:0,pom:1,prf:{beA:73,beZ:77,mfA:211,cmA:212,inA:212,inZ:217,prA:217,prZ:221,si:228,poA:229,poZ:234,cmZ:234,mfZ:234,loA:237,loZ:238,ltA:241,ltZ:241,mdA:78,mdZ:156}},sca:{dfp:{df:0}},env:{gca:1},clog:[{piv:0,vs:o,r:l,w:0,h:5,t:155}],es:0,sc:1,ha:1,gm:1,slTimes:{i:0,o:169,n:0,pp:0,pm:0},slEvents:[{sl:o,t:155,wc:0.0.1600.1200,ac:0.5196.0.5,am:i,cc:0.5196.0.5,piv:0,obst:0,th:0,reas:l,bkn:{piv:[28~0],as:[28~0.5]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rB11I2f+11|12|13|14*.930423|141|15|16,idMap:14*,rend:0,renddet:WINDOW,rmeas:0,slid:[google_ads_iframe_/5574/uk.n5574.wired/business-politics/articles_5,google_ads_iframe_/5574/uk.n5574.wired/business-politics/articles_5__container__,ad_608b72da-d1f8-4499-8ced-3f10d551cdc6],sinceFw:13,readyFired:true}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:39 GMT
X-Server-Name
dt72.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame 2D27 		0
67 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXNqhjnXmGjM3ihF1XjMgQ9hb2GBwQjFabOW9c6ef1B4uNx9i9p9HJ9J4-hvLWigu_mN4-RppRyEUKtL8QniSwhkN3DPs8wMxwyPUIwLKIPV2dQeutHb_CgqjYEZGQFOqcH0kEg9rucRD-nitkZN3AziHbFAOGqG2onVnLKbFg5c82eaSU1CW_ZFw4-ZJUolIISt1MDcoIPIVjBsI1qsTx_euMTOlTZbvGEB8iWqU2ZuBpDVcyf3FoaPdf0oNb6odJ9XAt_k_wbvhggtuKs1fHsTQ4XWV5xnnBVFfNzsH3nh6_SkQ180hD0q7TMg&sig=Cg0ArKJSzIwrEAHauHQ8EAE&adurl=
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 03 Sep 2019 13:47:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
window_focus.js
tpc.googlesyndication.com/pagead/js/r20190826/r20110914/client/ Frame 2D27 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20190826/r20110914/client/window_focus.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6dd7e7ea596e944778e78ccd97a2e17837ef633d69cad2108842d4ddcb958b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 23:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
655474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
1054
x-xss-protection
0
server
cafe
etag
18205873578609640656
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Sep 2019 23:43:05 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 2D27 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
873e3c6a7c6b70c11f3174e4a16f13f1719a00e409ae4e4be6e8cfc53e2d5034
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1566990918459966"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
28570
x-xss-protection
0
expires
Tue, 03 Sep 2019 13:47:39 GMT
l
www.google.com/ads/measurement/ Frame 2D27 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQpPCNcszmFHr542j4IhH8NGFOU-pRI_p7GAzBWdKgSh3E5Z_MBFqYbEetmmWvGuBaZM0gp1yjUnct0RzDNy_E3VOwH9Q
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
moatad.js
z.moatads.com/condenastuk573198052690/ Frame 2D27 		270 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastuk573198052690/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082701.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e78e49265b0455d4ef9f67786c160ae88fe95188980606cd44aa5e35cb94e44f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 13:47:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Aug 2019 19:37:54 GMT
Server
AmazonS3
x-amz-request-id
FA185DCE5F8AB9B9
ETag
"1b339431f4717ac084bd809873a0cfa4"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=44069
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
92729
x-amz-id-2
XVWM9WhP8hAOGZSzasIh4fDNWF5sXMvUmWlrgMx3sh0KIgHLasmLIj12pgXK6ojOOTNXrY9vKfk=
3024619799196603684
tpc.googlesyndication.com/simgad/ Frame 2D27 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3024619799196603684
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6018cfcd22ad96057eaff08c209956270621683156a688d6a52725a57cee0967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 25 Aug 2019 09:10:43 GMT
x-content-type-options
nosniff
age
794216
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
30953
x-xss-protection
0
last-modified
Thu, 04 Apr 2019 15:58:14 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 24 Aug 2020 09:10:43 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 44E8 		0
67 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdbYD9PQYXWzGdd-6PoT18xVmxUgw66cce-u_hP4cMCuUlcUKClTLaczISZowr6bvH6qDtEsy_z9k3UzuCgRHq1ISTiTmVrfY2G6QIXBv-i-f3_qZXr97S8rW4XNWc8DY6ZJj4zcok9oj4T-e9uG1LjmM9M6t3xANTYXvr7xM8XfjX7GhHPZBh57gV7YKyr3ruWkRyVIxHn1nA0mm7QlywOzstJRYcB6fkvQEI5yDPNUY-jLGsyJhZfO1H_p_y1q53tY437T1sIIZya7dXFHC8rE2JCQcEm78ntXsA0SCjfu7y5JCtKw6Tp_HXwA&sig=Cg0ArKJSzG8Ey6ZlsYVvEAE&adurl=
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 03 Sep 2019 13:47:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
window_focus.js
tpc.googlesyndication.com/pagead/js/r20190826/r20110914/client/ Frame 44E8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20190826/r20110914/client/window_focus.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6dd7e7ea596e944778e78ccd97a2e17837ef633d69cad2108842d4ddcb958b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 23:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
655474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
1054
x-xss-protection
0
server
cafe
etag
18205873578609640656
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Sep 2019 23:43:05 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 44E8 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
873e3c6a7c6b70c11f3174e4a16f13f1719a00e409ae4e4be6e8cfc53e2d5034
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1566990918459966"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
28570
x-xss-protection
0
expires
Tue, 03 Sep 2019 13:47:39 GMT
l
www.google.com/ads/measurement/ Frame 44E8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRsxtoTNIrxDbKHQNXWXZvPOOiw8enozvkPy7RbPT3HL3e08_xXvkHSFQ-9hHuqUhun-vlsrbi--3VFYHI2n7bFuIW-SA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
moatad.js
z.moatads.com/condenastuk573198052690/ Frame 44E8 		270 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastuk573198052690/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082701.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e78e49265b0455d4ef9f67786c160ae88fe95188980606cd44aa5e35cb94e44f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 13:47:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Aug 2019 19:37:54 GMT
Server
AmazonS3
x-amz-request-id
FA185DCE5F8AB9B9
ETag
"1b339431f4717ac084bd809873a0cfa4"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=44069
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
92729
x-amz-id-2
XVWM9WhP8hAOGZSzasIh4fDNWF5sXMvUmWlrgMx3sh0KIgHLasmLIj12pgXK6ojOOTNXrY9vKfk=
9706978570595611809
tpc.googlesyndication.com/simgad/ Frame 44E8 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9706978570595611809
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
aae483643bcd187e09a4a4d9b08671d661894b3b454a1771d5359866b2480561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Sep 2019 18:15:24 GMT
x-content-type-options
nosniff
age
70335
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
41575
x-xss-protection
0
last-modified
Thu, 04 Apr 2019 15:57:26 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Sep 2020 18:15:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 50D2 		0
67 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7eTMZJp_4ZOusXGw99piCuOWj9MIx-rWsSzkvVHmwMcIkPwlo6vTdD2HCWmG7Em1zmdVxl_Y_Uzt29eeZ6KGi8g8HtuErAqft8zMcghaXnCqg55wl8yG5yxoKsGP_iEiBdheHzYczLuaLPb8FDtsS1D0HFRsX1YiunK6bF1mSG2h9Vyv7g6SkpcHOG0BUg5bBev5_Btbt_hy2Gk0T5LKFEFDdBll5dESdUV1y680tSWA90_eQ9dSpn9RXg0SRma96FIYo1DsbN3ODNCOH46nzVVa6QPKvimfDW2YlYBtkp39lr1Z6rYJcMzEs5Q&sig=Cg0ArKJSzFySCNJK6p0QEAE&adurl=
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 03 Sep 2019 13:47:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
window_focus.js
tpc.googlesyndication.com/pagead/js/r20190826/r20110914/client/ Frame 50D2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20190826/r20110914/client/window_focus.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6dd7e7ea596e944778e78ccd97a2e17837ef633d69cad2108842d4ddcb958b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 23:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
655474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
1054
x-xss-protection
0
server
cafe
etag
18205873578609640656
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Sep 2019 23:43:05 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 50D2 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
873e3c6a7c6b70c11f3174e4a16f13f1719a00e409ae4e4be6e8cfc53e2d5034
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1566990918459966"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
28570
x-xss-protection
0
expires
Tue, 03 Sep 2019 13:47:39 GMT
l
www.google.com/ads/measurement/ Frame 50D2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSXmEs5b1aYBbXsgVVn1wT-Cpjo8flLK749c-VCxKC5igsFOm0kKWZNuKBPHkiV8vZON1lWaY9KrM8pxhk62LnOWKrHQw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
moatad.js
z.moatads.com/condenastuk573198052690/ Frame 50D2 		270 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastuk573198052690/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082701.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e78e49265b0455d4ef9f67786c160ae88fe95188980606cd44aa5e35cb94e44f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 13:47:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Aug 2019 19:37:54 GMT
Server
AmazonS3
x-amz-request-id
FA185DCE5F8AB9B9
ETag
"1b339431f4717ac084bd809873a0cfa4"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=44069
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
92729
x-amz-id-2
XVWM9WhP8hAOGZSzasIh4fDNWF5sXMvUmWlrgMx3sh0KIgHLasmLIj12pgXK6ojOOTNXrY9vKfk=
1445949480566073136
tpc.googlesyndication.com/simgad/ Frame 50D2 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1445949480566073136
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e1364204bab754c7a98c514aeb8b8c7648edb01fb030b9822efa8f171cd3ba79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 22 Aug 2019 20:23:09 GMT
x-content-type-options
nosniff
age
1013070
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
27984
x-xss-protection
0
last-modified
Thu, 08 Aug 2019 15:13:53 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Aug 2020 20:23:09 GMT
truncated
/ Frame 2D27 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a3f4ae9ad1c1c56f5424772bdf73bd665867b674392fb9b1ba500ddd93b1c6d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 44E8 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7761a09bb29ae715af99560139c700a6a8fed8f08858cd62a8fd7ef1f1836def

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 50D2 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28b5acfe560dc1ac4be485d5bfdf9bc0ec165fd9dd7d85d7724402ce2570ecdc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame AF5A 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=930423&campId=728x90&pubId=37412957&chanId=118208237&placementId=5025146136&pubCreative=138266510660&pubOrder=2249627994&cb=2045303301&adsafe_par&impId=&custom=&custom2=&custom3=
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
d500f76317e756f3079bf8e4ab76caf0475fdd87b2e1431a201c9569bfddf574

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:39 GMT
Content-Encoding
gzip
X-Server-Name
app10ami.ami.303net.pvt
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=utf-8
Access-Control-Allow-Origin
pixel.adsafeprotected.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Server
nginx
Expires
Wed, 31 Dec 1969 23:59:59 GMT
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930423&asId=4233a166-1d10-7cb8-4fb0-7dd63006aea2&tv={c:naaf8F,pingTime:-10,time:482,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.95v220002022020220000022002222000022220202020222220222220002222022002222200002220222022222222222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002002202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022222220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNC45NXYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNC45NXZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8MTZ8fG58fDB8fG58fExpbnV4IHg4Nl82NHx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNzQuMC4zNzI5LjE2OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1567518459972||5c0edc899a5580e94f9d545eea393ee0||675c74d5f114ba25a49fb0f4cb02f70f||c25d15911d845195281d382e12f4f057||32260e35e4a19eb5b0e92437e6b806f1||5ee893d9c93f47bc3ac0ab09c7c7c0ee||977ad4ad12c18ae9867659f59d0e36c8||3a8da4a40e4a38eb698766ab740fe5dd||1529428597}
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:40 GMT
X-Server-Name
dt72.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
main.19.8.5.js
static.adsafeprotected.com/ Frame AF5A 		156 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.5.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=930423&campId=728x90&pubId=37412957&chanId=118208237&placementId=5025146136&pubCreative=138266510660&pubOrder=2249627994&cb=2045303301&adsafe_par&impId=&custom=&custom2=&custom3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
ae5003ea3c48afcd6e9f59a592e4f08175aeb3912f43fe1956366cda283ff6a2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 13:47:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Aug 2019 21:42:45 GMT
X-Server-Name
app25ami.ami.303net.pvt
ETag
"5d645255-c531"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
50481
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jload
pixel.adsafeprotected.com/ Frame B7E2 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=930423&campId=300x250&pubId=37412957&chanId=118208237&placementId=5139842783&pubCreative=138279795232&pubOrder=2249627994&cb=916963413&adsafe_par&impId=&custom=&custom2=&custom3=
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
c5ac8d7fe91106646208317ac2470cea139655cb875b2408d3c3ce8152f0c965

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:40 GMT
Content-Encoding
gzip
X-Server-Name
app10ami.ami.303net.pvt
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=utf-8
Access-Control-Allow-Origin
pixel.adsafeprotected.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Server
nginx
Expires
Wed, 31 Dec 1969 23:59:59 GMT
jload
pixel.adsafeprotected.com/ Frame 66BB 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=930423&campId=300x250&pubId=37412957&chanId=118208237&placementId=5025146136&pubCreative=138266510636&pubOrder=2249627994&cb=641859184&adsafe_par&impId=&custom=&custom2=&custom3=
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
2c5ba0e9b1bd952196a070f51f967156cbd25a0e84f55cf99f5b0338eef73d35

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:40 GMT
Content-Encoding
gzip
X-Server-Name
app10ami.ami.303net.pvt
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=utf-8
Access-Control-Allow-Origin
pixel.adsafeprotected.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Server
nginx
Expires
Wed, 31 Dec 1969 23:59:59 GMT
main.19.8.5.js
static.adsafeprotected.com/ Frame B7E2 		156 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.5.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=930423&campId=300x250&pubId=37412957&chanId=118208237&placementId=5139842783&pubCreative=138279795232&pubOrder=2249627994&cb=916963413&adsafe_par&impId=&custom=&custom2=&custom3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
ae5003ea3c48afcd6e9f59a592e4f08175aeb3912f43fe1956366cda283ff6a2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 13:47:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Aug 2019 21:42:45 GMT
X-Server-Name
app25ami.ami.303net.pvt
ETag
"5d645255-c531"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
50481
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sca.17.4.95.js
static.adsafeprotected.com/ Frame 287F 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.4.95.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 13:47:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Jun 2018 17:20:43 GMT
X-Server-Name
app35ami.ami.303net.pvt
ETag
"5b293b6b-4fda"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
20442
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
mon
pixel.adsafeprotected.com/ 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=930423&campId=728x90&pubId=37412957&chanId=118208237&placementId=5025146136&pubCreative=138266510660&pubOrder=2249627994&cb=2045303301&adsafe_par&impId=&custom=&custom2=&custom3=&adsafe_url=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&adsafe_type=abdfq&adsafe_jsinfo=,id:78b9a328-f492-eee2-fa62-3eb5408012e3,c:naaf9P,sl:inView,em:true,fr:true,mn:app10ami,pt:1-5-15,wc:0.0.1600.1200,ac:429.274.728.90,am:i,cc:429.274.728.90,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rB11Iab+11|12|13|141|142|15|16|17*.930423|171|181|191,idMap:17*,pl:,rend:1,renddet:IMG.qs,rmeas:1,es:0,sc:1,ha:1,gm:1,tt:jload,thd:1,et:62,oid:6559fda0-ce51-11e9-8586-00259088293c,v:19.8.5,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:40 GMT
X-Server-Name
app54ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930423&asId=78b9a328-f492-eee2-fa62-3eb5408012e3&tv={c:naaf9W,pingTime:0,time:69,type:pf,im:{pBlk:66},clog:[{piv:100,vs:i,r:,w:728,h:90,t:61}],es:0,sc:1,ha:1,gm:1,slTimes:{i:69,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:61,wc:0.0.1600.1200,ac:429.274.728.90,am:i,cc:429.274.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[12~100],as:[12~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rB11Iab+11|12|13|141|142|15|16|17*.930423|171|181|191,idMap:17*,rend:1,renddet:IMG.qs,rmeas:1}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:40 GMT
X-Server-Name
dt72.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930423&asId=78b9a328-f492-eee2-fa62-3eb5408012e3&tv={c:naafa0,pingTime:-2,time:73,type:a,im:{sf:0,pom:1,prf:{beA:40,beZ:41,mfA:96,cmA:96,inA:96,inZ:98,prA:98,prZ:100,si:102,poA:102,bl:106,poZ:106,cmZ:106,mfZ:106,loA:110,loZ:111,ltA:113,ltZ:113,mdA:41,mdZ:87}},sca:{dfp:{df:4,sz:728.90,dom:div}},env:{gca:1},clog:[{piv:100,vs:i,r:,w:728,h:90,t:61}],es:0,sc:1,ha:1,gm:1,slTimes:{i:73,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:61,wc:0.0.1600.1200,ac:429.274.728.90,am:i,cc:429.274.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[16~100],as:[16~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rB11Iab+11|12|13|141|142|15|16|17*.930423|171|181|191,idMap:17*,rend:1,renddet:IMG.qs,rmeas:1,slid:[google_ads_iframe_/5574/uk.n5574.wired/business-politics/articles_0,google_ads_iframe_/5574/uk.n5574.wired/business-politics/articles_0__container__,ad_1316d4ca-9f03-47e7-ab95-351b1b18fca5],sinceFw:11,readyFired:true}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:40 GMT
X-Server-Name
dt72.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
main.19.8.5.js
static.adsafeprotected.com/ Frame 66BB 		156 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.5.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=930423&campId=300x250&pubId=37412957&chanId=118208237&placementId=5025146136&pubCreative=138266510636&pubOrder=2249627994&cb=641859184&adsafe_par&impId=&custom=&custom2=&custom3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
ae5003ea3c48afcd6e9f59a592e4f08175aeb3912f43fe1956366cda283ff6a2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 13:47:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Aug 2019 21:42:45 GMT
X-Server-Name
app25ami.ami.303net.pvt
ETag
"5d645255-c531"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
50481
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sca.17.4.95.js
static.adsafeprotected.com/ Frame 5769 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.4.95.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 13:47:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Jun 2018 17:20:43 GMT
X-Server-Name
app25ami.ami.303net.pvt
ETag
"5b293b6b-4fda"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
20442
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
mon
pixel.adsafeprotected.com/ 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=930423&campId=300x250&pubId=37412957&chanId=118208237&placementId=5139842783&pubCreative=138279795232&pubOrder=2249627994&cb=916963413&adsafe_par&impId=&custom=&custom2=&custom3=&adsafe_url=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&adsafe_type=abdfq&adsafe_jsinfo=,id:bff4ba5c-93a5-3111-73ec-b77a0dcb755e,c:naafau,sl:outOfView,em:true,fr:true,mn:app10ami,pt:1-5-15,wc:0.0.1600.1200,ac:1088.3933.300.250,am:i,cc:1088.3933.300.250,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rB11IaT+11|12|13|141|142|15|16|171|172|181|19*.930423|191,idMap:19*,pl:,rend:1,renddet:IMG.qs,rmeas:1,es:0,sc:1,ha:1,gm:1,tt:jload,thd:1,et:59,oid:65621406-ce51-11e9-8d16-00259088293c,v:19.8.5,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:40 GMT
X-Server-Name
app54ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930423&asId=bff4ba5c-93a5-3111-73ec-b77a0dcb755e&tv={c:naafaG,pingTime:-2,time:71,type:a,im:{sf:0,pom:1,prf:{beA:30,beZ:31,mfA:84,cmA:84,inA:84,inZ:85,prA:85,prZ:88,si:90,poA:90,poZ:94,cmZ:94,mfZ:94,loA:97,loZ:98,ltA:101,ltZ:101,mdA:31,mdZ:64}},sca:{dfp:{df:4,sz:300.250,dom:div}},env:{gca:1},clog:[{piv:0,vs:o,r:l,w:300,h:250,t:59}],es:0,sc:1,ha:1,gm:1,slTimes:{i:0,o:71,n:0,pp:0,pm:0},slEvents:[{sl:o,t:59,wc:0.0.1600.1200,ac:1088.3933.300.250,am:i,cc:1088.3933.300.250,piv:0,obst:0,th:0,reas:l,bkn:{piv:[17~0],as:[17~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rB11IaT+11|12|13|141|142|15|16|171|172|181|19*.930423|191,idMap:19*,rend:1,renddet:IMG.qs,rmeas:1,slid:[google_ads_iframe_/5574/uk.n5574.wired/business-politics/articles_2,google_ads_iframe_/5574/uk.n5574.wired/business-politics/articles_2__container__,ad_ad316c45-8b8c-4494-8b69-7400042bc03c],sinceFw:12,readyFired:true}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:40 GMT
X-Server-Name
dt62.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
sca.17.4.95.js
static.adsafeprotected.com/ Frame 7239 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.4.95.js
Requested by
Host: www.wired.co.uk
URL: https://www.wired.co.uk/article/samsam-ransomware
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.32 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.static.adsafeprotected.com
Software
nginx /
Resource Hash
149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Sep 2019 13:47:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Jun 2018 17:20:43 GMT
X-Server-Name
app25ami.ami.303net.pvt
ETag
"5b293b6b-4fda"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
20442
Server
nginx
Expires
Thu, 31 Dec 2037 23:55:55 GMT
mon
pixel.adsafeprotected.com/ 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=930423&campId=300x250&pubId=37412957&chanId=118208237&placementId=5025146136&pubCreative=138266510636&pubOrder=2249627994&cb=641859184&adsafe_par&impId=&custom=&custom2=&custom3=&adsafe_url=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&adsafe_type=abdfq&adsafe_jsinfo=,id:cbd80eda-e466-4a4c-a48f-7f4e5c095369,c:naafb8,sl:inView,em:true,fr:true,mn:app10ami,pt:1-5-15,wc:0.0.1600.1200,ac:1088.913.300.250,am:i,cc:1088.913.300.250,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,scm:publ1.grpm1,fm:rB11Ibo+11|12|13|141|142|15|16|171|172|18*.930423|181|191|192,idMap:18*,pl:,rend:1,renddet:IMG.qs,rmeas:1,es:0,sc:1,ha:1,gm:1,tt:jload,thd:1,et:68,oid:65656f6b-ce51-11e9-8586-00259088293c,v:19.8.5,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
anycast.pixel.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:40 GMT
X-Server-Name
app54ami.ami.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930423&asId=78b9a328-f492-eee2-fa62-3eb5408012e3&tv={c:naafbd,time:148,type:e,im:{pWait:6},es:0,sc:1,ha:1,gm:1,slTimes:{i:148,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:61,wc:0.0.1600.1200,ac:429.274.728.90,am:i,cc:429.274.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[92~100],as:[92~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rB11Iab+11|12|13|141|142|15|16|17*.930423|171|18.930423|181|19.930423|191,idMap:17*,rend:1,renddet:IMG.qs,rmeas:1}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:40 GMT
X-Server-Name
dt27.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930423&asId=cbd80eda-e466-4a4c-a48f-7f4e5c095369&tv={c:naafbf,pingTime:0,time:75,type:pf,clog:[{piv:100,vs:i,r:,w:300,h:250,t:68}],es:0,sc:1,ha:1,gm:1,slTimes:{i:75,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:68,wc:0.0.1600.1200,ac:1088.913.300.250,am:i,cc:1088.913.300.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[12~100],as:[12~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rB11Ibo+11|12|13|141|142|15|16|171|172|18*.930423|181|191|192,idMap:18*,rend:1,renddet:IMG.qs,rmeas:1}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:40 GMT
X-Server-Name
dt72.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930423&asId=cbd80eda-e466-4a4c-a48f-7f4e5c095369&tv={c:naafbj,pingTime:-2,time:79,type:a,im:{sf:0,pom:1,prf:{beA:52,beZ:53,mfA:114,cmA:114,inA:114,inZ:116,prA:116,prZ:118,si:120,poA:120,poZ:124,cmZ:124,mfZ:124,loA:127,loZ:128,ltA:130,ltZ:130,mdA:53,mdZ:77}},sca:{dfp:{df:4,sz:300.250,dom:div}},env:{gca:1},clog:[{piv:100,vs:i,r:,w:300,h:250,t:68}],es:0,sc:1,ha:1,gm:1,slTimes:{i:79,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:68,wc:0.0.1600.1200,ac:1088.913.300.250,am:i,cc:1088.913.300.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[16~100],as:[16~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rB11Ibo+11|12|13|141|142|15|16|171|172|18*.930423|181|191|192,idMap:18*,rend:1,renddet:IMG.qs,rmeas:1,slid:[google_ads_iframe_/5574/uk.n5574.wired/business-politics/articles_1,google_ads_iframe_/5574/uk.n5574.wired/business-politics/articles_1__container__,ad_50666340-4cfa-49f2-8a44-6a31e62ac4ab],sinceFw:10,readyFired:true}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:40 GMT
X-Server-Name
dt35.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
tiny.gif
www.wired.co.uk/static/img/ 		0
0
aaaafenix6-sapphire-hr-2001_0.jpg
wi-images.condecdn.net/image/BOgOQN1Q6nb/crop/200/square/f/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wi-images.condecdn.net/image/BOgOQN1Q6nb/crop/200/square/f/aaaafenix6-sapphire-hr-2001_0.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
4b790df01d1a1da0d7bd24431d9fcbe066cd7edcd938398a50dcd53538f2f197
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 13:47:40 GMT
via
1.1 varnish
age
90734
x-cache
HIT
status
200
x-conde-cache-key
BOgOQN1Q6nb_200_048559197d766e563e80d13006e9d7ac083a1caf17faa8ab13a564801cd13bad_q70
x-cache-hits
1
content-length
3624
x-served-by
cache-hhn4067-HHN
x-conde-cache
hit
last-modified
Mon, 02 Sep 2019 12:35:26 GMT
server
nginx
x-timer
S1567518461.580321,VS0,VE0
strict-transport-security
max-age=900
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
expires
Fri, 01 Nov 2019 12:35:26 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2D27 		42 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdGLY6Q8atQxi0pYaOItxmzB04TLdZONnUYLtsZmQUz_B5jK_7z2ejYmICsPVtXNZ8aXkyyqrrL4zgWTYbOTuk25p7w6Xiw_j84ecVn8Y&sig=Cg0ArKJSzImWTa9S3Vy8EAE&adk=99435877&tt=1232&bs=1585%2C1200&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&p=274,428.5,364,1156.5&mcvt=1024&rs=3&ht=0&tfs=594&tls=1618&mc=1&lte=1&bas=0&bac=0&met=0&avms=nio&niot_obs=563&niot_cbk=584&md=2&rst=1567518459872&rpt=29&isd=0&msd=0&lm=2&ext=mvo%3D-1%26brt%3D10&oseid=3&xdi=0&ps=1593%2C5331&ss=1600%2C1200&pt=389&bin=1&deb=1-1-4-13-16-15-57-15-0-0-0&tvt=1610&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=728x90&itpl=3&v=20190828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2019 13:47:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 44E8 		42 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstbh_Nec0sglvs6hwNJO42pHnjRO4nfovpQXpKAh-1gryLQbmZlacfe5Nno-bP2evnIS8P1XkNji05L3VuF8U-Thg3iwGqOkThsKG_wvnM&sig=Cg0ArKJSzGtvBx3JoGllEAE&adk=3459663621&tt=1334&bs=1585%2C1200&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&p=913,1087.5,1163,1387.5&mcvt=1022&rs=3&ht=0&tfs=701&tls=1723&mc=1&lte=1&bas=0&bac=0&met=0&avms=nio&niot_obs=568&niot_cbk=584&md=2&rst=1567518459878&rpt=56&isd=0&msd=0&lm=2&ext=mvo%3D-1%26brt%3D43&oseid=3&xdi=0&ps=1593%2C5331&ss=1600%2C1200&pt=389&bin=1&deb=1-1-4-13-17-15-61-16-0-0-0&tvt=1712&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=300x250&itpl=3&v=20190828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2019 13:47:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930423&asId=78b9a328-f492-eee2-fa62-3eb5408012e3&tv={c:naafq6,pingTime:1,time:1071,type:p,clog:[{piv:100,vs:i,r:,w:728,h:90,t:61}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1071,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:61,wc:0.0.1600.1200,ac:429.274.728.90,am:i,cc:429.274.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1014~100],as:[1014~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:235,fm:rB11Iab+11|12|13|141|142|15|16|17*.930423|171|18.930423|181|19.930423|191,idMap:17*,rend:1,renddet:IMG.qs,rmeas:1}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:41 GMT
X-Server-Name
dt35.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930423&asId=78b9a328-f492-eee2-fa62-3eb5408012e3&tv={c:naafq6,pingTime:1,time:1071,type:c,clog:[{piv:100,vs:i,r:,w:728,h:90,t:61}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1071,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:61,wc:0.0.1600.1200,ac:429.274.728.90,am:i,cc:429.274.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1014~100],as:[1014~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:235,fm:rB11Iab+11|12|13|141|142|15|16|17*.930423|171|18.930423|181|19.930423|191,idMap:17*,rend:1,renddet:IMG.qs,rmeas:1,metricId:publ1}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:41 GMT
X-Server-Name
dt72.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930423&asId=78b9a328-f492-eee2-fa62-3eb5408012e3&tv={c:naafq6,pingTime:1,time:1071,type:c,clog:[{piv:100,vs:i,r:,w:728,h:90,t:61}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1071,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:61,wc:0.0.1600.1200,ac:429.274.728.90,am:i,cc:429.274.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1015~100],as:[1015~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:235,fm:rB11Iab+11|12|13|141|142|15|16|17*.930423|171|18.930423|181|19.930423|191,idMap:17*,rend:1,renddet:IMG.qs,rmeas:1,metricId:grpm1}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:41 GMT
X-Server-Name
dt27.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930423&asId=cbd80eda-e466-4a4c-a48f-7f4e5c095369&tv={c:naafro,pingTime:1,time:1076,type:p,clog:[{piv:100,vs:i,r:,w:300,h:250,t:68}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1076,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:68,wc:0.0.1600.1200,ac:1088.913.300.250,am:i,cc:1088.913.300.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[1013~100],as:[1013~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:266,fm:rB11Ibo+11|12|13|141|142|15|16|171|172|18*.930423|181|191|192,idMap:18*,rend:1,renddet:IMG.qs,rmeas:1}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:41 GMT
X-Server-Name
dt62.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930423&asId=cbd80eda-e466-4a4c-a48f-7f4e5c095369&tv={c:naafrp,pingTime:1,time:1077,type:c,clog:[{piv:100,vs:i,r:,w:300,h:250,t:68}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1077,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:68,wc:0.0.1600.1200,ac:1088.913.300.250,am:i,cc:1088.913.300.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[1014~100],as:[1014~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:266,fm:rB11Ibo+11|12|13|141|142|15|16|171|172|18*.930423|181|191|192,idMap:18*,rend:1,renddet:IMG.qs,rmeas:1,metricId:publ1}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:41 GMT
X-Server-Name
dt49.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930423&asId=cbd80eda-e466-4a4c-a48f-7f4e5c095369&tv={c:naafrq,pingTime:1,time:1078,type:c,clog:[{piv:100,vs:i,r:,w:300,h:250,t:68}],es:0,sc:1,ha:1,gm:1,slTimes:{i:1078,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:68,wc:0.0.1600.1200,ac:1088.913.300.250,am:i,cc:1088.913.300.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[1015~100],as:[1015~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:266,fm:rB11Ibo+11|12|13|141|142|15|16|171|172|18*.930423|181|191|192,idMap:18*,rend:1,renddet:IMG.qs,rmeas:1,metricId:grpm1}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:41 GMT
X-Server-Name
dt06.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
usync.html
eus.rubiconproject.com/ Frame 74FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?geo=na&co=us
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/header/11644.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-55-184.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.wired.co.uk/article/samsam-ransomware
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|GtqqL1ER+/3VSSvu3YYqfCKxi4lKFKufvCNqIonwVQ9wp4CfOwTnR8WbdODf5+6kXB+stFOgDgurFSicA0m4Ghj2pEEQlVYK+V8lZ/GAe05m/Tr8XPABacX4S7/RM16Vbr+BkhRgPED0oqBsM8c4qJs=; ses15=; vis15=36210^1; khaos=K03W0NY7-1H-C0P; audit=1|hLZGFuTafB35Cw+CI3PiQ1WujMMNiybu/m39zIwivtV90TYcIbNAALhw1+SBRRgdSNhvLsMIZQiAF7qA5WC/AKrXTGfRtI7l
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.wired.co.uk/article/samsam-ransomware

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 29 Aug 2019 21:52:12 GMT
Content-Encoding
gzip
Content-Length
7659
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=50881
Expires
Wed, 04 Sep 2019 03:55:45 GMT
Date
Tue, 03 Sep 2019 13:47:44 GMT
Connection
keep-alive
Vary
Accept-Encoding
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930423&asId=78b9a328-f492-eee2-fa62-3eb5408012e3&tv={c:naagsC,pingTime:5,time:5072,type:p,clog:[{piv:100,vs:i,r:,w:728,h:90,t:61}],es:0,sc:1,ha:1,gm:1,slTimes:{i:5072,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:61,wc:0.0.1600.1200,ac:429.274.728.90,am:i,cc:429.274.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[5015~100],as:[5015~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:111,fm:rB11Iab+11|12|13|141|142|15|16|17*.930423|171|18.930423|181|19.930423|191,idMap:17*,rend:1,renddet:IMG.qs,rmeas:1}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:45 GMT
X-Server-Name
dt49.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930423&asId=cbd80eda-e466-4a4c-a48f-7f4e5c095369&tv={c:naagtU,pingTime:5,time:5076,type:p,clog:[{piv:100,vs:i,r:,w:300,h:250,t:68}],es:0,sc:1,ha:1,gm:1,slTimes:{i:5076,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:68,wc:0.0.1600.1200,ac:1088.913.300.250,am:i,cc:1088.913.300.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[5013~100],as:[5013~300.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:103,fm:rB11Ibo+11|12|13|141|142|15|16|171|172|18*.930423|181|191|192,idMap:18*,rend:1,renddet:IMG.qs,rmeas:1}&br=u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:45 GMT
X-Server-Name
dt06.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
pixel.gif
px.moatads.com/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=11&i=CONDEUK1&hp=1&wf=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&k=&bq=0&f=0&j=&t=1567518459383&de=509824421084&m=0&ar=8bfa19b07e-clean&q=6&cb=0&ym=0&cu=1567518459383&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=12541037%3A369010877%3A776821277%3A98972786717&zMoatPS=-&zMoatST=-&zMoatDT=article&zMoatJS=-&qs=1&gu=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&id=1&bo=8881277&bd=118208237&zMoatOrigSlicer1=8881277&zMoatOrigSlicer2=118208237&dfp=0%2C1&la=118208237&gw=condenastuk573198052690&fd=1&ac=1&it=500&ti=0&ih=1&fs=170200&na=1115455233&cs=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.wired.co.uk/article/samsam-ransomware
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2019 13:47:49 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
Apache
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Tue, 03 Sep 2019 13:47:49 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Domain
www.wired.co.uk
URL
https://www.wired.co.uk/static/img/tiny.gif

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| permutiveConfig object| googletag object| permutive string| GoogleAnalyticsObject function| ga function| fbq function| _fbq boolean| ads_not_blocked function| webpackJsonp object| lazySizesConfig object| lazySizes object| GptAdSlots object| PromotionButtons object| InreadSupport object| INTERSTITIAL_AD function| cn_rubicon_resize object| cnd_wi object| _comscore function| OptanonWrapper object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Hammer object| rubicontag function| udm_ object| ns_p object| COMSCORE object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| FB object| __twttrll object| twttr object| __twttr object| $jscomp function| MIIScriptCtrl object| fortyone object| gwiq object| OneTrust string| containerName string| languageSwitcherFileName string| useDocumentLanguage string| languageSwitcherFilePathPart string| languageSwitcherURL function| getLanguageSwitcherScriptPath function| isLanguageSwitcherFile string| host string| source object| script object| imgurEmbed undefined| a undefined| c function| jsonFeed object| consentString function| __cmp object| Optanon string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| origrubicontag function| _defineProperty object| skyscanner undefined| $ undefined| jQuery object| __s object| instgrm object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken undefined| google_measure_js_timing boolean| google_DisableInitialLoad boolean| google_noFetch number| __google_ad_urls_id number| google_unique_id object| google_reactive_ads_global_state function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired boolean| VINE_EMBEDS function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| Moat#G26 boolean| Moat#EVA object| MoatSuperV26

12 Cookies

Domain/Path Name / Value
.wired.co.uk/ Name: eupubconsent
Value: BOmUFXTOmUFXTAcABBENCfiAAAApl7__f9_z_8_v1_9_NuzvKv_j_ef93VW8fvYvcEpzhY5d_uvUxxM4m_wtRc9wcgx85eprEsoxQ7oCsG-VOgd_5t__3ziX9ohPogkMpqgAAAAAAAAA
.facebook.com/ Name: fr
Value: 0JrQQ2GSTrdsm3JMD..Bdbm76...1.0.Bdbm76.
www.wired.co.uk/ Name: cnd_infobar_hash1
Value: {"configHash":"d2c64041eb6169eea5d4abf7c9edcf17","messages":{"0068f918c0b323c5ae786baee5aba65c":1}}
.wired.co.uk/ Name: _gid
Value: GA1.3.1212987205.1567518459
.wired.co.uk/ Name: __gads
Value: ID=714bcaaaf42fc868:T=1567518459:S=ALNI_MbJn25aUklFCnYbAZlu97bRrH4V6A
.wired.co.uk/ Name: OptanonConsent
Value: isIABGlobal=true&datestamp=Tue+Sep+03+2019+15%3A47%3A39+GMT%2B0200+(Central+European+Summer+Time)&version=5.2.0&landingPath=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fsamsam-ransomware&EU=true&groups=1%3A1%2C2%3A1%2C3%3A0%2C4%3A0%2C0_63156%3A0%2C0_63154%3A0%2C0_63160%3A0%2C0_63158%3A0%2C0_63137%3A0%2C0_63141%3A0%2C0_63139%3A0%2C0_63145%3A0%2C0_63143%3A0%2C0_63149%3A0%2C0_63147%3A0%2C0_63153%3A0%2C0_63151%3A0%2C0_63157%3A0%2C0_63155%3A0%2C0_63161%3A0%2C0_63159%3A0%2C0_63136%3A0%2C0_63140%3A0%2C0_63138%3A0%2C0_63144%3A0%2C0_63142%3A0%2C0_63148%3A0%2C0_63146%3A0%2C0_63152%3A0%2C0_63150%3A0%2C8%3A0
.wired.co.uk/ Name: _gat
Value: 1
.wired.co.uk/ Name: _ga
Value: GA1.3.1154345201.1567518459
.wired.co.uk/ Name: _fbp
Value: fb.2.1567518458903.963896266
www.wired.co.uk/ Name: cnd_comscore_consent
Value: null
.wired.co.uk/ Name: _gat_CondeTracker
Value: 1
www.wired.co.uk/ Name: cnd_one_trust_consent1
Value: null

5 Console Messages

Source Level URL
Text
console-api log URL: https://www.wired.co.uk/static/js/core.min.js(Line 1)
Message:
%c _ _ _ _ _ | | | | | | (_) (_) | | | | ___ __ _ _ __ ___ | |__ _ _ __ _ _ __ __ _ | |/\| |/ _ \ / _` | '__/ _ \ | '_ \| | '__| | '_ \ / _` | \ /\ / __/ | (_| | | | __/ | | | | | | | | | | | (_| | \/ \/ \___| \__,_|_| \___| |_| |_|_|_| |_|_| |_|\__, | __/ | |___/ %c Are you an awesome software engineer? Join the team in London that builds Wired, Vogue, GQ, Glamour and more. https://code.condenast.co.uk/jobs https://code.condenast.co.uk/home https://www.condenast.co.uk
console-api warning URL: https://www.wired.co.uk/static/js/core.min.js(Line 1)
Message:
User has not consented yet. Beacon will send value missing `cs_ucfr`.
console-api warning URL: https://www.wired.co.uk/static/js/core.min.js(Line 1)
Message:
Prebid library has no url specified to load. Ads will continue without Prebid
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082701.js(Line 15)
Message:
Exception in queued GPT command
console-api debug URL: https://static.adsafeprotected.com/sca.17.4.95.js(Line 32)
Message:
a: 0.002197265625ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.rubiconproject.com
adservice.google.com
adservice.google.de
cdn.cookielaw.org
cdn.permutive.com
code.jquery.com
connect.facebook.net
cookies.onetrust.mgr.consensu.org
covers.condenast.co.uk
dt.adsafeprotected.com
eus.rubiconproject.com
fastlane.rubiconproject.com
geolocation.onetrust.com
gwiq-v3.globalwebindex.net
gwiqcdn.globalwebindex.net
p.skimresources.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
platform.instagram.com
platform.twitter.com
platform.vine.co
px.moatads.com
r.skimresources.com
s.imgur.com
s.skimresources.com
sb.scorecardresearch.com
secure-uk.imrworldwide.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
staticxx.facebook.com
stats.g.doubleclick.net
t.skimresources.com
tpc.googlesyndication.com
wi-images.condecdn.net
widgets.skyscanner.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.instagram.com
www.wired.co.uk
z.moatads.com
tpc.googlesyndication.com
www.wired.co.uk
104.244.36.20
151.101.112.193
151.101.114.133
151.139.128.10
152.195.132.202
199.166.0.26
199.166.0.32
2.18.235.40
2.19.38.84
2001:4de0:ac18::1:a:1a
216.58.207.34
23.37.55.184
23.5.97.37
2600:9000:2057:b400:2:75ac:ea80:93a1
2600:9000:2057:da00:f:4ddd:5d80:93a1
2606:2800:233:e50:1eb4:1000:1d3b:1502
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6814:b944
2a00:1450:4001:80b::2002
2a00:1450:4001:814::2001
2a00:1450:4001:814::200e
2a00:1450:4001:81d::2004
2a00:1450:4001:821::2002
2a00:1450:4001:821::2003
2a00:1450:4001:824::2002
2a00:1450:400c:c04::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:2880:f22d:c4:face:b00c:0:43fe
2a03:2880:f22d:e5:face:b00c:0:4420
3.122.44.141
34.200.196.96
34.249.189.245
35.190.59.101
35.190.75.210
35.190.80.55
35.201.67.47
35.201.93.216
69.173.144.143
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
062aef80c07aa0f3d7ccffd31c292c44754798f065a72d6f21b00370e83811b4
0d52524070b2e4a2456997d37766b9462267226491f74f2b270157a419f86738
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1228207bc671da7b6cce0ca73c10ee4e059055f521c0dcc9bffe6fbca1c16306
149c8d10677f2f6979fa28c078cf832f575ee53c397d791b739e7c4c687fe7bc
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1a4e52ad82419da201955d1a266c719de20e7f97bbb0f40b8d9a766961df4f12
1aac7ab7b21ee9a7169669311e9858868ad5c0e98214bfb1b21f5e45ddb1f322
1d682ca843c2bb9d498a2c1c534a242528c2ae5af4e245aff7274743467c7abe
2832c93ada0b6b4cecfc1cb12191921dcdd570fc5fcc54f7a5da359df716a061
285c72953eb85aeef5a80f8f900d0066e0a714565dd63c1adee46c67e1138159
28b5acfe560dc1ac4be485d5bfdf9bc0ec165fd9dd7d85d7724402ce2570ecdc
2c5ba0e9b1bd952196a070f51f967156cbd25a0e84f55cf99f5b0338eef73d35
2f78a9f3d1d4b5078213d39c3f51ea1f5b72d91793a9e3fa14612e9d1add543d
33fe603fc2f3ab91d7ea358e480783d3a0fd46db18c7dec98ae6c1b8c05cadfa
4384442f865214c374cd5720e2f6bede06120213117089ff7d6ced5308aa4ee3
4746a8c470066c85cd2241b8970a3ac6faef9310b0371c881a7b78484eac7d27
4b790df01d1a1da0d7bd24431d9fcbe066cd7edcd938398a50dcd53538f2f197
4d5630e6cb7cdcca363cf81a7eb4a09202835166a613c002a27fac54fa87ba50
4df1c47e7ba0d9ca65316f89063487b92c84ed7fe3a4528043fa39859da831c5
5741713e0d03c1cafde95d818366599283c49b55cf712dbd3037fe38b91010d4
57aae00d0e01665328927b13cbed2fbd9e47711d5657d2fa5cd34848e7ee53c9
5d9b8a3b37a72b6fc1218e3d026286026177e70f431e4bd279d8a90415a7f3af
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
6018cfcd22ad96057eaff08c209956270621683156a688d6a52725a57cee0967
64633aa4fb84814b7e4f3ec62d2bf51589e56be7bd663daeeeb6b61a50ee947a
67f44eb1ee56bb479a625988e909d2e0994320fe37189fdf976b62ab5d937251
69aedd2b2e4972e79f9161c962de3c370be68400b4f9c6474434c41c67ebbd39
6a3f4ae9ad1c1c56f5424772bdf73bd665867b674392fb9b1ba500ddd93b1c6d
6aa86e7e4298bd10133a30a92c9cdb5722758e7377852b8a3659118b47a4a3b5
6dd7e7ea596e944778e78ccd97a2e17837ef633d69cad2108842d4ddcb958b1c
70ccb2c9bbcaff90719cf917e90b949cf9b2cb71fb6d27e3cc0f6f69ac813725
733880eff2c1731c151f1e85e225fb1a786da9fdb7e6c16937ced4d4368970b6
73f8849c1fbf8a9a7a6886c9efe3bcdae4627d1b08451b1424cada88232e5792
7761a09bb29ae715af99560139c700a6a8fed8f08858cd62a8fd7ef1f1836def
77799d085344a6b034b291ef16a9e449493abb648933a6ad20f7ce7b827f666c
79401fd650fdacaae2f7a16b2aa9aa6ae4c0c64f42f1b675eee805c79680fb5b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
873e3c6a7c6b70c11f3174e4a16f13f1719a00e409ae4e4be6e8cfc53e2d5034
8c0387799f73fb82ec76244ef39d831e8ebc6db67b89b3f8acf20ea031fb2654
8c2789be580b7cd332e266ef9ea3fd3b0e3e51dc1cfd0f3474e8a54b6eb08b8e
8f2e37cf4e314907e37bf11c3205be713c048968afb0af99f791b1f336308a33
913529a1ab355be3064eee81a60e3d79fbbd2702df8a1da88437ee7fb80115e3
a365411864d3369a7a919d3484b0c04da1a370e4bba56783c9900719f3386f2c
a7641164ae3a09306d092ddadeb0e9a4f43106027bfcb684f530aba8fa87aff6
aae483643bcd187e09a4a4d9b08671d661894b3b454a1771d5359866b2480561
ac43b3536339de782f37fe09391c3ca4b6ee81081140d4024f3cfb8c8049c00b
ae5003ea3c48afcd6e9f59a592e4f08175aeb3912f43fe1956366cda283ff6a2
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4216d6992e1f1584cd65129885f0ab8a13e30a2fa6307c1157b9d58a6753bab
b64496421dc2338ca414bf78bcdcb375e6d2699948a2d3820c435cc02a207be6
b7c92991d1f89ce3314806fb8e5602d58a5453753e6837f827a6fc8b312d9dd6
bd2002c0e0ba0996db827dfd463ef9bc4a73ea49b55bc36128cd11a295e9d018
bd44606d334aed32b0f7d96364aded9527c6b5e1c5cf815fd2f484191ee71fc1
c5ac8d7fe91106646208317ac2470cea139655cb875b2408d3c3ce8152f0c965
c5b6a6c4915c90208d9b974b47815e9ec73ded1494a1793ed28eae2ff0e23b9a
c937f9cdc6de247e1b571b2210a1c0a853cc324aff18b8598649daaa4bdec25a
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
cef52b944abeb9ba5fc7b58b50db01d3205b06c5fa739f9c6f8de2827f9a0820
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f97cd0491a85cc069b732cb021bb5912dda2eb42f75e80edb218b51c47e60f
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d1d597a740d4b09db2d6491af33397944f7dddc5d7e21d95cb33066f2e747ca8
d500f76317e756f3079bf8e4ab76caf0475fdd87b2e1431a201c9569bfddf574
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dca6fba838ae5d9ee0e87ee86aac6ad2eb3bda6ed878f032c80de9e922ed7b4f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dfaede937ef770a23131669df5fa79ca4e9749cf68bdbf4d174f8f623fae4b52
e1364204bab754c7a98c514aeb8b8c7648edb01fb030b9822efa8f171cd3ba79
e2ca7bd70b92c03593d8be6131b1713802f45144836466752e2ede4bbef9f6d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5312973c73f6ec06d9dc603ce82f86bb909e0f0eefd0d9574b3e975d3d9c3fd
e78e49265b0455d4ef9f67786c160ae88fe95188980606cd44aa5e35cb94e44f
e966b7b4db4fd0568bcd89d4044d4f543a28833d872b1c166504e55d503e930a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f061903e91136a670ee391e65b5b85f0dfa50939e3c7febb662e30502a5540a2
f0a29ee8ce6b516737b9723291e447e7b674a1257d63284f949a066a021eca6e
f1106d00331995db22eee14181b1510b7ec3b7e780e0e4fa6827c66aaa2a99b4
f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec
f4ce67688b22d141487d3064c9e540ec1626002af53a3ba58fcee3e622445f10
f7140603c1c0a729bc44f3baf059b1134d9ac29d4cd6ac143b0dd4bfafe393fe
f752b97f6b35bf2bf0f226e74190dbcaf5a67ffbe76738abdd71574c932c96d4
fc6e1466697c8bc84d5f4c216c98f06ec3b866a3cb5d5ca3ad792a244f74a58c
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf