gizmodo.com Open in urlscan Pro
151.101.194.166  Public Scan

34 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

• https://kinja-com.videoplayerhub.com/gallery.js HTTP 301
• https://btloader.com/tag?h=kinja-com&upapi=true

Request Chain 51

• https://cd.connatix.com/connatix.playspace.js HTTP 302
• https://cds.connatix.com/p/122361/connatix.playspace.dc.js

Request Chain 72

• https://colossusssp.com/?c=o&m=cookie HTTP 302
• https://sync.colossusssp.com/hms.gif?puid=d4cc84d592e096e864209b85d4f00b54df3f5d66

Request Chain 92

• https://sb.scorecardresearch.com/b?c1=2&c2=6770184&ns__t=1625414721566&ns_c=UTF-8&cv=3.5&c8=A%20Large%20Ransomware%20Attack%20May%20Have%20Ensnared%20Upwards%20of%20200%20Companies&c7=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&ns__t=1625414721566&ns_c=UTF-8&cv=3.5&c8=A%20Large%20Ransomware%20Attack%20May%20Have%20Ensnared%20Upwards%20of%20200%20Companies&c7=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&c9=

Request Chain 117

• https://px.britepool.com/new?partner_id=t HTTP 302
• https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=8610ab6a-5b46-49dc-afc6-48f29cae7a67

217 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Show response gizmodo.com/	250 KB 52 KB	29ms 10ms	Document text/html	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Express Resource Hash afeafb6913a3866c0f0d7e8958c0ead53bc05e3a0d1c037af99cb667d2639ce3 Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers :method GET :authority gizmodo.com :scheme https :path /a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-powered-by Express x-kinja kinja-magma-kube01-6fcfffc64b-bjvh4 #2780 x-kinja-revision 9b00c430f4a7574dcedc0bb44a8025c062a51caf x-kinja-server kinja-magma-kube01-6fcfffc64b-bjvh4 x-kinja-build 2780 cache-control stale-if-error=86400, stale-while-revalidate=300 content-security-policy frame-ancestors 'self'; upgrade-insecure-requests x-content-type-options nosniff x-xss-protection 1; mode=block strict-transport-security max-age=63072000; includeSubDomains; preload x-googlenews-bot false x-frame-options deny content-type text/html; charset=utf-8 etag W/"3e64f-9FW4+i/IXfXervEOBDjJPdnQZn8" content-encoding gzip via 1.1 varnish, 1.1 varnish x-cdn-fetch mantle-default accept-ranges bytes date Sun, 04 Jul 2021 16:05:20 GMT age 10 x-served-by cache-bwi5132-BWI, cache-hhn4076-HHN x-cache HIT, HIT x-cache-hits 1, 1 x-timer S1625414721.620104,VS0,VE1 x-ua-device desktop set-cookie geocc=DE;path=/; KinjaBucket=8;path=/;Max-Age=31536000;domain=gizmodo.com;SameSite=None;Secure; KinjaSetBucket=8|1625414700|wOvLhrGhx32371sMAKDR1JBO88OdYcxEr7D3dTnM+l4=;path=/;Max-Age=300;SameSite=None;Secure; vary Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, Cookie, X-GoogleNews-Bot, X-Kinja-WelcomeAdLoadedV1, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-Kinja-GDPR, X-Kinja-CCPA, Authorization content-length 50873
GET H2	200	proxima_nova_cond_reg-webfont.woff2 f.kinja-static.com/assets/fonts/proxima/	27 KB 28 KB	41ms 10ms	Font binary/octet-stream	151.101.66.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_reg-webfont.woff2?08252015 Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 8fe5f0c4bdaf3e031a6172679193e88d3a24c7deb6e3c7e2b2a477061cc1ad81 Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin https://gizmodo.com Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT via 1.1 varnish x-content-type-options nosniff age 41 x-cache HIT content-length 28044 x-amz-id-2 3gMK4TGuPNAou/tZqf213uSJvdkEZN8RJrkgj4/vzL+MA+eO7dVZDKfv9kPDUyG+mNzpduPo8OI= x-served-by cache-hhn4026-HHN last-modified Wed, 30 Jun 2021 21:03:44 GMT server AmazonS3 x-timer S1625414721.670544,VS0,VE0 etag "94cbaf403b2922fd6858c812dae091fb" x-amz-request-id TZPHCW0PVSA38YG0 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type binary/octet-stream x-cache-hits 2
GET H2	200	proxima_nova_cond_reg_it-webfont.woff2 f.kinja-static.com/assets/fonts/proxima/	30 KB 30 KB	51ms 20ms	Font binary/octet-stream	151.101.66.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_reg_it-webfont.woff2?08252015 Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 3d764be1388f0488c90be29ca58c3ad082f9d954ece8448448779bb79e3ca7a4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin https://gizmodo.com Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT via 1.1 varnish x-content-type-options nosniff age 18 x-cache HIT content-length 30416 x-amz-id-2 X/n1+B9sdb+sh9IZP8AQSB+bJndFvaJBfMJ93twVjwe3CrPLWt6/k1/Gy/CQ1ZOJ3HuYjo8NJbg= x-served-by cache-hhn4026-HHN last-modified Wed, 23 Jun 2021 20:16:43 GMT server AmazonS3 x-timer S1625414721.670549,VS0,VE0 etag "bea38ea36d2aba1d5da6e8f842425e40" x-amz-request-id FAWZ8HJZF8QN1PA7 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type binary/octet-stream x-cache-hits 2
GET H2	200	proxima_nova_cond_sbold-webfont.woff2 f.kinja-static.com/assets/fonts/proxima/	27 KB 28 KB	51ms 21ms	Font binary/octet-stream	151.101.66.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_sbold-webfont.woff2?08252015 Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 63125723c148b0c5391dea8c827d96958a6706a542f8b45822904aaefe10c4ad Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin https://gizmodo.com Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT via 1.1 varnish x-content-type-options nosniff age 41 x-cache HIT content-length 28136 x-amz-id-2 xw7xYiW/l+i4G4We8LSwSZS0b1xbn3yeq0mwqmp7zD3IFxcRF9H7tNd3l3TiQGpMt9MGh5L2sq8= x-served-by cache-hhn4026-HHN last-modified Wed, 23 Jun 2021 20:16:43 GMT server AmazonS3 x-timer S1625414721.670499,VS0,VE0 etag "7ac1e4b7ab03f256e831e00e3b5618a6" x-amz-request-id VPQH863QZW2SC0XV access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type binary/octet-stream x-cache-hits 2
GET H2	200	proxima_nova_cond_sbold_it-webfont.woff2 f.kinja-static.com/assets/fonts/proxima/	30 KB 30 KB	40ms 10ms	Font binary/octet-stream	151.101.66.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_sbold_it-webfont.woff2?08252015 Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 8e8d2c867ae480b6b318900eb4168d5645f635420bdb1626976c9c0af71c45eb Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin https://gizmodo.com Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT via 1.1 varnish x-content-type-options nosniff age 85 x-cache HIT content-length 30232 x-amz-id-2 WD2fVvNBdxc3u+8y1d80Ve+IT4XfEhwBSbTYSOIe0N40AC1nSVZ9epFYrRxdsDABhEponc9DBJw= x-served-by cache-hhn4026-HHN last-modified Wed, 23 Jun 2021 20:16:43 GMT server AmazonS3 x-timer S1625414721.670482,VS0,VE0 etag "6d0ce198b25710fd5d0a2c0fb863b22c" x-amz-request-id DW03GV20R3JFVTWY access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type binary/octet-stream x-cache-hits 3
GET H2	200	bidexchange.js Show response hbx.media.net/	438 KB 108 KB	87ms 57ms	Script text/javascript	2.18.235.93 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://hbx.media.net/bidexchange.js?cid=8CUL2TG3D&version=5.1&dn=gizmodo.com Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-235-93.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 33d21b2d5e574e4781f6ac8ee43ca192646770ad9afdff1e2ad407f5c92f176a Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=604800 content-encoding gzip server Apache date Sun, 04 Jul 2021 16:05:20 GMT vary Accept-Encoding x-mnet-h E content-type text/javascript; charset=utf-8 cache-control max-age=1800 timing-allow-origin * expires Sun, 04 Jul 2021 16:35:20 GMT
GET H/1.1	200 OK	183957-47751755686051.js Show response js-sec.indexww.com/ht/p/	47 KB 16 KB	29ms 9ms	Script text/javascript	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/ht/p/183957-47751755686051.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 568068711d00d07ac001e1937acdb4621d0d7ea602ff8beb225c1b9f22701d1d Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Jul 2021 16:05:20 GMT Content-Encoding gzip Last-Modified Sun, 04 Jul 2021 15:35:55 GMT Server Apache ETag "7618e8-bde7-5c64df1ce359d" Vary Accept-Encoding P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=2057 Connection keep-alive Accept-Ranges bytes Content-Type text/javascript Content-Length 15802 Expires Sun, 04 Jul 2021 16:39:37 GMT
GET H2	200	lux.js Show response cdn.speedcurve.com/js/	17 KB 6 KB	35ms 6ms	Script application/javascript	151.101.114.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.speedcurve.com/js/lux.js?id=527761496 Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software Apache / Resource Hash 62008ba58937572f1a34185e7f1957399da3d01b109c84698649767366fb5bde Request headers Origin https://gizmodo.com Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT via 1.1 vegur, 1.1 varnish age 1379 x-cache HIT x-cache-hits 11 content-encoding gzip content-length 6234 x-served-by cache-hhn4029-HHN last-modified Sun, 04 Jul 2021 15:42:21 GMT server Apache x-timer S1625414721.684655,VS0,VE0 vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes timing-allow-origin * expires Sun, 11 Jul 2021 15:42:21 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	68 KB 24 KB	40ms 15ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software sffe / Resource Hash cf20a7acfa943360c10dd3690b868789fd2640c26a2dde6c65deadfb46482181 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "920 / 855 of 1000 / last-modified: 1625264026" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24231 x-xss-protection 0 expires Sun, 04 Jul 2021 16:05:20 GMT
GET H2	200	op.js Show response tagan.adlightning.com/gomedia/	35 KB 14 KB	34ms 10ms	Script application/javascript	13.225.87.127 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/gomedia/op.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.127 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-127.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash a4035bf02800e3ebfe9c98639ed5fbb05bc4195d5483195cae12aeb85bb94a74 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id sg73wCRAhP1dof8VEaA1AiGKwR_GT3Zf content-encoding gzip etag "bafd8e7a843f9eabc04703c415400546" age 2192 x-cache Hit from cloudfront content-length 14302 x-amz-meta-git_commit 165eba0 last-modified Sat, 03 Jul 2021 21:51:07 GMT server AmazonS3 date Sun, 04 Jul 2021 15:28:49 GMT content-type application/javascript via 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-cf-pop FRA2-C2 accept-ranges bytes x-amz-cf-id JhFNbWXhmERFR2d6NljDuCiyYFGcX5DJ8yO8RsIviVHNHhAuL2XmBg==
GET H2	200	wrapperMessagingWithoutDetection.js Show response sourcepoint.gizmodo.com/	152 KB 44 KB	60ms 10ms	Script application/javascript	13.225.87.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sourcepoint.gizmodo.com/wrapperMessagingWithoutDetection.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-76.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 3ca5fd7c380b11d2a3e892ba22641c5ecaa55cf0e9ea6854fad6ae77b9871622 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id null content-encoding gzip last-modified Tue, 29 Jun 2021 16:25:44 GMT server AmazonS3 age 1663 etag W/"9ec40d1a4a01c889e08b612e01879eed" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront) cache-control max-age=3600 date Sun, 04 Jul 2021 15:37:38 GMT x-amz-cf-pop FRA2-C2 x-amz-cf-id 7ozK7dr0oAHsSpksy52uTmTggQevywGPWafgYCTq6ZS7ILJ1oMGp5g==
GET H2	200	runtime~adManager.9b1a59b2cb3ef928a54e.js Show response gizmodo.com/x-kinja-static/assets/new-client/	4 KB 2 KB	5ms 0ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/x-kinja-static/assets/new-client/runtime~adManager.9b1a59b2cb3ef928a54e.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 6199e645e5753de4276f3c99e61fd410b1fd6d0e8ea2871a9efc4571e5941c56 Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin https://gizmodo.com Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 921419 via 1.1 varnish, 1.1 varnish x-cache MISS, HIT set-cookie geocc=DE;path=/; x-ua-device desktop x-cdn-fetch mantle-origin-cache content-length 1480 x-amz-id-2 IEN1xR6fcabnMo6ZPlwmxxOXGwxqRbJCFX0O2yxxpxEIWmMaxrWoOJRTCLkqf1Lgdk8IkQCw8GE= x-served-by cache-hhn4039-HHN, cache-hhn4076-HHN last-modified Wed, 23 Jun 2021 20:17:37 GMT server AmazonS3 x-timer S1625414721.622272,VS0,VE0 etag "b3c5bffe31dfdc4fb998478790577c2d" vary Accept-Encoding, Authorization x-amz-request-id X7CAF8KVEY5NK382 access-control-allow-origin * cache-control public, max-age=31536000 x-http2-push pushed accept-ranges bytes content-type application/javascript x-cache-hits 0, 1024
GET H2	200	0.964ec926522338d43fe6.js Show response gizmodo.com/x-kinja-static/assets/new-client/	7 KB 3 KB	2ms 0ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/x-kinja-static/assets/new-client/0.964ec926522338d43fe6.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 6db55e01bed50fd095397a0c2382148aea2865278d05a346499a5a677bc49fcd Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin https://gizmodo.com Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 2091473 via 1.1 varnish, 1.1 varnish x-cache MISS, HIT set-cookie geocc=DE;path=/; x-ua-device desktop x-cdn-fetch mantle-origin-cache content-length 2238 x-amz-id-2 93rdpjhO8hYsFh7+G5VbCCZ3LbUAPe5doQyfkQwXG6BzLfJTZxLLvJ79ef1M2mU9VQlsbdC84ok= x-served-by cache-hhn4020-HHN, cache-hhn4076-HHN last-modified Thu, 10 Jun 2021 11:03:53 GMT server AmazonS3 x-timer S1625414721.622157,VS0,VE0 etag "fc24e5eaf48793210ba391bd2ac61a9a" vary Accept-Encoding, Authorization x-amz-request-id F6V53W6SZB1X9TE2 access-control-allow-origin * cache-control public, max-age=31536000 x-http2-push pushed accept-ranges bytes content-type application/javascript x-cache-hits 0, 1134
GET H2	200	vendors~adEditor~adManager~alertsUnsubscribePage~categoryPage~channelSectionPage~commerceDashboard~c~968df36b.9923bf7ba7bbe29ca59d.js Show response gizmodo.com/x-kinja-static/assets/new-client/	8 KB 3 KB	4ms 0ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/x-kinja-static/assets/new-client/vendors~adEditor~adManager~alertsUnsubscribePage~categoryPage~channelSectionPage~commerceDashboard~c~968df36b.9923bf7ba7bbe29ca59d.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 2b729c405c013bf1968624a8bbdec3277140bf4564421bcd94fa58dfe507467e Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin https://gizmodo.com Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 952071 via 1.1 varnish, 1.1 varnish x-cache HIT, HIT set-cookie geocc=DE;path=/; x-ua-device desktop x-cdn-fetch mantle-origin-cache content-length 2612 x-amz-id-2 6Nf8ej4jAFHG6Oql1f/RZ2aSL+JdxF9NRtjHTTcff5NzNfvEDfEpzXOjPaOuxXZck2/Y49prKEw= x-served-by cache-hhn4047-HHN, cache-hhn4076-HHN last-modified Wed, 23 Jun 2021 15:33:52 GMT server AmazonS3 x-timer S1625414721.622356,VS0,VE0 etag "e28147ad9e56fa17b6f206f720142985" vary Accept-Encoding, Authorization x-amz-request-id 6J88NSA0NM7Y78RK access-control-allow-origin * cache-control public, max-age=31536000 x-http2-push pushed accept-ranges bytes content-type application/javascript x-cache-hits 1, 1130
GET H2	200	vendors~adEditor~adManager~alertsUnsubscribePage~categoryPage~channelSectionPage~commerceDashboard~c~6bc789c3.a748686d80fcb1cd5b7d.js Show response gizmodo.com/x-kinja-static/assets/new-client/	163 KB 46 KB	5ms 0ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/x-kinja-static/assets/new-client/vendors~adEditor~adManager~alertsUnsubscribePage~categoryPage~channelSectionPage~commerceDashboard~c~6bc789c3.a748686d80fcb1cd5b7d.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 0687915c760036cea39aac574cb8cdeccc0ee2f4cf5f8661fe61b944f57db1c1 Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin https://gizmodo.com Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 273760 via 1.1 varnish, 1.1 varnish x-cache HIT, HIT set-cookie geocc=DE;path=/; x-ua-device desktop x-cdn-fetch mantle-origin-cache content-length 46377 x-amz-id-2 98szv/LN186gS0EShULDVDUoC1ksLAINEhJ3YHzXBd7sySWLF89XfDSe2RUIjzEG0Aqj8BoXvWM= x-served-by cache-hhn4048-HHN, cache-hhn4076-HHN last-modified Wed, 30 Jun 2021 21:03:59 GMT server AmazonS3 x-timer S1625414721.622419,VS0,VE0 etag "c3be7cdf80deb2ba5c1dd9593c3f49bf" vary Accept-Encoding, Authorization x-amz-request-id 0PXNZX9N5YTNY50F access-control-allow-origin * cache-control public, max-age=31536000 x-http2-push pushed accept-ranges bytes content-type application/javascript x-cache-hits 1, 1128
GET H2	200	vendors~adEditor~adManager~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPa~22001dde.3755b8a87ac2d112e8ea.js Show response gizmodo.com/x-kinja-static/assets/new-client/	8 KB 3 KB	3ms 0ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/x-kinja-static/assets/new-client/vendors~adEditor~adManager~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPa~22001dde.3755b8a87ac2d112e8ea.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 76ed7572e54c022609628a3394bced12544dca7e15420bd063b6815bb7b4f735 Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin https://gizmodo.com Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 952071 via 1.1 varnish, 1.1 varnish x-cache HIT, HIT set-cookie geocc=DE;path=/; x-ua-device desktop x-cdn-fetch mantle-origin-cache content-length 2969 x-amz-id-2 oUZXIn1+uYZWqDOFsRZO3AYZkE+A+FQ/M+nzhZeSG3pP8VwxHel7EHOkmUCVo3BEoXo56g3Q+uY= x-served-by cache-hhn4049-HHN, cache-hhn4076-HHN last-modified Wed, 23 Jun 2021 15:33:53 GMT server AmazonS3 x-timer S1625414721.622255,VS0,VE0 etag "7db9c76a786a1b8a01eee34f228affc7" vary Accept-Encoding, Authorization x-amz-request-id 6J8DYK6NZ6ZKB129 access-control-allow-origin * cache-control public, max-age=31536000 x-http2-push pushed accept-ranges bytes content-type application/javascript x-cache-hits 1, 1137
GET H2	200	vendors~adManager.1251f00953bd00c6b4a8.js Show response gizmodo.com/x-kinja-static/assets/new-client/	10 KB 3 KB	7ms 0ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/x-kinja-static/assets/new-client/vendors~adManager.1251f00953bd00c6b4a8.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ff69e2c834fa6a9e13905d79db90b5f8fc9d3ffe5b3a53489fb2b3d0ac08927b Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin https://gizmodo.com Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 952071 via 1.1 varnish, 1.1 varnish x-cache HIT, HIT set-cookie geocc=DE;path=/; x-ua-device desktop x-cdn-fetch mantle-origin-cache content-length 2797 x-amz-id-2 U93W8Xstis5xsEGWjCI4bm0LWaa5wWPKSc72CV6yDUBGMAuo3DFvOiE+q4sZyb4nRERz25iuMcQ= x-served-by cache-hhn4048-HHN, cache-hhn4076-HHN last-modified Wed, 23 Jun 2021 15:33:53 GMT server AmazonS3 x-timer S1625414721.623059,VS0,VE0 etag "7e70adee74ecb7f69c6c69a220f002d5" vary Accept-Encoding, Authorization x-amz-request-id 6J86JQZ463AAK9G3 access-control-allow-origin * cache-control public, max-age=31536000 x-http2-push pushed accept-ranges bytes content-type application/javascript x-cache-hits 1, 1113
GET H2	200	1.671fee28007d60931e23.js Show response gizmodo.com/x-kinja-static/assets/new-client/	6 KB 2 KB	1ms 0ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/x-kinja-static/assets/new-client/1.671fee28007d60931e23.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ffaf1650ece91bbdb5efe951b40548eca37d0a459a5e593a60fd344c8af1f2eb Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin https://gizmodo.com Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 2091474 via 1.1 varnish, 1.1 varnish x-cache MISS, HIT set-cookie geocc=DE;path=/; x-ua-device desktop x-cdn-fetch mantle-origin-cache content-length 1740 x-amz-id-2 1mcojOBseLK6ucAJdtH82zFZiHRqm+/kObNz3fLbL54wPObEQBmiWlITn0OxQPh4r/Zcu2wWHx4= x-served-by cache-fra19122-FRA, cache-hhn4076-HHN last-modified Thu, 10 Jun 2021 11:03:53 GMT server AmazonS3 x-timer S1625414721.622128,VS0,VE0 etag "c0b2656268667ecc9fc576d055ada0ee" vary Accept-Encoding, Authorization x-amz-request-id F6V1GXR7B1NXPY3F access-control-allow-origin * cache-control public, max-age=31536000 x-http2-push pushed accept-ranges bytes content-type application/javascript x-cache-hits 0, 1136
GET H2	200	adEditor~adManager~alertsUnsubscribePage~categoryPage~channelSectionPage~commerceDashboard~errorPage~7c034512.33215ff453c283918fba.js Show response gizmodo.com/x-kinja-static/assets/new-client/	63 KB 13 KB	2ms 0ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/x-kinja-static/assets/new-client/adEditor~adManager~alertsUnsubscribePage~categoryPage~channelSectionPage~commerceDashboard~errorPage~7c034512.33215ff453c283918fba.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 379567804d461225f08203e6235d432c9d818bb4cd0194a101032351b5d16591 Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin https://gizmodo.com Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 438911 via 1.1 varnish, 1.1 varnish x-cache MISS, HIT set-cookie geocc=DE;path=/; x-ua-device desktop x-cdn-fetch mantle-origin-cache content-length 12665 x-amz-id-2 k99HEbzZw6yllY8x1qKFMwKAeK/7416QleLG6PkiVQm4ibchGLCnIoe/ETHgZWe/zE4Eh+g0enY= x-served-by cache-hhn4043-HHN, cache-hhn4076-HHN last-modified Tue, 29 Jun 2021 14:03:55 GMT server AmazonS3 x-timer S1625414721.622120,VS0,VE0 etag "10a131601e271e5712edd31167b927b5" vary Accept-Encoding, Authorization x-amz-request-id FJ5Z4N0AMNX1A5PW access-control-allow-origin * cache-control public, max-age=31536000 x-http2-push pushed accept-ranges bytes content-type application/javascript x-cache-hits 0, 1138
GET H2	200	adEditor~adManager~categoryPage~channelSectionPage~commerceDashboard~errorPage~experiments~featureSw~e473479e.27ca400b36d472e30cc2.js Show response gizmodo.com/x-kinja-static/assets/new-client/	41 KB 8 KB	4ms 0ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/x-kinja-static/assets/new-client/adEditor~adManager~categoryPage~channelSectionPage~commerceDashboard~errorPage~experiments~featureSw~e473479e.27ca400b36d472e30cc2.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a0f7d460673edbdfba30d9ec500b614a893aa5751bb8cd0356143bc4775af3d6 Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin https://gizmodo.com Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 271599 via 1.1 varnish, 1.1 varnish x-cache HIT, HIT set-cookie geocc=DE;path=/; x-ua-device desktop x-cdn-fetch mantle-origin-cache content-length 7955 x-amz-id-2 vpQ1XGzaCGoRGCApthqmQ5JMt5Ju0bzW7ewfhjoZVIhT9TB82bNfxdSKsghLacbPlBIiGNICN2I= x-served-by cache-fra19168-FRA, cache-hhn4076-HHN last-modified Wed, 30 Jun 2021 21:03:57 GMT server AmazonS3 x-timer S1625414721.622017,VS0,VE0 etag "be2ee244b05ca0b8c508669f747970be" vary Accept-Encoding, Authorization x-amz-request-id 6NXM2629REEEYE6W access-control-allow-origin * cache-control public, max-age=31536000 x-http2-push pushed accept-ranges bytes content-type application/javascript x-cache-hits 1, 473
GET H2	200	adManager~trackers.1eb4401e8dd1b180b3ac.js Show response gizmodo.com/x-kinja-static/assets/new-client/	10 KB 4 KB	6ms 0ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/x-kinja-static/assets/new-client/adManager~trackers.1eb4401e8dd1b180b3ac.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ba8dcbc2d4a724b96100ee98660535c3ebdb47a8b739b054ca2be803b133ef62 Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin https://gizmodo.com Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 919723 via 1.1 varnish, 1.1 varnish x-cache HIT, HIT set-cookie geocc=DE;path=/; x-ua-device desktop x-cdn-fetch mantle-origin-cache content-length 3374 x-amz-id-2 ZWVwRiN0jQjaU4op2ROkcgjZllkwE8lhvzZ9GDUvXT3oLR484rydtWw3brD0qmVtc9F6vSgSuy8= x-served-by cache-hhn4061-HHN, cache-hhn4076-HHN last-modified Wed, 23 Jun 2021 16:45:17 GMT server AmazonS3 x-timer S1625414721.622005,VS0,VE1 etag "cea46f3007bb5ed000f2261840607b16" vary Accept-Encoding, Authorization x-amz-request-id SCYZGFKRV5XNRHSP access-control-allow-origin * cache-control public, max-age=31536000 x-http2-push pushed accept-ranges bytes content-type application/javascript x-cache-hits 1, 464
GET H2	200	adManager.0497afbe9cced0141125.js Show response gizmodo.com/x-kinja-static/assets/new-client/	58 KB 14 KB	7ms 0ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/x-kinja-static/assets/new-client/adManager.0497afbe9cced0141125.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash abadc5bf08706ee8d14f98a3f5b41d51f4905ede8931cd60d8b4dfc302e1e6f4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin https://gizmodo.com Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 266525 via 1.1 varnish, 1.1 varnish x-cache HIT, HIT set-cookie geocc=DE;path=/; x-ua-device desktop x-cdn-fetch mantle-origin-cache content-length 14468 x-amz-id-2 rk30I8VpwKfbicXEMEFCULf404SGauNFjHDbKMBSeEngdGZKBoa1S3ysvDeqyDlo4AVIfeOKq0Y= x-served-by cache-hhn4028-HHN, cache-hhn4076-HHN last-modified Thu, 01 Jul 2021 13:58:20 GMT server AmazonS3 x-timer S1625414721.621982,VS0,VE0 etag "1daa310a4c9a86f7961d63c8173eb3c5" vary Accept-Encoding, Authorization x-amz-request-id HCS61B95YQJ8JWM3 access-control-allow-origin * cache-control public, max-age=31536000 x-http2-push pushed accept-ranges bytes content-type application/javascript x-cache-hits 1, 1104
GET H2	200	accountwithtoken Show response kinja.com/api/profile/	197 B 1 KB	106ms 98ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://kinja.com/api/profile/accountwithtoken?jsonp=_fasttoken&newFollows=true Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 66b9c9440bfd07ed6e9bde02120d471b838c7f98925e088e435ff888955fc517 Security Headers Name Value Content-Security-Policy default-src 'self' X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src 'self' content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies master-only x-cache MISS, MISS p3p CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA" x-ua-device desktop x-cdn-fetch mantle-setcookie content-length 195 x-xss-protection 1; mode=block x-served-by cache-bwi5179-BWI, cache-hhn4076-HHN referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-timer S1625414721.665501,VS0,VE91 x-frame-options DENY date Sun, 04 Jul 2021 16:05:20 GMT vary Accept-Encoding,Origin content-type application/javascript; charset=UTF-8 via 1.1 varnish, 1.1 varnish cache-control no-cache, no-store, private accept-ranges bytes x-robots-tag noindex, nofollow x-cache-hits 0, 0
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 09 Jun 2021 17:36:57 GMT server Golfe2 age 1435 date Sun, 04 Jul 2021 15:41:25 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19661 expires Sun, 04 Jul 2021 17:41:25 GMT
GET H2	200	wtbmpagtrs0sjlbtyhly.jpg i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,pg_1,q_80,w_80/	1 KB 2 KB	27ms 8ms	Image image/webp	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,pg_1,q_80,w_80/wtbmpagtrs0sjlbtyhly.jpg Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 416da3bd75697c4e7730e7ab7eab8cee428e63fe06276c2c01a8372987468417 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-meta-cld-original-filename multipartBody25370322244819841asTemporaryFile via 1.1 varnish, 1.1 varnish etag "D8DmiNXELT1B7/qWsNSYJyllSrHUYJGbtu+ko0d1pWw" x-amz-meta-cld-surrogate-reporting width=2448,height=3264 age 3916792 x-amz-meta-cld-version 1610417989 x-cache HIT, HIT fastly-io-info ifsz=1629445 idim=2448x3264 ifmt=jpeg ofsz=1208 odim=80x80 ofmt=webp x-amz-storage-class STANDARD_IA x-amz-meta-cld-surrogate-key 573934444945213227269926494027763284310 fastly-stats io=1 content-length 1208 x-amz-id-2 nsm1vld0k5hvnMpAahy+XHPjpxNuHeWrjQ0MF0Ki5MedbeKJNi1Juh4zOWKE3Vta9D4HpkzYtK4= fastly-io-warning JPEG input may be corrupt x-served-by cache-bwi5179-BWI, cache-hhn4076-HHN x-amz-meta-cld-transformation-id 10000011314925 server AmazonS3 x-timer S1625414721.676483,VS0,VE1 date Sun, 04 Jul 2021 16:05:20 GMT vary Accept x-amz-request-id 8ZYGQYJHZ3DQR6NV access-control-allow-origin * cache-control public, max-age=31536000 x-kinja-qs auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=80&quality=80&width=80 accept-ranges bytes content-type image/webp access-control-allow-headers X-Requested-With x-cache-hits 1, 1
GET DATA	200 OK	truncated /	37 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	17jcxk0ml1k8qpng.png i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,pg_1,q_80,w_80/	412 B 958 B	24ms 7ms	Image image/webp	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,pg_1,q_80,w_80/17jcxk0ml1k8qpng.png Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 856ef0ccaf33cfb72e5af3da8c203b346f18e45cb6def1b457c9a6b86042c1f6 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-meta-cld-original-filename original via 1.1 varnish, 1.1 varnish etag "EcDAdCBp/XHp1DQnlgtpYBQeXUpkRFrqlV6WnFnbZF0" age 2195021 x-amz-meta-cld-version 1391123476 x-cache HIT, HIT fastly-io-info ifsz=787 idim=160x160 ifmt=png ofsz=412 odim=80x80 ofmt=webp fastly-stats io=1 content-length 412 x-amz-id-2 o0jv76hgUj3hBSWUn+flocn+1ouLld54+5Dc+zR8KxlCGJWryuojFBoWVlRNhpy7iKMhtMJodPs= x-served-by cache-bwi5177-BWI, cache-hhn4076-HHN server AmazonS3 x-timer S1625414721.676812,VS0,VE0 date Sun, 04 Jul 2021 16:05:20 GMT vary Accept x-amz-request-id NRWBBF2ZQZFB2997 access-control-allow-origin * cache-control public, max-age=31536000 x-kinja-qs auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80 x-amz-version-id null accept-ranges bytes content-type image/webp access-control-allow-headers X-Requested-With x-cache-hits 1, 4
GET H2	200	runtime~trackers.4d23399ce64861a657d3.js Show response gizmodo.com/x-kinja-static/assets/new-client/	3 KB 1 KB	0ms 0ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/x-kinja-static/assets/new-client/runtime~trackers.4d23399ce64861a657d3.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 159f073ca9a9d774b1cad9f7991e48b1f060f297d4fdcb15b14d4e25edf20a48 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 5143518 via 1.1 varnish, 1.1 varnish x-cache HIT, HIT set-cookie geocc=DE;path=/; x-ua-device desktop x-cdn-fetch mantle-origin-cache content-length 1121 x-amz-id-2 dvwaeMGwgqPa+KiWlLuRWkRMAhk166iSDPpSOtVTkkU+kAEB8XNjsxoT2y3ZHTLN9jXDmDTQEA8= x-served-by cache-hhn4076-HHN, cache-hhn4076-HHN last-modified Wed, 05 May 2021 14:24:02 GMT server AmazonS3 x-timer S1625414721.621987,VS0,VE0 etag "56ca77d3308f23ac30d62030e4ea811a" vary Accept-Encoding, Authorization x-amz-request-id 5DJGCZ1HN47EYD5P access-control-allow-origin * cache-control public, max-age=31536000 x-http2-push pushed accept-ranges bytes content-type application/javascript x-cache-hits 1, 3908
GET H2	200	trackers.68da10be813ad9bd27ca.js Show response gizmodo.com/x-kinja-static/assets/new-client/	41 KB 11 KB	2ms 0ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/x-kinja-static/assets/new-client/trackers.68da10be813ad9bd27ca.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash b052d3cd172a0a54dff9e9a218f60f4ee952b11f12ce39b48f1e25ef3ddb5ab5 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 314595 via 1.1 varnish, 1.1 varnish x-cache HIT, HIT set-cookie geocc=DE;path=/; x-ua-device desktop x-cdn-fetch mantle-origin-cache content-length 11132 x-amz-id-2 Egjy9J2xO325JxptfH5b3i+t0ymF+tnFI6ZLB97uryz/TWq4CEzS28v1Hi0MhM6dc0kPYHdM/Bs= x-served-by cache-hhn4021-HHN, cache-hhn4076-HHN last-modified Wed, 30 Jun 2021 21:03:59 GMT server AmazonS3 x-timer S1625414721.621954,VS0,VE0 etag "eeb4dfd3743704396773e70073cafd5f" vary Accept-Encoding, Authorization x-amz-request-id CYVJ9R3RQYV453GJ access-control-allow-origin * cache-control public, max-age=31536000 x-http2-push pushed accept-ranges bytes content-type application/javascript x-cache-hits 1, 1108
GET H2	200	runtime~permalinkPage.159cf0703ece5b3e2a9f.js Show response x.kinja-static.com/assets/new-client/	12 KB 3 KB	17ms 7ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.159cf0703ece5b3e2a9f.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash bb61d32d0698a00b19f8b8f13122dba23fe87458a991d6bd4524b709d87e8164 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 118 via 1.1 varnish x-cache HIT content-length 3113 x-amz-id-2 1mMWjIVyJQHyIpxErRRpkH1ZNBjk34MLKwZ8HEJEpMY6Avko9KgVijctUHRrKADyY52LPMmFYus= x-served-by cache-hhn4076-HHN last-modified Thu, 01 Jul 2021 14:04:18 GMT server AmazonS3 x-timer S1625414721.670857,VS0,VE0 etag "acdf2f566aae2dc6628cafcaef4f5537" vary Accept-Encoding x-amz-request-id E86TC1BSBRGQQQYB access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 4
GET H2	200	vendors~adEditor~alertsUnsubscribePage~categoryPage~channelSectionPage~commerceDashboard~curatedHome~50ffb65c.70b9ffbba4d80c316a65.js Show response x.kinja-static.com/assets/new-client/	115 KB 32 KB	13ms 8ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~categoryPage~channelSectionPage~commerceDashboard~curatedHome~50ffb65c.70b9ffbba4d80c316a65.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a720edff5fac0933dfb339213c8239f78abfa3cb60c27a9c467704fb5c57aae0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 30 via 1.1 varnish x-cache HIT content-length 32824 x-amz-id-2 5jNkDhHK5Igr/Q8HwqIcJPoBkcAYs3dEPSSoW2a+Om490Fg/hf9RXpAMRm6ZAO7yuyj6f9/jm1w= x-served-by cache-hhn4076-HHN last-modified Wed, 09 Jun 2021 23:52:43 GMT server AmazonS3 x-timer S1625414721.670774,VS0,VE1 etag "fef678a6374a0ed28d669e2f766834fc" vary Accept-Encoding x-amz-request-id GYM2K64MVNY6SPD7 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 1
GET H2	200	vendors~adEditor~alertsUnsubscribePage~categoryPage~channelSectionPage~commerceDashboard~curatedHome~1ac5354a.2c957fe6432030241fe8.js Show response x.kinja-static.com/assets/new-client/	4 KB 2 KB	10ms 7ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~categoryPage~channelSectionPage~commerceDashboard~curatedHome~1ac5354a.2c957fe6432030241fe8.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 7b51faa95ee70a349ed98d8ced047971beedcd1f399814b56aad727cafbfd9ab Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 30 via 1.1 varnish x-cache HIT content-length 1603 x-amz-id-2 rhUbKn18N38QP4V3/lATSTwj+IHiF/vNglZR0UHKVe5Tb5wIjGjAOoKVGCH8FCQu/nWiE/EExyc= x-served-by cache-hhn4076-HHN last-modified Fri, 02 Jul 2021 19:49:39 GMT server AmazonS3 x-timer S1625414721.680836,VS0,VE1 etag "222017b945c4b001032b3b37bdc201fe" vary Accept-Encoding x-amz-request-id 2XSFXW5PHPXZJKV4 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 1
GET H2	200	2.9005b7e616cfcfb5d257.js Show response x.kinja-static.com/assets/new-client/	460 KB 103 KB	8ms 7ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/2.9005b7e616cfcfb5d257.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ba0ed9e6966b1e99ad2d578adca1d0e078442d1c4f13798b4ebf27e9c044b012 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 105 via 1.1 varnish x-cache HIT content-length 104813 x-amz-id-2 rLnnDVxQZgEG1PLEFH8OpYZGT5//jXWsldfZTJxh+XnaaiwVaRcbJdKTc7LOWdPWoOpIP90CWoE= x-served-by cache-hhn4076-HHN last-modified Fri, 02 Jul 2021 19:49:36 GMT server AmazonS3 x-timer S1625414721.681608,VS0,VE0 etag "69f59d11d8294d7592c72d5652da9b06" vary Accept-Encoding x-amz-request-id ZYPAJRM5MDRCYAY5 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 5
GET H2	200	vendors~adEditor~alertsUnsubscribePage~categoryPage~channelSectionPage~commerceDashboard~curatedHome~ab99bc6b.6138242545b584af0026.js Show response x.kinja-static.com/assets/new-client/	12 KB 4 KB	9ms 8ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~categoryPage~channelSectionPage~commerceDashboard~curatedHome~ab99bc6b.6138242545b584af0026.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 384252b374fac81c10e02034d4f461cd448685d101ea996e4394175186605d26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 41 via 1.1 varnish x-cache HIT content-length 4427 x-amz-id-2 u3GAhqlinBlCfSwdu2xMJMvwiV5SsRw+y5HS6/aZ6dZ2pfE3aPVek0/h4kIbk7AmO95loO7Fo6w= x-served-by cache-hhn4076-HHN last-modified Fri, 02 Jul 2021 19:49:39 GMT server AmazonS3 x-timer S1625414721.686884,VS0,VE0 etag "33adf7ca2b66e9e1071daa5a572faf4c" vary Accept-Encoding x-amz-request-id 10VNRZYYGGM5ZDPC access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 2
GET H2	200	vendors~adEditor~alertsUnsubscribePage~categoryPage~channelSectionPage~commerceDashboard~curatedHome~5f7c38a7.141d6a721fb6725bfe3c.js Show response x.kinja-static.com/assets/new-client/	4 KB 2 KB	9ms 8ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~categoryPage~channelSectionPage~commerceDashboard~curatedHome~5f7c38a7.141d6a721fb6725bfe3c.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 758a58b89e148a26143b5d191f2844f1b9ad0c60c7f7803c6a83220b407951e9 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 50 via 1.1 varnish x-cache HIT content-length 1393 x-amz-id-2 TTFJ9lhibwi+MBuPQ/lhrmacl7JCcEMPd/kY3BJ+3HpHzPPC1rXvs7cZCYOJDZMIuSSZkhu/zaE= x-served-by cache-hhn4076-HHN last-modified Thu, 10 Jun 2021 22:38:41 GMT server AmazonS3 x-timer S1625414721.686867,VS0,VE0 etag "87f749d126ade522af386b913e1a831f" vary Accept-Encoding x-amz-request-id ABWEZQYYHHY89R04 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 4
GET H2	200	vendors~adEditor~alertsUnsubscribePage~categoryPage~channelSectionPage~commerceDashboard~curatedHome~3441fe34.f4d2932a9811fdca9673.js Show response x.kinja-static.com/assets/new-client/	61 KB 17 KB	7ms 7ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~categoryPage~channelSectionPage~commerceDashboard~curatedHome~3441fe34.f4d2932a9811fdca9673.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 084c566c3885f65347003362992403a24bce0ae86dcbd7a4ff1746c984bab62f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 120 via 1.1 varnish x-cache HIT content-length 17428 x-amz-id-2 sLcVlYR2Jcf4nm2NkuZ3HqOkpxc8qdaHoz5m+Xo8isukC1SkzcMWDfGSZgG+ABRRQrM+suoRZV0= x-served-by cache-hhn4076-HHN last-modified Wed, 30 Jun 2021 21:04:00 GMT server AmazonS3 x-timer S1625414721.686830,VS0,VE0 etag "2a7b2f38f23a8203ac7e827eb3979cc7" vary Accept-Encoding x-amz-request-id 4AP8PTJH44AMNYDV access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 5
GET H2	200	vendors~adEditor~browser-logs~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~erro~95b460b0.6648ed7b82bdcb5a128b.js Show response x.kinja-static.com/assets/new-client/	18 KB 5 KB	8ms 8ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/vendors~adEditor~browser-logs~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~erro~95b460b0.6648ed7b82bdcb5a128b.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash bf085c3ec47acdc729ec9929e13405f071ce559d6e4bf8aa0cf91d10f4dff396 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 18 via 1.1 varnish x-cache HIT content-length 5350 x-amz-id-2 vk6on8JAZ7jhjH2YtpfCilz81yUWpcDDTZqMx3ftxDO+1uWeUvRxjjdMvM2c5xXG2h3Swo28gPs= x-served-by cache-hhn4076-HHN last-modified Fri, 02 Jul 2021 19:49:39 GMT server AmazonS3 x-timer S1625414721.690364,VS0,VE1 etag "1a5aba4c49a2c47dfa399a4935bed66f" vary Accept-Encoding x-amz-request-id Y9GC6A6GQXWEW06V access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 1
GET H2	200	vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~482673d0.36f2d855df04dd9c69a0.js Show response x.kinja-static.com/assets/new-client/	19 KB 7 KB	10ms 7ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~482673d0.36f2d855df04dd9c69a0.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 35983cd8f6ef4c7cb9989a29f0e9151b5cd81ace67f614dc88cb0797bb1eea32 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 18 via 1.1 varnish x-cache HIT content-length 6584 x-amz-id-2 X1AcG/ddwQ7F5CZzkexaVdsTOw0nAY+IFWJpe+3AtTA1Oon/E1za1rPbvtdTPxYqx/m97TjlGR4= x-served-by cache-hhn4076-HHN last-modified Fri, 02 Jul 2021 19:49:39 GMT server AmazonS3 x-timer S1625414721.695293,VS0,VE1 etag "48442ef6164453c5499708c1bbcdf605" vary Accept-Encoding x-amz-request-id NPEVDX4W86S62KP1 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 1
GET H2	200	vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Show response x.kinja-static.com/assets/new-client/	33 KB 10 KB	8ms 8ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ed5aa31b0451a5a90afef83665c0e879252e8a6bb65a5a90136099090eb35461 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 46 via 1.1 varnish x-cache HIT content-length 10288 x-amz-id-2 T9of8LpGPQmX/m4VxMuQMLNf9pNNxk+X11VpwWPMBxMQ0Q5EABI5x8uSNIqb8eUcqAtqUTAvTzg= x-served-by cache-hhn4076-HHN last-modified Mon, 28 Jun 2021 15:13:41 GMT server AmazonS3 x-timer S1625414721.696246,VS0,VE0 etag "a7a36ebff91cf5629580452a980ef5ab" vary Accept-Encoding x-amz-request-id 320XCKKNKCHXMQMP access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 3
GET H2	200	vendors~categoryPage~curatedHomepage~featuredPermalinkPage~frontPage~permalinkPage~searchPage~slides~a3dad056.5bb5c4a3b9ba74ff4245.js Show response x.kinja-static.com/assets/new-client/	16 KB 5 KB	205ms 204ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/vendors~categoryPage~curatedHomepage~featuredPermalinkPage~frontPage~permalinkPage~searchPage~slides~a3dad056.5bb5c4a3b9ba74ff4245.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash d2f52717ca74c061b11f11909ad05c856289fc3f041cf4b779e65679a117740d Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 0 via 1.1 varnish x-cache HIT content-length 5212 x-amz-id-2 oqhmEiHAtcOSt+cou16g5vtIkAw2I15ca1tbrWMmQ1qnkb1NPD0Ztg3mjtE8OUYUOl6+nK+HJrM= x-served-by cache-hhn4076-HHN last-modified Fri, 02 Jul 2021 19:49:39 GMT server AmazonS3 x-timer S1625414721.696225,VS0,VE197 etag "0fa0f4120b6c65bb6b7c5d37bff1b0ae" vary Accept-Encoding x-amz-request-id NM9P9WGA1T1Y12PD access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 1
GET H2	200	vendors~adEditor~featureSwitchPageClient~featuredPermalinkPage~homepage-edit~permalinkPage~searchPage.62069502ad8fa6aff3c4.js Show response x.kinja-static.com/assets/new-client/	10 KB 4 KB	8ms 8ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/vendors~adEditor~featureSwitchPageClient~featuredPermalinkPage~homepage-edit~permalinkPage~searchPage.62069502ad8fa6aff3c4.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 2b7d70a58e23ecaff3fbcdee5feb40736baa69a3b3119e2d5c80e345c1efaf64 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 50 via 1.1 varnish x-cache HIT content-length 3849 x-amz-id-2 UnjYISpAon2HVB0VjYPDHjjrt/vU9+YqmZOYohHiBFDQmDa6I1s5YOS9GW9GsU+BbsSPHF3umic= x-served-by cache-hhn4076-HHN last-modified Fri, 02 Jul 2021 19:49:39 GMT server AmazonS3 x-timer S1625414721.696216,VS0,VE0 etag "6e35840edcaad80014897e086a0376a2" vary Accept-Encoding x-amz-request-id GDPE4R5AAB18F9JR access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 4
GET H2	200	vendors~featureSwitchPageClient~featuredPermalinkPage~homepage-edit~permalinkPage~searchPage.0d892f78f7fa8f7a2cba.js Show response x.kinja-static.com/assets/new-client/	67 KB 18 KB	7ms 7ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/vendors~featureSwitchPageClient~featuredPermalinkPage~homepage-edit~permalinkPage~searchPage.0d892f78f7fa8f7a2cba.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 6faec095cb69896183eb3a97dba06c30e6ff0f263576ad844c36c879cb74a1fd Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 43 via 1.1 varnish x-cache HIT content-length 17966 x-amz-id-2 Y9JsMxJ485oy8jGF81Msuj0JW3NDui3YY/cbbGtoQ7W4JGVLKjf6vDlAHQcGJhx8pN6qUNsgGeY= x-served-by cache-hhn4076-HHN last-modified Fri, 02 Jul 2021 19:49:39 GMT server AmazonS3 x-timer S1625414721.696316,VS0,VE0 etag "688db4233e21d99535aa7f54840c6d10" vary Accept-Encoding x-amz-request-id AKN25HD6PCE90SHN access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 3
GET H2	200	vendors~featuredPermalinkPage~permalinkPage.5c70e67ac403b6bd5b69.js Show response x.kinja-static.com/assets/new-client/	7 KB 2 KB	7ms 7ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/vendors~featuredPermalinkPage~permalinkPage.5c70e67ac403b6bd5b69.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash dbc971f229e22f15b407018b7a2b0fb075c7951d7007162085e71cb3458c0e97 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 43 via 1.1 varnish x-cache HIT content-length 1731 x-amz-id-2 C8FTZsU1LtjaGTW8ZjUY5xhLIC6qqQiAYW0POm4C/SP1LEV6sZgrt92BAW9geoKMOyk5c5hH+UI= x-served-by cache-hhn4076-HHN last-modified Fri, 02 Jul 2021 19:49:39 GMT server AmazonS3 x-timer S1625414721.698282,VS0,VE0 etag "a9a112174bd6ab2bed374099765f3805" vary Accept-Encoding x-amz-request-id 3W27DDZ0N58FQBZN access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 3
GET H2	200	vendors~permalinkPage.33a102d28f38f3a0db33.js Show response x.kinja-static.com/assets/new-client/	25 KB 7 KB	10ms 8ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/vendors~permalinkPage.33a102d28f38f3a0db33.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash f64cf46d857ce68875d23fd4939c14935b8d46dcb4f3c669084abc6d92dd89f4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 43 via 1.1 varnish x-cache HIT content-length 6491 x-amz-id-2 fzHS6YQfe14JSdk90FUPb6gUYXNGETA6XavZuwBET1HTLa0HDrQP50t3xIMtlzQN4qx/Xh+1f8E= x-served-by cache-hhn4076-HHN last-modified Wed, 09 Jun 2021 23:52:43 GMT server AmazonS3 x-timer S1625414721.705902,VS0,VE0 etag "11170887bdbe18cbb2c6fdfe60db70f5" vary Accept-Encoding x-amz-request-id K6CKH78QMSW4S6A7 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 3
GET H2	200	permalinkPage.5762c09860a88a398d66.js Show response x.kinja-static.com/assets/new-client/	1 MB 181 KB	8ms 7ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/permalinkPage.5762c09860a88a398d66.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 4c23b2e1cc2c87b8448f04b428406013b1eb92f97a527c4e0c47b70e717fb56e Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 118 via 1.1 varnish x-cache HIT content-length 184538 x-amz-id-2 J8w5/N0UHFJ4NYJD7ltHv3oigs09JVQrAPILjvd3anj27qVoHujfXWwXcQ4r0jXaS6+VQuHz9bk= x-served-by cache-hhn4076-HHN last-modified Wed, 30 Jun 2021 21:03:58 GMT server AmazonS3 x-timer S1625414721.705878,VS0,VE0 etag "76a6e5ee00f44a841ef1744a5107a4cc" vary Accept-Encoding x-amz-request-id ANXRANZQZM85W45S access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 4
GET H2	200	b-165eba0-d33cdfb0.js Show response tagan.adlightning.com/gomedia/	68 KB 23 KB	11ms 11ms	Script application/javascript	13.225.87.127 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/gomedia/b-165eba0-d33cdfb0.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.127 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-127.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash e6752c7307f4f3d9e84681023632884d9ee0ebea34414f6dd34224d546e90cef Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 00:09:23 GMT content-encoding gzip age 1698958 x-cache Hit from cloudfront content-length 22724 x-amz-meta-git_commit 165eba0 last-modified Mon, 17 May 2021 19:11:17 GMT server AmazonS3 etag "6bc857b066e82e254e7e05b4e5371d8c" x-amz-version-id g13l3EMtjHIEyToJHgckrLBeb66Tvrah via 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA2-C2 accept-ranges bytes content-type application/javascript x-amz-cf-id EVBVdfldmBNe1bqZiz8kSTOAVas0ssyRoMWZHXpar-2hg1-V7SnKOQ==
GET H2	200	bl-253656f-e21e7c74.js Show response tagan.adlightning.com/gomedia/	44 KB 19 KB	12ms 11ms	Script application/javascript	13.225.87.127 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/gomedia/bl-253656f-e21e7c74.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.127 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-127.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 15fb5722741de1f66378e4668bcb0c3bf51b35c0955d30392fbb77ac2926a158 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 03 Jul 2021 22:27:50 GMT content-encoding gzip age 63450 x-cache Hit from cloudfront content-length 19075 x-amz-meta-git_commit 253656f last-modified Sat, 03 Jul 2021 21:50:19 GMT server AmazonS3 etag "2852113c9bc939b1760a7b1679c3b516" x-amz-version-id DjZ_fVEHDv0jTHkPJlSh50K8YGMPAZ9o via 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA2-C2 accept-ranges bytes content-type application/javascript x-amz-cf-id erWH2hie1CFRfzEULgiIvBfiPhcVAzL7Mo5TmhOsBuVgjNPd6qAeBQ==
POST H2	200	publisher:getClientId Show response ampcid.google.com/v1/	74 B 550 B	35ms 14ms	XHR application/json	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://gizmodo.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 94 x-xss-protection 0
GET H2	200	scroll.js Show response static.scroll.com/js/	17 KB 18 KB	38ms 7ms	Script application/javascript	151.101.114.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.scroll.com/js/scroll.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 01522e70e4807e89bf3303d4f2e01fb141b4ce91dba4023d23794e255028ed9e Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT via 1.1 varnish x-guploader-response-body-transformations gunzipped age 57398 x-guploader-uploadid ADPycdud8ILbAV__uGqp3jFKm0wTWGAJZf3L727eP9r-aTNBdoTlWak6fNvXUQt9QPZvKrL1SDPI_PnsZvrXTt_Px5_MgMpyCA x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip content-length 17845 x-served-by cache-hhn4061-HHN last-modified Thu, 25 Feb 2021 20:29:37 GMT server UploadServer x-timer S1625414721.932038,VS0,VE0 etag W/"334dd94887922f13e29acca6ed203eb7" vary Origin x-goog-hash crc32c=kcQgZA==, md5=M03ZSIeSLxPimsym7SA+tw== x-goog-generation 1614284976930081 expires Fri, 02 Jul 2021 00:08:41 GMT cache-control public, max-age=0, s-maxage=86400 access-control-allow-credentials true x-goog-stored-content-length 6459 accept-ranges bytes content-type application/javascript warning 214 UploadServer gunzipped x-scrolljs 3 x-cache-hits 13683
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	123 KB 33 KB	51ms 33ms	Script application/javascript	13.224.192.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: gizmodo.com URL: https://gizmodo.com/x-kinja-static/assets/new-client/trackers.68da10be813ad9bd27ca.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.192.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-192-34.fra2.r.cloudfront.net Software Server / Resource Hash 0f4b08d07ecca9f8fcaf108ea78bb163fc98cfc19a844bd0f87412ab34a41873 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 15:54:40 GMT content-encoding gzip server Server age 639 etag c457e964d47ff007ca9e04843536c474 x-cache Hit from cloudfront content-type application/javascript via 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront) cache-control public, max-age=900 x-amz-cf-pop FRA2-C1 accept-ranges bytes timing-allow-origin * x-amz-version-id ZuFCHfrmTECGFCQSjXf99pkGgMeeKb9N x-amz-cf-id wTzi14lgFKaE6STuoneSHbLyndtUHT7WSI9quIK15ps2aoRtszIi5g==
GET H2	200	chartbeat.js Show response static.chartbeat.com/js/	36 KB 14 KB	25ms 7ms	Script application/x-javascript	2600:9000:20eb:2c00:18:1fcd:34f:cdc1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:2c00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 15:21:55 GMT content-encoding gzip last-modified Fri, 02 Apr 2021 00:04:46 GMT server nginx age 2605 etag W/"60665f9e-8e96" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript via 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront) cache-control max-age=86400 cross-origin-resource-policy cross-origin x-amz-cf-pop FRA2-C1 x-amz-cf-id cbsxrm_B4eyICF0-ZKXk4JPODNkGP35kUopFC3xCqy5le4mumgiG7Q== expires Mon, 05 Jul 2021 15:21:55 GMT
GET H2	200	tag Show response btloader.com/ Redirect Chain https://kinja-com.videoplayerhub.com/gallery.js https://btloader.com/tag?h=kinja-com&upapi=true	10 KB 5 KB	40ms 24ms	Script application/javascript	2606:4700:20::681a:78b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://btloader.com/tag?h=kinja-com&upapi=true Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9b5473db0e51abf3da61b7537df9dcb6a8758d37438aa247d0aad4bfd51f2b56 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cf-ray 66999836fe73dfbf-FRA date Sun, 04 Jul 2021 16:05:21 GMT via 1.1 google cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} server cloudflare age 537 etag W/"3aaddb6f472770a516deffa11ea5c602" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1gMbsRXZjcPnwfx5iAQVd3Qp6Y%2F8mp56T%2B%2FKfsKHvrpw1hzYnE5fmJC5Y1H2t7fW2fh8jXiSl3d6znSLx4k10ClvwR9DsO80cI7J5JfmelvVXa%2BozEB434Ya%2FGHi7QQv%2FSJyK2I%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=1800, must-revalidate content-encoding br Redirect headers date Sun, 04 Jul 2021 16:05:20 GMT nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rHMiBFnv%2BwKEcjONrRVC9wuVdNhvbfpXhrQfi48eIm9kktmMOGuiDbafBO4XUdNfLPw4BRZjVIK3dcueWwygoesLgYR8ecZ7oSAwxQob%2FLksTNI60g70WTyXVLv4WK%2BEiDIg5M6Cfs7EyHtD%2BFjmGYcy89oh"}],"group":"cf-nel","max_age":604800} location https://btloader.com/tag?h=kinja-com&upapi=true cache-control max-age=3600 cf-ray 66999835ca2f2c19-FRA cf-request-id 0b13dd75a600002c1921a90000000001 expires Sun, 04 Jul 2021 17:05:20 GMT
GET H2	200	connatix.playspace.dc.js Show response cds.connatix.com/p/122361/ Redirect Chain https://cd.connatix.com/connatix.playspace.js https://cds.connatix.com/p/122361/connatix.playspace.dc.js	1 MB 230 KB	19ms 17ms	Script application/javascript	151.101.114.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cds.connatix.com/p/122361/connatix.playspace.dc.js Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c2c16edb4755a68f1060d275b14b4443058465dc6e89b2d977e2dcbde1d371cb Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:21 GMT content-encoding br last-modified Fri, 02 Jul 2021 12:25:07 GMT age 157370 etag "c6b242383a26af942a65c430d4eee630" vary Accept-Encoding content-type application/javascript access-control-allow-origin * access-control-max-age 86400 cache-control public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600 accept-ranges bytes content-length 234989 Redirect headers location https://cds.connatix.com/p/122361/connatix.playspace.dc.js date Sun, 04 Jul 2021 16:05:20 GMT cache-control no-cache, no-store, must-revalidate, max-age=0 age 0 accept-ranges bytes content-length 0 retry-after 0
GET H2	200	beacon.js Show response sb.scorecardresearch.com/	1 KB 2 KB	25ms 7ms	Script application/javascript	13.225.87.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.63 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-63.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 15:55:51 GMT via 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront) etag "1827f116c73f319409b97f10b8a58ade" last-modified Fri, 26 Feb 2021 14:35:05 GMT server AmazonS3 age 570 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop FRA2-C2 accept-ranges bytes content-length 1469 x-amz-cf-id vvAba4m5t7Vu2stLguHMp62ZNHe83taS2XAxGkT8fHl3ubrtWBB-jw==
GET H2	200	publisher_kit.js Show response cdn.britepool.com/	133 KB 43 KB	37ms 9ms	Script text/javascript	13.225.87.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.britepool.com/publisher_kit.js?api_key=6e9e2b90-3709-4afb-a9f8-3586da6c7fb3 Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.59 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-59.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 61ccb8c3252e27a327becaf9318517719a131160e0bc05659b0d2493dc6e9245 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 14:04:59 GMT content-encoding gzip last-modified Wed, 06 Jan 2021 10:34:46 GMT server AmazonS3 age 7226 etag W/"84e9f71335e9b47a7fe8e0e75dd289da" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript via 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront) cache-control max-age=14400, public, immutable x-amz-cf-pop FRA2-C2 x-amz-cf-id 7LOvrga9U6QxIUPJDac7NnvLzCHau5LKHHnbBtqDvmi-2cmByvYQ9Q==
GET H2	200	gomedia_015a5_gizmodo.js Show response cdn-magiclinks.trackonomics.net/client/static/v2/	62 KB 18 KB	36ms 7ms	Script text/javascript	2600:9000:2156:3600:1d:8c8c:47c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn-magiclinks.trackonomics.net/client/static/v2/gomedia_015a5_gizmodo.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:3600:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 / Resource Hash 2c10516232f479379e461973ad0939d2cc28a0772e299d5b4488f5d9ef161a8c Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 03 Jul 2021 19:06:09 GMT content-encoding gzip last-modified Sun, 27 Dec 2020 16:12:14 GMT server Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 age 75551 etag W/"f849-5b7746bb7fa9e" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript access-control-allow-origin * x-amz-cf-pop FRA50-C1 x-amz-cf-id u6yEwDpju02rOmWh3pnB7Hm1qOlrTr2YmOkHhCB2dLyUh_V6VLxO4g== via 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
GET H2	200	/ insight.adsrvr.org/track/evnt/	70 B 261 B	96ms 31ms	Image image/gif	54.77.48.133 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/evnt/?adv=5zq9nmk&ct=0:ngtk7da&fmt=3 Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.77.48.133 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-77-48-133.eu-west-1.compute.amazonaws.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:20 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	200	gizmodo-json-config.fd42dcc3d27c7ce90222.js Show response x.kinja-static.com/assets/new-client/	15 KB 2 KB	8ms 7ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/gizmodo-json-config.fd42dcc3d27c7ce90222.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash eec028f48ef8c9118f653dc6d1c6b818bd0223ff8381589a9739227a84174823 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 82 via 1.1 varnish x-cache HIT content-length 1405 x-amz-id-2 7fDwt+E58YY6wLQuLp06jllJInxLp46IEdoBWFFf0jVZM4YkD9AotxVEtDGUTvgdV1mGWQYeFWM= x-served-by cache-hhn4076-HHN last-modified Wed, 30 Jun 2021 21:03:58 GMT server AmazonS3 x-timer S1625414721.907828,VS0,VE1 etag "b18d467634c0a5812e644a8c8e84cf48" vary Accept-Encoding x-amz-request-id 4P3WHA8Z35RX516Q access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 1
GET H2	200	prebid-js-prod.040e71fc472a18014308.js Show response x.kinja-static.com/assets/new-client/	312 KB 79 KB	8ms 8ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/prebid-js-prod.040e71fc472a18014308.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 8996c0623088931e861a7fd14b483b9888b5017b30564eee6fb7be1f3a9bf295 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding br x-content-type-options nosniff age 30 via 1.1 varnish x-cache HIT content-length 80556 x-amz-id-2 950IKy82SpQiuF/mFBW2B8SSo6z6EmNc2orKjtl3JB9OX6+17YkAi4vsUH9VmfgL1VLccHu5vt4= x-served-by cache-hhn4076-HHN last-modified Thu, 10 Jun 2021 11:03:55 GMT server AmazonS3 x-timer S1625414721.915805,VS0,VE1 etag "1ec64f564ea2c992e19a8eb52d660957" vary Accept-Encoding x-amz-request-id F6VFEEYCC1Y75WF5 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 1
POST H2	200	publisher:getClientId Show response ampcid.google.de/v1/	3 B 479 B	34ms 14ms	XHR application/json	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://gizmodo.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 23 x-xss-protection 0
GET H3-29	200	pubads_impl_2021070101.js Show response securepubads.g.doubleclick.net/gpt/	329 KB 114 KB	29ms 14ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061751 Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software sffe / Resource Hash 0e4f0cc2a47e98ed56d5416afb1177b7337b7dc7cf561d9297854f527a9796d2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 01 Jul 2021 08:37:23 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 117092 x-xss-protection 0 expires Sun, 04 Jul 2021 16:05:20 GMT
GET H3-29	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	82 B 100 B	32ms 17ms	XHR application/json	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gizmodo.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash 4d8282fd559a18295f3994b9d98fbbb20b00c6946b3e1be68cb7920c5686ca5a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 04 Jul 2021 16:05:20 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 75 x-xss-protection 0 expires Sun, 04 Jul 2021 16:05:20 GMT
GET H2	200	native-message Show response sourcepoint.gizmodo.com/wrapper/tcfv2/v1/gdpr/	31 KB 7 KB	22ms 22ms	XHR application/json	13.225.87.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sourcepoint.gizmodo.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=fa1ca45d-7ca3-4fbc-8d3c-6587cfa6b95c&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1195%2C%22requestUUID%22%3A%22fa1ca45d-7ca3-4fbc-8d3c-6587cfa6b95c%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsourcepoint.gizmodo.com%22%2C%22targetingParams%22%3A%22%7B%5C%22type%5C%22%3A%5C%22GDPR%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D Requested by Host: sourcepoint.gizmodo.com URL: https://sourcepoint.gizmodo.com/wrapperMessagingWithoutDetection.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-76.fra2.r.cloudfront.net Software / Express Resource Hash 34c4148af8fe3e5b879a7d2d1576ab09c288e6e48934b1d9190e146a24fd3cbb Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers date Sun, 04 Jul 2021 16:05:21 GMT content-encoding gzip x-amz-cf-pop FRA2-C2 x-powered-by Express vary Accept-Encoding access-control-allow-methods GET, PUT, POST, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://gizmodo.com cache-control no-cache, no-store access-control-allow-credentials true x-cache Miss from cloudfront access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION x-amz-cf-id uFcz4TVwdPipMPhcwj6nSdoBpvXWiCRgULYqaLD1E0sUaeg4W_JCDQ== via 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
OPTIONS H2	200	native-message sourcepoint.gizmodo.com/wrapper/tcfv2/v1/gdpr/ Frame	0 0	31ms 12ms	Preflight text/plain	13.225.87.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sourcepoint.gizmodo.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=fa1ca45d-7ca3-4fbc-8d3c-6587cfa6b95c&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1195%2C%22requestUUID%22%3A%22fa1ca45d-7ca3-4fbc-8d3c-6587cfa6b95c%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsourcepoint.gizmodo.com%22%2C%22targetingParams%22%3A%22%7B%5C%22type%5C%22%3A%5C%22GDPR%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D Protocol H2 Server 13.225.87.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-76.fra2.r.cloudfront.net Software / Express Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://gizmodo.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers content-type text/plain; charset=utf-8 content-length 2 date Sun, 04 Jul 2021 16:05:20 GMT x-powered-by Express access-control-allow-origin https://gizmodo.com access-control-allow-credentials true access-control-allow-headers Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION access-control-allow-methods GET, PUT, POST, DELETE cache-control no-cache, no-store vary Accept-Encoding x-cache Miss from cloudfront via 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-cf-id Y3HmrVdzs0bjaj_LT4cLLXH0ZnkF4B7QU4BI0R9c1Tx9AQUeW6dMow==
GET H2	200	sync Show response gum.criteo.com/	53 B 366 B	45ms 15ms	Script text/javascript	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sync?r=2&c=321&j=window.advBidxc.crt&gdpr=1&gdpr_consent=&us_privacy=&gdpr_pd=0 Requested by Host: hbx.media.net URL: https://hbx.media.net/bidexchange.js?cid=8CUL2TG3D&version=5.1&dn=gizmodo.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash d236e1af7b71e2ccd2d2fab9d9ba66893d95c884663688306742f8934aec7594 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip date Sun, 04 Jul 2021 16:05:20 GMT vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control private, max-age=3600 server-processing-duration-in-ticks 1648 content-length 169 expires 60
GET		ADTECH;v=2;cmd=bid;cors=yes;alias=19cdd6dc0206b2;misc=1625414721019;gdpr=1; adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/5204333/0/0/	0 0
GET		ADTECH;v=2;cmd=bid;cors=yes;alias=2d0e64c4269f09;misc=1625414721032;gdpr=1; adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/5204322/0/0/	0 0
GET		ADTECH;v=2;cmd=bid;cors=yes;alias=3b78319a1d034f;misc=1625414721033;gdpr=1; adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/5204319/0/0/	0 0
POST H/1.1	200 OK	/ Show response colossusssp.com/	2 B 238 B	358ms 88ms	XHR application/json	88.214.207.207 NATCOWEB
General Check archive.org Show headers Download Go to Full URL https://colossusssp.com/?c=o&m=multi Requested by Host: hbx.media.net URL: https://hbx.media.net/bidexchange.js?cid=8CUL2TG3D&version=5.1&dn=gizmodo.com Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 88.214.207.207 , United Kingdom, ASN46636 (NATCOWEB, US), Reverse DNS Software nginx / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin https://gizmodo.com Date Sun, 04 Jul 2021 16:05:26 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Content-Length 2 Content-Type application/json
GET		ADTECH;v=2;cmd=bid;cors=yes;alias=4eeff783b55cad;misc=1625414721039;gdpr=1; adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/5204333/0/0/	0 0
GET		ADTECH;v=2;cmd=bid;cors=yes;alias=5a9cd7e83bf667;misc=1625414721042;gdpr=1; adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/5204322/0/0/	0 0
GET		ADTECH;v=2;cmd=bid;cors=yes;alias=67dfd3a5dc289d;misc=1625414721044;gdpr=1; adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/5204319/0/0/	0 0
POST H/1.1	200 OK	/ Show response colossusssp.com/	2 B 238 B	352ms 89ms	XHR application/json	88.214.207.207 NATCOWEB
General Check archive.org Show headers Download Go to Full URL https://colossusssp.com/?c=o&m=multi Requested by Host: hbx.media.net URL: https://hbx.media.net/bidexchange.js?cid=8CUL2TG3D&version=5.1&dn=gizmodo.com Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 88.214.207.207 , United Kingdom, ASN46636 (NATCOWEB, US), Reverse DNS Software nginx / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin https://gizmodo.com Date Sun, 04 Jul 2021 16:05:26 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Content-Length 2 Content-Type application/json
GET H/1.1	200 OK	hms.gif sync.colossusssp.com/ Redirect Chain https://colossusssp.com/?c=o&m=cookie https://sync.colossusssp.com/hms.gif?puid=d4cc84d592e096e864209b85d4f00b54df3f5d66	42 B 648 B	283ms 101ms	Image image/gif	88.214.193.99 NATCOWEB
General Check archive.org Show headers Download Go to Show image Full URL https://sync.colossusssp.com/hms.gif?puid=d4cc84d592e096e864209b85d4f00b54df3f5d66 Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 88.214.193.99 , United Kingdom, ASN46636 (NATCOWEB, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sun, 04 Jul 2021 16:05:21 GMT Server nginx Strict-Transport-Security max-age=63072000; includeSubdomains; preload Content-Type image/gif Cache-Control no-cache, no-store, must-revalidate Transfer-Encoding chunked Connection keep-alive Expires 0 Redirect headers Location https://sync.colossusssp.com/hms.gif?puid=d4cc84d592e096e864209b85d4f00b54df3f5d66 Date Sun, 04 Jul 2021 16:05:26 GMT Server nginx Connection keep-alive Content-Length 0
POST H3-29	200	collect Show response www.google-analytics.com/j/	4 B 24 B	13ms 13ms	XHR text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1978864785&t=pageview&_s=1&dl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&ul=en-us&de=UTF-8&dt=A%20Large%20Ransomware%20Attack%20May%20Have%20Ensnared%20Upwards%20of%20200%20Companies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABFAQCAC~&jid=293484072&gjid=1905253161&cid=1128206324.1625414721&tid=UA-142218-3&_gid=2117876764.1625414721&_r=1&_slc=1&cd34=Tech&cd35=Privacy%20and%20Security&cd36=none&cd38=computer&cd39=none&cd40=-2&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=1847222405&cd75=Logged%20out&cd76=none&cd78=standard&cd80=2021-07-03&cd82=A%20Large%20Ransomware%20Attack%20Has%20Ensnared%20Hundreds%20of%20Companies%20%5BUpdate%3A%20Make%20That%201%2C000%2B%20Companies%5D&cd83=article&cd94=ransomware&cd97=943&cd99=Lucas%20Ropek&cd101=gizmodo&cd103=ransomware%2Cvladimirputin%2Chuntress%2Chackergroups%2Cjohnhammond%2Cpatch%2Cacer%2Cbleepingcomputer%2Cvisma%2Cmanagedservices%2Carticles%2Ckaseya%2Ccybercrime%2Csecuritybreaches%2Ccybersecurityandinfrastructuresecurityagency%2Cjbs%2Crevil%2Ccoop%2Ccrime%2Csecurity%2Cfredvoccola%2Ccomputersecurity&cd105=Gizmodo&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=800%20-%201000&cd117=none&cd123=scroll&cd124=none&cd126=adblock%20off&cd130=fordmachequarantine&cd131=article&z=2026793433 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:21 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://gizmodo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-29	200	collect Show response www.google-analytics.com/j/	4 B 24 B	13ms 13ms	XHR text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1978864785&t=pageview&_s=1&dl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&ul=en-us&de=UTF-8&dt=A%20Large%20Ransomware%20Attack%20May%20Have%20Ensnared%20Upwards%20of%20200%20Companies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABFAQCAC~&jid=49283555&gjid=1753543868&cid=1128206324.1625414721&tid=UA-142218-33&_gid=2117876764.1625414721&_r=1&_slc=1&cd34=Tech&cd35=Privacy%20and%20Security&cd36=none&cd38=computer&cd39=none&cd40=-2&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=1847222405&cd75=Logged%20out&cd76=none&cd78=standard&cd80=2021-07-03&cd82=A%20Large%20Ransomware%20Attack%20Has%20Ensnared%20Hundreds%20of%20Companies%20%5BUpdate%3A%20Make%20That%201%2C000%2B%20Companies%5D&cd83=article&cd94=ransomware&cd97=943&cd99=Lucas%20Ropek&cd101=gizmodo&cd103=ransomware%2Cvladimirputin%2Chuntress%2Chackergroups%2Cjohnhammond%2Cpatch%2Cacer%2Cbleepingcomputer%2Cvisma%2Cmanagedservices%2Carticles%2Ckaseya%2Ccybercrime%2Csecuritybreaches%2Ccybersecurityandinfrastructuresecurityagency%2Cjbs%2Crevil%2Ccoop%2Ccrime%2Csecurity%2Cfredvoccola%2Ccomputersecurity&cd105=Gizmodo&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=800%20-%201000&cd117=none&cd123=scroll&cd124=none&cd126=adblock%20off&cd130=fordmachequarantine&cd131=article&z=1296464974 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:21 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://gizmodo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	identity Show response api.rlcdn.com/api/	0 244 B	34ms 15ms	XHR text/plain	34.120.133.55 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.rlcdn.com/api/identity?pid=2&rt=envelope&cv=CPIyjCbPIyjCbAGABCENBhCgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&ct=4 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 55.133.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Sun, 04 Jul 2021 16:05:21 GMT via 1.1 google access-control-allow-headers Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With access-control-allow-methods GET, OPTIONS access-control-allow-origin https://gizmodo.com cache-control no-cache, no-store access-control-allow-credentials true timing-allow-origin * alt-svc clear
GET H/1.1	200 OK	any Show response idx.liadm.com/idex/ie/	206 B 683 B	421ms 104ms	XHR application/json	54.145.36.237 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://idx.liadm.com/idex/ie/any Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.145.36.237 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash fa3b848776f0068c6a5b02a6f06bc094e6752193db0b03f3ea1aaf9fe5d8b37b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Sun, 04 Jul 2021 16:05:21 GMT Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type application/json Access-Control-Allow-Origin https://gizmodo.com Access-Control-Allow-Credentials true Connection keep-alive trace-id 21138a9b97d1795b Content-Length 206
GET H2	200	rid Show response match.adsrvr.org/track/	63 B 387 B	98ms 31ms	XHR application/json	13.248.242.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183957&gdpr=1&gdpr_consent=CPIyjCbPIyjCbAGABCENBhCgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.248.242.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a97adde81b00f2ca4.awsglobalaccelerator.com Software / Resource Hash 1e63547c7576be45235d317e6433a2e18280a64bce1309ed3b74374e200b728d Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Sun, 04 Jul 2021 16:05:21 GMT x-aspnet-version 4.0.30319 vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://gizmodo.com cache-control private access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept content-length 63 expires Tue, 03 Aug 2021 16:05:21 GMT
GET H2	200	rtbsspub cdn-geuw1-xch.media.net/AdExchange/	66 KB 4 KB	67ms 29ms	EventSource text/event-stream	23.62.140.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn-geuw1-xch.media.net/AdExchange/rtbsspub?&prvReqId=88703200763560901625414721034&gdpr=1&gdprconsent=1&cid=8CUL2TG3D&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=223272391*23%7C300x250%7C1722916%7C18816282%7C%7C%7C1%40223272391*29%7C300x250%7C12156%7C317126_1626194_15%7C%7C%7C1%40223272391*51%7C300x250%7C1703006%7C18682188%7C0.43%7C%7C1%40223272391*106%7C300x250%7C541006788%7C541006803%7C%7C%7C1%40223272391*145%7C300x250%7C100600%7C18682188%7C0.4%7C%7C1%40223272391*175%7C300x250%7C8CUL2TG3D%7C223272391_8CUL2TG3D%7C0.43%7C%7C1%40223272391*201%7C300x250%7C8CUL2TG3D%7C223272391_8CUL2TG3D%7C0.37%7C%7C1%40223272391*222%7C300x250%7C8CUL2TG3D%7C223272391_8CUL2TG3D%7C0.37%7C%7C1%40223272391*228%7C300x250%7C8CUL2TG3D%7C223272391_8CUL2TG3D%7C%7C%7C1%40223272391*246%7C300x250%7C8CUL2TG3D%7C223272391_8CUL2TG3D%7C%7C%7C1%40223272391*251%7C300x250%7C8CUL2TG3D%7C223272391_8CUL2TG3D%7C%7C%7C1%40223272391*273%7C300x250%7C8CUL2TG3D%7C223272391_8CUL2TG3D%7C%7C%7C1%40283886783*23%7C970x90~728x90~970x250%7C1722916%7C18816271~18816271~18816271%7C%7C%7C1%40283886783*29%7C970x250~728x90~970x90%7C12156%7C317126_1626162_45~317126_1626162_2~317126_1626162_57%7C%7C%7C1%40283886783*51%7C728x90~970x90~970x250%7C1703006%7C18682195~18682195~18682195%7C0.43%7C%7C1%40283886783*106%7C970x90~728x90~970x250%7C541006788%7C541006797~541006797~541006797%7C%7C%7C1%40283886783*145%7C728x90~970x90~970x250%7C100600%7C499199~499199~499199%7C0.4%7C%7C1%40283886783*175%7C970x250~970x90~728x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C0.43%7C%7C1%40283886783*201%7C728x90~970x90~970x250%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C0.37%7C%7C1%40283886783*203%7C970x250~970x90~728x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C0.27%7C%7C1%40283886783*222%7C970x250~728x90~970x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C0.37%7C%7C1%40283886783*228%7C728x90~970x90~970x250%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C%7C%7C1%40283886783*236%7C970x90~728x90~970x250%7C159463%7C2927740_715385~2927740_715385~2927740_715385%7C0.33%7C%7C1%40283886783*246%7C728x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D%7C%7C%7C1%40283886783*251%7C970x250~970x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C%7C%7C1%40283886783*273%7C728x90~970x90~970x250%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C%7C%7C1%40395631964*23%7C300x250%7C1722916%7C18816267%7C%7C%7C1%40395631964*29%7C300x250%7C12156%7C317126_1626150_15%7C%7C%7C1%40395631964*51%7C300x250%7C1703006%7C18682192%7C0.43%7C%7C1%40395631964*106%7C300x250%7C541006788%7C541006794%7C%7C%7C1%40395631964*145%7C300x250%7C100600%7C499196%7C0.4%7C%7C1%40395631964*175%7C300x250%7C8CUL2TG3D%7C395631964_8CUL2TG3D%7C0.43%7C%7C1%40395631964*201%7C300x250%7C8CUL2TG3D%7C395631964_8CUL2TG3D%7C0.37%7C%7C1%40395631964*203%7C300x250%7C8CUL2TG3D%7C395631964_8CUL2TG3D%7C0.27%7C%7C1%40395631964*222%7C300x250%7C8CUL2TG3D%7C395631964_8CUL2TG3D%7C0.37%7C%7C1%40395631964*228%7C300x250%7C8CUL2TG3D%7C395631964_8CUL2TG3D%7C%7C%7C1%40395631964*236%7C300x250%7C159463%7C2927740_715385%7C0.33%7C%7C1%40395631964*246%7C300x250%7C8CUL2TG3D%7C395631964_8CUL2TG3D%7C%7C%7C1%40395631964*251%7C300x250%7C8CUL2TG3D%7C395631964_8CUL2TG3D%7C%7C%7C1%40395631964*273%7C300x250%7C8CUL2TG3D%7C395631964_8CUL2TG3D%7C%7C%7C1%40737331266*23%7C300x250~300x600%7C1722916%7C18816273~18816273%7C%7C%7C1%40737331266*29%7C300x600~300x250%7C12156%7C317126_1626166_10~317126_1626166_15%7C%7C%7C1%40737331266*51%7C300x250~300x600%7C1703006%7C18682197~18682197%7C0.43%7C%7C1%40737331266*106%7C300x250~300x600%7C541006788%7C541006800~541006800%7C%7C%7C1%40737331266*145%7C300x600~300x250%7C100600%7C499201~499201%7C0.4%7C%7C1%40737331266*175%7C300x250~300x600%7C8CUL2TG3D%7C737331266_8CUL2TG3D~737331266_8CUL2TG3D%7C0.43%7C%7C1%40737331266*201%7C300x600~300x250%7C8CUL2TG3D%7C737331266_8CUL2TG3D~737331266_8CUL2TG3D%7C0.37%7C%7C1%40737331266*203%7C300x250~300x600%7C8CUL2TG3D%7C737331266_8CUL2TG3D~737331266_8CUL2TG3D%7C0.27%7C%7C1%40737331266*222%7C300x250~300x600%7C8CUL2TG3D%7C737331266_8CUL2TG3D~737331266_8CUL2TG3D%7C0.37%7C%7C1%40737331266*228%7C300x600~300x250%7C8CUL2TG3D%7C737331266_8CUL2TG3D~737331266_8CUL2TG3D%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.19348877328546665&tscode=1&crid=223272391%2C283886783%2C395631964%2C737331266&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fgizmodo.com&https=1&requrl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=7656&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&encryptionVersion=0.0&switch=1 Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-62-140-165.deploy.static.akamaitechnologies.com Software / Resource Hash 6188a6e9a09012c71f01ac4dec6f1ce44e1ce3d8ec29695059b5e40528bb50cf Request headers Accept text/event-stream Cache-Control no-cache Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:21 GMT content-encoding gzip vary accept-encoding content-type text/event-stream;charset=UTF-8 access-control-allow-origin https://gizmodo.com cache-control max-age=0, no-cache, no-store access-control-allow-credentials true timing-allow-origin *, * expires Sun, 04 Jul 2021 16:05:21 GMT
GET H2	200	rtbsspub cdn-geuw1-xch.media.net/AdExchange/	5 KB 1 KB	67ms 29ms	EventSource text/event-stream	23.62.140.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn-geuw1-xch.media.net/AdExchange/rtbsspub?&prvReqId=65359508264414321625414721037&gdpr=1&gdprconsent=1&cid=8CUL2TG3D&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=737331266*236%7C300x250~300x600%7C159463%7C2927740_715385~2927740_715385%7C0.33%7C%7C1%40737331266*246%7C300x600%7C8CUL2TG3D%7C737331266_8CUL2TG3D%7C%7C%7C1%40737331266*251%7C300x250~300x600%7C8CUL2TG3D%7C737331266_8CUL2TG3D~737331266_8CUL2TG3D%7C%7C%7C1%40737331266*273%7C300x250~300x600%7C8CUL2TG3D%7C737331266_8CUL2TG3D~737331266_8CUL2TG3D%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.16247076792908044&tscode=1&crid=737331266&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fgizmodo.com&https=1&requrl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=7656&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&encryptionVersion=0.0 Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-62-140-165.deploy.static.akamaitechnologies.com Software / Resource Hash 65629cdcf0468a47c36a6661f03ee9315ca9e1ef37ddff79bd692bc5dbff1250 Request headers Accept text/event-stream Cache-Control no-cache Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:21 GMT content-encoding gzip vary accept-encoding content-type text/event-stream;charset=UTF-8 access-control-allow-origin https://gizmodo.com cache-control max-age=0, no-cache, no-store access-control-allow-credentials true timing-allow-origin *, * expires Sun, 04 Jul 2021 16:05:21 GMT
GET H2	200	rtbsspub cdn-geuw1-xch.media.net/AdExchange/	36 KB 3 KB	74ms 36ms	EventSource text/event-stream	23.62.140.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn-geuw1-xch.media.net/AdExchange/rtbsspub?&prvReqId=75852367745374151625414721045&gdpr=1&gdprconsent=1&cid=8CUL2TG3D&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=223272391*23%7C300x250%7C1722916%7C18816282%7C%7C%7C1%40223272391*29%7C300x250%7C12156%7C317126_1626194_15%7C%7C%7C1%40223272391*51%7C300x250%7C1703006%7C18682188%7C0.43%7C%7C1%40223272391*106%7C300x250%7C541006788%7C541006803%7C%7C%7C1%40223272391*222%7C300x250%7C8CUL2TG3D%7C223272391_8CUL2TG3D%7C0.37%7C%7C1%40223272391*251%7C300x250%7C8CUL2TG3D%7C223272391_8CUL2TG3D%7C%7C%7C1%40283886783*23%7C970x90~728x90~970x250%7C1722916%7C18816271~18816271~18816271%7C%7C%7C1%40283886783*29%7C970x250~728x90~970x90%7C12156%7C317126_1626162_45~317126_1626162_2~317126_1626162_57%7C%7C%7C1%40283886783*51%7C728x90~970x90~970x250%7C1703006%7C18682195~18682195~18682195%7C0.43%7C%7C1%40283886783*106%7C970x90~728x90~970x250%7C541006788%7C541006797~541006797~541006797%7C%7C%7C1%40283886783*222%7C970x250~728x90~970x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C0.37%7C%7C1%40283886783*236%7C970x90~728x90~970x250%7C159463%7C2927740_715385~2927740_715385~2927740_715385%7C0.33%7C%7C1%40283886783*251%7C970x250~970x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C%7C%7C1%40395631964*23%7C300x250%7C1722916%7C18816267%7C%7C%7C1%40395631964*29%7C300x250%7C12156%7C317126_1626150_15%7C%7C%7C1%40395631964*51%7C300x250%7C1703006%7C18682192%7C0.43%7C%7C1%40395631964*106%7C300x250%7C541006788%7C541006794%7C%7C%7C1%40395631964*222%7C300x250%7C8CUL2TG3D%7C395631964_8CUL2TG3D%7C0.37%7C%7C1%40395631964*236%7C300x250%7C159463%7C2927740_715385%7C0.33%7C%7C1%40395631964*251%7C300x250%7C8CUL2TG3D%7C395631964_8CUL2TG3D%7C%7C%7C1%40737331266*23%7C300x250~300x600%7C1722916%7C18816273~18816273%7C%7C%7C1%40737331266*29%7C300x600~300x250%7C12156%7C317126_1626166_10~317126_1626166_15%7C%7C%7C1%40737331266*51%7C300x250~300x600%7C1703006%7C18682197~18682197%7C0.43%7C%7C1%40737331266*106%7C300x250~300x600%7C541006788%7C541006800~541006800%7C%7C%7C1%40737331266*222%7C300x250~300x600%7C8CUL2TG3D%7C737331266_8CUL2TG3D~737331266_8CUL2TG3D%7C0.37%7C%7C1%40737331266*236%7C300x250~300x600%7C159463%7C2927740_715385~2927740_715385%7C0.33%7C%7C1%40737331266*251%7C300x250~300x600%7C8CUL2TG3D%7C737331266_8CUL2TG3D~737331266_8CUL2TG3D%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.5809870668817019&tscode=1&crid=223272391%2C283886783%2C395631964%2C737331266&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fgizmodo.com&https=1&requrl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=7656&act=cache&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&encryptionVersion=0.0&switch=1 Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-62-140-165.deploy.static.akamaitechnologies.com Software / Resource Hash c0bdbf19b853598897c16c2b8d6eaca729c0bf0e479944006f481ca77f263f50 Request headers Accept text/event-stream Cache-Control no-cache Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:21 GMT content-encoding gzip vary accept-encoding content-type text/event-stream;charset=UTF-8 access-control-allow-origin https://gizmodo.com cache-control max-age=0, no-cache, no-store access-control-allow-credentials true timing-allow-origin *, * expires Sun, 04 Jul 2021 16:05:21 GMT
GET H2	200	4 Show response gizmodo.com/api/profile/blog/	4 KB 2 KB	8ms 7ms	Fetch application/json	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/api/profile/blog/4 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/permalinkPage.5762c09860a88a398d66.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash bc0e75c18a59a51020c8359ffd0756c21d9b5c36454e5208e8acfd902b6e8caa Security Headers Name Value Content-Security-Policy default-src 'self' X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /api/profile/blog/4 pragma no-cache cookie geocc=DE; KinjaBucket=8; KinjaSetBucket=8|1625414700|wOvLhrGhx32371sMAKDR1JBO88OdYcxEr7D3dTnM+l4=; lux_uid=162541472092268238; mnet_session_depth=1%7C1625414720994; AMP_TOKEN=%24NOT_FOUND; _ga=GA1.2.1128206324.1625414721; _gid=GA1.2.2117876764.1625414721; _gat_unique=1; _gat=1; _sp_v1_uid=1:571:af3773d6-a779-4fd6-a76f-f2e8dab32d97; _sp_v1_data=2:257192:1625414721:0:1:0:1:0:0:_:-1; _sp_v1_ss=1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlXTgyqKRGXkghkFtLC59OCWUYgEO1mB4eQAAAA%3D%3D; _sp_v1_opt=1:; _sp_v1_consent=1!0:-1:-1:-1:-1:-1; _sp_v1_csv=null; _sp_v1_lt=1:; consentUUID=a25d85a5-1b93-4231-9538-5336ff0ace5d; dd_rum_test=test; _dd_r=0 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority gizmodo.com referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 :scheme https sec-fetch-site same-origin :method GET Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src 'self' content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies master-only age 3 x-cache HIT, HIT x-ua-device desktop x-kinja kinja-profile-kube02-6d5ddffd46-f97r8 #162 x-cdn-fetch mantle-origin-cache content-length 1644 x-xss-protection 1; mode=block x-served-by cache-bwi5134-BWI, cache-hhn4076-HHN referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-timer S1625414721.474439,VS0,VE1 x-frame-options DENY date Sun, 04 Jul 2021 16:05:21 GMT vary Accept-Encoding,Origin, Authorization, Cookie content-type application/json via 1.1 varnish, 1.1 varnish accept-ranges bytes x-robots-tag noindex, nofollow x-cache-hits 1, 1
GET H2	200	vendors~channelSectionPage~curatedHomepage~outstreamNativeView~second-scroll-video-ads~video-player-~ca09331c.e32802fce5f6ade16796.js Show response x.kinja-static.com/assets/new-client/	2 KB 1 KB	7ms 7ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/vendors~channelSectionPage~curatedHomepage~outstreamNativeView~second-scroll-video-ads~video-player-~ca09331c.e32802fce5f6ade16796.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 416ac2872ec73b56c2320dd4558d6b233634cf16ad30504eaab96458e4fea147 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:21 GMT content-encoding br x-content-type-options nosniff age 89 via 1.1 varnish x-cache HIT content-length 1063 x-amz-id-2 s3A7fDouWBvlbyGXck0k9UtpnNCa1MRZN90QnbprW+7fkEn9a599YxVzPxkD4rRfh0DtUbghw3A= x-served-by cache-hhn4076-HHN last-modified Fri, 02 Jul 2021 19:49:39 GMT server AmazonS3 x-timer S1625414721.484259,VS0,VE0 etag "dad0da665562f35dd43f7301ccbd16e6" vary Accept-Encoding x-amz-request-id 79DQATCVVR13G805 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 3
GET H2	200	outstreamNativeView~second-scroll-video-ads~videojsIframe.af75456ab16437daafd9.js Show response x.kinja-static.com/assets/new-client/	64 KB 6 KB	7ms 7ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/outstreamNativeView~second-scroll-video-ads~videojsIframe.af75456ab16437daafd9.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash d7e1e0bd4abb142bf32ccdcd8b835242d6e32ae35b6063cfb0d7f30212b26605 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:21 GMT content-encoding br x-content-type-options nosniff age 89 via 1.1 varnish x-cache HIT content-length 6334 x-amz-id-2 8p9ZFVEdoXxjVw5WeFCwZOs4iVd6EST5/VOqrzKN/UHYRiJBgQshU/vUWT/uNZ0ajgQcWf62X8A= x-served-by cache-hhn4076-HHN last-modified Fri, 02 Jul 2021 19:49:38 GMT server AmazonS3 x-timer S1625414721.484440,VS0,VE0 etag "eccb331684ff2115befd1fa0b9443a83" vary Accept-Encoding x-amz-request-id Z0Z12Y51YMN6NR8R access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 3
GET H2	200	outstreamNativeView.ffe8a6ee30436a757c1b.js Show response x.kinja-static.com/assets/new-client/	19 KB 5 KB	8ms 7ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/outstreamNativeView.ffe8a6ee30436a757c1b.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash c8c255d27b1f803dee9f4f0af977ac610aece92d81697641f196b9d1beb08b48 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:21 GMT content-encoding br x-content-type-options nosniff age 61 via 1.1 varnish x-cache HIT content-length 5361 x-amz-id-2 w5/WqiJY9Dvcd9OKvmGKBvjkvJTcfBo4L/+cgPRH77Vqa2Myt3f97KEc0Sdm5TKQOTPWlyEwzeg= x-served-by cache-hhn4076-HHN last-modified Wed, 30 Jun 2021 21:03:58 GMT server AmazonS3 x-timer S1625414721.484486,VS0,VE0 etag "80e9032790d49a27bcecafd90a063a3e" vary Accept-Encoding x-amz-request-id YF94HZB9AN94NFPX access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 3
GET H2	200	save-badge.9631b72dca59856c3484.js Show response x.kinja-static.com/assets/new-client/	4 KB 1 KB	14ms 13ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/save-badge.9631b72dca59856c3484.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 4dafece0ff5f9f1f3cfad04c08d90eed260b090f107473d4c12761b040abc779 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:21 GMT content-encoding br x-content-type-options nosniff age 106 via 1.1 varnish x-cache HIT content-length 1184 x-amz-id-2 o+wbm93Wyl170KEfd4z9NZv096zo5BNwwDJXEOAx2u+Q69gQ9hwiN8xYM/vKGZM3ilsFrW7dQkE= x-served-by cache-hhn4076-HHN last-modified Wed, 30 Jun 2021 21:03:59 GMT server AmazonS3 x-timer S1625414722.503400,VS0,VE0 etag "5c1101266d5a93302faa0c17c34f0d0f" vary Accept-Encoding x-amz-request-id J76P8AFSHNTA4END access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 4
GET H2	200	proxima_nova_cond_xbold-webfont.woff2 f.kinja-static.com/assets/fonts/proxima/	21 KB 21 KB	17ms 17ms	Font binary/octet-stream	151.101.66.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_xbold-webfont.woff2?01182018 Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 3de3ab42af301c6975843de885deabba4fff09aabc0cb8b08a77c922d0db6f19 Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin https://gizmodo.com Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:21 GMT via 1.1 varnish x-content-type-options nosniff age 13 x-cache HIT content-length 21076 x-amz-id-2 JqivUMuxiRvia/HPYH6KDet9PgheQE+5mWyYh2umAYRlDN0P1ZZoJahrT+16gnvycrBwKx2bwFc= x-served-by cache-hhn4026-HHN last-modified Wed, 09 Jun 2021 23:52:11 GMT server AmazonS3 x-timer S1625414722.506003,VS0,VE1 etag "921cb192ad7dbac181fe2676a66a8983" x-amz-request-id JT0ATJ212ZBWHPA0 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type binary/octet-stream x-cache-hits 1
POST H2	200	event.js gizmodo.com/api/kala/t/	159 B 805 B	98ms 98ms	Ping application/json	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/api/kala/t/event.js?e=eyJibG9nSWQiOiI0IiwiY29udGV4dElkIjoiMTg0NzIyMjQwNSIsInRhcmdldElkIjoiMTg0NzIyMjQwNSIsImNvbnRleHRUeXBlIjoiUEVSTUFMSU5LIiwiZXZlbnRUeXBlIjoiUEVSTUFMSU5LX1ZJRVciLCJ0YXJnZXRUeXBlIjoiUE9TVCIsImV2ZW50QXR0cmlidXRlcyI6eyJibG9nTmFtZSI6Imdpem1vZG8uY29tIiwiaXNMb2dnZWRJbiI6MCwiYXV0aG9ySWQiOiI1ODc2MjM3MjQ5MjM5ODYzMDEyIiwidW5pcXVlIjp0cnVlfSwiZXZlbnRBdHRyaWJ1dGVzRXh0ZW5kZWQiOnsicmVzcG9uc2l2ZVZlcnNpb24iOiIxMzY0KyIsImRldmljZUNhdGVnb3J5IjoiZGVza3RvcCIsImFkQmxvY2siOiJhZGJsb2NrIG9mZiIsInNjcm9sbFBvc2l0aW9uIjowLCJ0YWdzIjpbInJhbnNvbXdhcmUiLCJ2bGFkaW1pcnB1dGluIiwiaHVudHJlc3MiLCJoYWNrZXJncm91cHMiLCJqb2huaGFtbW9uZCIsInBhdGNoIiwiYWNlciIsImJsZWVwaW5nY29tcHV0ZXIiLCJ2aXNtYSIsIm1hbmFnZWRzZXJ2aWNlcyIsImFydGljbGVzIiwia2FzZXlhIiwiY3liZXJjcmltZSIsInNlY3VyaXR5YnJlYWNoZXMiLCJjeWJlcnNlY3VyaXR5YW5kaW5mcmFzdHJ1Y3R1cmVzZWN1cml0eWFnZW5jeSIsImpicyIsInJldmlsIiwiY29vcCIsImNyaW1lIiwic2VjdXJpdHkiLCJmcmVkdm9jY29sYSIsImNvbXB1dGVyc2VjdXJpdHkiXSwicmVjaXJjR3JvdXAiOiJmbWdOb25TYXRpcmUifX0=&cb=569 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/permalinkPage.5762c09860a88a398d66.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0d7ebb3063dd05edc679055d42831b18262a3771fbd29205dc99f1bb13d1b68c Security Headers Name Value Content-Security-Policy default-src 'self' X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-fetch-mode no-cors origin https://gizmodo.com accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest empty cookie geocc=DE; KinjaBucket=8; KinjaSetBucket=8|1625414700|wOvLhrGhx32371sMAKDR1JBO88OdYcxEr7D3dTnM+l4=; lux_uid=162541472092268238; mnet_session_depth=1%7C1625414720994; AMP_TOKEN=%24NOT_FOUND; _ga=GA1.2.1128206324.1625414721; _gid=GA1.2.2117876764.1625414721; _gat_unique=1; _gat=1; _sp_v1_uid=1:571:af3773d6-a779-4fd6-a76f-f2e8dab32d97; _sp_v1_data=2:257192:1625414721:0:1:0:1:0:0:_:-1; _sp_v1_ss=1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlXTgyqKRGXkghkFtLC59OCWUYgEO1mB4eQAAAA%3D%3D; _sp_v1_opt=1:; _sp_v1_consent=1!0:-1:-1:-1:-1:-1; _sp_v1_csv=null; _sp_v1_lt=1:; consentUUID=a25d85a5-1b93-4231-9538-5336ff0ace5d; dd_rum_test=test; _dd_r=0; __k_iut=1625414721512 content-length 0 :path /api/kala/t/event.js?e=eyJibG9nSWQiOiI0IiwiY29udGV4dElkIjoiMTg0NzIyMjQwNSIsInRhcmdldElkIjoiMTg0NzIyMjQwNSIsImNvbnRleHRUeXBlIjoiUEVSTUFMSU5LIiwiZXZlbnRUeXBlIjoiUEVSTUFMSU5LX1ZJRVciLCJ0YXJnZXRUeXBlIjoiUE9TVCIsImV2ZW50QXR0cmlidXRlcyI6eyJibG9nTmFtZSI6Imdpem1vZG8uY29tIiwiaXNMb2dnZWRJbiI6MCwiYXV0aG9ySWQiOiI1ODc2MjM3MjQ5MjM5ODYzMDEyIiwidW5pcXVlIjp0cnVlfSwiZXZlbnRBdHRyaWJ1dGVzRXh0ZW5kZWQiOnsicmVzcG9uc2l2ZVZlcnNpb24iOiIxMzY0KyIsImRldmljZUNhdGVnb3J5IjoiZGVza3RvcCIsImFkQmxvY2siOiJhZGJsb2NrIG9mZiIsInNjcm9sbFBvc2l0aW9uIjowLCJ0YWdzIjpbInJhbnNvbXdhcmUiLCJ2bGFkaW1pcnB1dGluIiwiaHVudHJlc3MiLCJoYWNrZXJncm91cHMiLCJqb2huaGFtbW9uZCIsInBhdGNoIiwiYWNlciIsImJsZWVwaW5nY29tcHV0ZXIiLCJ2aXNtYSIsIm1hbmFnZWRzZXJ2aWNlcyIsImFydGljbGVzIiwia2FzZXlhIiwiY3liZXJjcmltZSIsInNlY3VyaXR5YnJlYWNoZXMiLCJjeWJlcnNlY3VyaXR5YW5kaW5mcmFzdHJ1Y3R1cmVzZWN1cml0eWFnZW5jeSIsImpicyIsInJldmlsIiwiY29vcCIsImNyaW1lIiwic2VjdXJpdHkiLCJmcmVkdm9jY29sYSIsImNvbXB1dGVyc2VjdXJpdHkiXSwicmVjaXJjR3JvdXAiOiJmbWdOb25TYXRpcmUifX0=&cb=569 pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type text/plain;charset=UTF-8 accept */* cache-control no-cache :authority gizmodo.com referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 :scheme https sec-fetch-site same-origin :method POST Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers content-security-policy default-src 'self' content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies master-only via 1.1 varnish, 1.1 varnish x-cache MISS, MISS x-ua-device desktop x-kinja kinja-kala-kube01-5d5469547c-52fjb #55 x-cdn-fetch mantle-setcookie content-length 152 x-xss-protection 1; mode=block x-served-by cache-bwi5137-BWI, cache-hhn4076-HHN referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-timer S1625414722.515820,VS0,VE91 x-frame-options DENY date Sun, 04 Jul 2021 16:05:21 GMT vary Accept-Encoding,Origin content-type application/json access-control-allow-origin https://gizmodo.com cache-control no-cache, no-store, private access-control-allow-credentials true set-cookie ka=4891154b-2285-49a3-8195-b7699e401e0b|21ec7314-bf01-4b62-89b1-c2cec424c453|1625414721562; Max-Age=31536000; Expires=Mon, 04 Jul 2022 16:05:21 GMT; Path=/; HTTPOnly accept-ranges bytes x-robots-tag noindex, nofollow x-cache-hits 0, 0
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 85 B	14ms 14ms	XHR text/plain	2a00:1450:400c:c08::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-142218-3&cid=1128206324.1625414721&jid=293484072&gjid=1905253161&_gid=2117876764.1625414721&_u=aGDACEAAFAQCAC~&z=1200094798 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sun, 04 Jul 2021 16:05:21 GMT content-type text/plain access-control-allow-origin https://gizmodo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 70 B	14ms 14ms	XHR text/plain	2a00:1450:400c:c08::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-142218-33&cid=1128206324.1625414721&jid=49283555&gjid=1753543868&_gid=2117876764.1625414721&_u=aGDACEABFAQCAC~&z=1954335035 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sun, 04 Jul 2021 16:05:21 GMT content-type text/plain access-control-allow-origin https://gizmodo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	index.html Show response sourcepoint.gizmodo.com/ Frame 8ED4	4 KB 2 KB	14ms 13ms	Document text/html	13.225.87.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sourcepoint.gizmodo.com/index.html?message_id=388523&consentUUID=a25d85a5-1b93-4231-9538-5336ff0ace5d&requestUUID=fa1ca45d-7ca3-4fbc-8d3c-6587cfa6b95c&preload_message=true Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-76.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 2d019de236076d31bed95c55401b641a66f9934a9685d72f06e15eee1e51cfed Request headers :method GET :authority sourcepoint.gizmodo.com :scheme https :path /index.html?message_id=388523&consentUUID=a25d85a5-1b93-4231-9538-5336ff0ace5d&requestUUID=fa1ca45d-7ca3-4fbc-8d3c-6587cfa6b95c&preload_message=true pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://gizmodo.com/ accept-encoding gzip, deflate, br accept-language en-US cookie KinjaBucket=8; AMP_TOKEN=%24NOT_FOUND; _ga=GA1.2.1128206324.1625414721; _gid=GA1.2.2117876764.1625414721; _gat_unique=1; _gat=1; consentUUID=a25d85a5-1b93-4231-9538-5336ff0ace5d Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://gizmodo.com/ Response headers content-type text/html last-modified Tue, 29 Jun 2021 16:01:33 GMT server AmazonS3 content-encoding gzip date Sun, 04 Jul 2021 15:34:46 GMT etag W/"db4bfc6027cbca144a5b817c3a267bc7" vary Accept-Encoding x-cache Hit from cloudfront via 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-cf-id okl5mPHDjpNjXVigwZtlhLxTFKiRU04BDGXMeEtTfXQgiAWjAEAodA== age 1836
GET H2	200	ping ping.chartbeat.net/	43 B 201 B	313ms 105ms	Image image/gif	34.197.178.4 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ping.chartbeat.net/ping?h=gizmodo.com&p=%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&u=5jmtRpw2ugIp9Iw&d=gizmodo.com&g=3012&g0=gizmodo.com&g1=Lucas%20Ropek&n=1&f=00001&c=0&x=0&m=0&y=5333&o=1776&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=968&t=HWyQ8D89DD3gDrJSD2aX11DR4ujL&V=126&i=A%20Large%20Ransomware%20Attack%20Has%20Ensnared%20Hundreds%20of%20Companies%20%5BUpdate%3A%20Make%20That%201%2C000%2B%20Companies%5D&tz=-120&sn=1&sv=COY9q9BlkzLTBFYct8C-Cw96BGccme&sd=1&im=067b2ff3&_ Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.197.178.4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-197-178-4.compute-1.amazonaws.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:21 GMT cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif content-length 43 expires 0
GET H2	200	b2 sb.scorecardresearch.com/ Redirect Chain https://sb.scorecardresearch.com/b?c1=2&c2=6770184&ns__t=1625414721566&ns_c=UTF-8&cv=3.5&c8=A%20Large%20Ransomware%20Attack%20May%20Have%20Ensnared%20Upwards%20of%20200%20Companies&c7=https%3A%2F%2... https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&ns__t=1625414721566&ns_c=UTF-8&cv=3.5&c8=A%20Large%20Ransomware%20Attack%20May%20Have%20Ensnared%20Upwards%20of%20200%20Companies&c7=https%3A%2F%...	64 B 328 B	10ms 10ms	Image image/gif	13.225.87.63 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&ns__t=1625414721566&ns_c=UTF-8&cv=3.5&c8=A%20Large%20Ransomware%20Attack%20May%20Have%20Ensnared%20Upwards%20of%20200%20Companies&c7=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&c9= Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.63 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-63.fra2.r.cloudfront.net Software / Resource Hash 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:21 GMT via 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 etag W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg" x-cache Miss from cloudfront content-type image/gif; charset=utf-8 content-length 64 x-amz-cf-id AwLIiROzhrz0snZcXsUdqP396EnM3d3Mf5ISVe6IDgwTJHjLGxgikA== Redirect headers date Sun, 04 Jul 2021 16:05:21 GMT via 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 vary Accept x-cache Miss from cloudfront content-type text/plain; charset=utf-8 location https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&ns__t=1625414721566&ns_c=UTF-8&cv=3.5&c8=A%20Large%20Ransomware%20Attack%20May%20Have%20Ensnared%20Upwards%20of%20200%20Companies&c7=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&c9= content-length 305 x-amz-cf-id r9Vkt64HmaIzw0EUXdb2UY1GN3pCcvnSPLPSRqTIef_1GgwV6bG_7g==
GET BLOB	200 OK	410216bd-2caa-4d27-a7ce-f2ddc2a1807f https://gizmodo.com/	31 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://gizmodo.com/410216bd-2caa-4d27-a7ce-f2ddc2a1807f Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 31 Content-Type application/javascript
GET H2	200	89e3c7f294ba97f98e9aad573d2e805f.jpg i.kinja-img.com/gawker-media/image/upload/c_fit,f_auto,g_center,pg_1,q_60,w_965/	29 KB 30 KB	8ms 8ms	Image image/webp	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.kinja-img.com/gawker-media/image/upload/c_fit,f_auto,g_center,pg_1,q_60,w_965/89e3c7f294ba97f98e9aad573d2e805f.jpg Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 48a347b863bb17e0a3d1515c244d9beb78af0a3d6b8a2986a2e1950384629a9a Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id 6dGoYW6H3VsDNxd37UjAzPkdkHyCQgP2 via 1.1 varnish, 1.1 varnish etag "zHJiU5ay4aSVd7gErhap3QiD1o+Y3J2H37f9lM8lAbo" age 157486 x-cache HIT, HIT fastly-io-info ifsz=2358212 idim=6720x3780 ifmt=jpeg ofsz=29858 odim=965x543 ofmt=webp x-amz-replication-status PENDING fastly-stats io=1 content-length 29858 x-amz-id-2 tedD108LkeVKwxULIEES1fjjZ6eC4WJPrGty0hnzGO2kqrw9v6zO35H5L5GZKRTQwtNo9xNxNZg= x-served-by cache-bwi5172-BWI, cache-hhn4076-HHN server AmazonS3 x-timer S1625414722.619449,VS0,VE1 date Sun, 04 Jul 2021 16:05:21 GMT vary Accept x-amz-request-id XNK74QNT12AGNBKW access-control-allow-origin * cache-control public, max-age=31536000 x-kinja-qs auto=webp&enable=upscale&format=pjpg&frame=1&quality=60&width=965 accept-ranges bytes content-type image/webp access-control-allow-headers X-Requested-With x-cache-hits 1, 1
POST H2	200	check Show response connect.scroll.com/embed/	0 1 KB	130ms 113ms	XHR application/json	35.201.100.179 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://connect.scroll.com/embed/check Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.100.179 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; child-src blob:;frame-ancestors https: http:; object-src 'none'; img-src 'self' https://*.scroll.com https://logo-scroll.imgix.net https://u-scroll.imgix.net https://pub-scroll.imgix.net https://scroll-static.imgix.net https://scroll.imgix.net https://logo-scratch-scroll.imgix.net https://www.google-analytics.com https://www.googletagmanager.com https://*.stripe.com data: https://static.scroll.com https://assets.scroll.com https://scroll.com; connect-src 'self' https://api.stripe.com https://checkout.stripe.com https://sentry.io https://o74190.ingest.sentry.io https://www.google-analytics.com https://fonts.googleapis.com https://*.scroll.com https://static.scroll.com https://api.scroll.com/v1/; frame-src 'self' https://js.stripe.com https://hooks.stripe.com https://checkout.stripe.com https://accounts.google.com https://static.scroll.com https://assets.scroll.com https://scroll.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com/ https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com; script-src 'self' 'unsafe-inline' https://js.stripe.com/v3/ https://checkout.stripe.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://browser.sentry-cdn.com https://static.scroll.com https://assets.scroll.com 'nonce-null' 'strict-dynamic'; Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Sun, 04 Jul 2021 16:05:21 GMT via 1.1 google strict-transport-security max-age=63072000; includeSubDomains; preload content-type application/json;charset=utf-8 access-control-allow-origin https://gizmodo.com access-control-allow-credentials true content-security-policy default-src https: 'unsafe-eval' 'unsafe-inline'; child-src blob:;frame-ancestors https: http:; object-src 'none'; img-src 'self' https://*.scroll.com https://logo-scroll.imgix.net https://u-scroll.imgix.net https://pub-scroll.imgix.net https://scroll-static.imgix.net https://scroll.imgix.net https://logo-scratch-scroll.imgix.net https://www.google-analytics.com https://www.googletagmanager.com https://*.stripe.com data: https://static.scroll.com https://assets.scroll.com https://scroll.com; connect-src 'self' https://api.stripe.com https://checkout.stripe.com https://sentry.io https://o74190.ingest.sentry.io https://www.google-analytics.com https://fonts.googleapis.com https://*.scroll.com https://static.scroll.com https://api.scroll.com/v1/; frame-src 'self' https://js.stripe.com https://hooks.stripe.com https://checkout.stripe.com https://accounts.google.com https://static.scroll.com https://assets.scroll.com https://scroll.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com/ https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com; script-src 'self' 'unsafe-inline' https://js.stripe.com/v3/ https://checkout.stripe.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://browser.sentry-cdn.com https://static.scroll.com https://assets.scroll.com 'nonce-null' 'strict-dynamic'; alt-svc clear content-length 0
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 309 B	8ms 8ms	XHR text/plain	13.224.192.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=3076&u=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.192.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-192-34.fra2.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 03:53:38 GMT via 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront) server Server age 43903 x-cache Hit from cloudfront access-control-allow-origin https://gizmodo.com cache-control max-age=86087, s-maxage=86400 access-control-allow-credentials true x-amz-cf-pop FRA2-C1 x-amz-cf-id y8-s9uE1fKnFIYOZXbanvOSs9S2n1PZH7jYmFbuy6nhGzXFfk_dXYQ==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	26ms 9ms	XHR application/javascript	13.224.192.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.192.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-192-34.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9 content-encoding gzip etag W/"a4d296427fc806b21335359e398c025c" age 73846 x-cache Hit from cloudfront access-control-max-age 3000 access-control-allow-origin * last-modified Thu, 01 Jul 2021 22:05:10 GMT server AmazonS3 date Sat, 03 Jul 2021 22:05:19 GMT vary Accept-Encoding,Origin access-control-allow-methods GET content-type application/javascript via 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop FRA2-C1 x-amz-cf-id UkboM4dOdyvaYsRpJeX5oIpIDJWhn9EIWBij0AnnXbjreNOB8F-ZpQ==
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	23 B 367 B	62ms 62ms	XHR text/javascript	13.224.192.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&pid=RUYJuQbBIFXrO&cb=0&ws=1600x1200&v=7.66.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x251%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Fgm.gizmodo%2Farticle_top-banner%22%7D%5D&cfgv=0&gdpre=1&gdprc=CPIyjCbPIyjCbAGABCENBhCgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.192.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-192-34.fra2.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:21 GMT via 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA2-C1 vary User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://gizmodo.com access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id 8YoXJlgWopRj4Ylmj9x1yUSewkH31lE3HY30J6JckndkSDxqeldU3g==
GET H2	200	config Show response prebid.media.net/rtb/prebid/analytics/	44 B 266 B	38ms 16ms	XHR application/json	34.107.148.139 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://prebid.media.net/rtb/prebid/analytics/config?cid=8CU74RYRS&dn=gizmodo.com Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 139.148.107.34.bc.googleusercontent.com Software nginx / Resource Hash 6123ac967d1ab79ef7093374f3156aa4143f4b0ea081a5e0356fbf55fcb40cb4 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sun, 04 Jul 2021 16:05:21 GMT content-encoding gzip server nginx content-type application/json;charset=UTF-8 access-control-allow-origin https://gizmodo.com cache-control max-age=900, must-revalidate access-control-allow-credentials true alt-svc clear via 1.1 google expires Sun, 04 Jul 2021 16:20:21 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	143 B 1 KB	62ms 32ms	XHR application/json	185.33.221.87 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 45f870c43d8756767a4c8c3df402ecbe445ce1b7047609d7664c06f69b96a45b Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sun, 04 Jul 2021 16:05:21 GMT X-Proxy-Origin 185.220.70.211; 185.220.70.211; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 5fc3b282-d17a-42ea-8e73-236e765356ae Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://gizmodo.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 143 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	cygnus Show response htlb.casalemedia.com/	6 KB 4 KB	211ms 145ms	XHR application/json	23.37.38.181 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=187279&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223de1fb5ed53bbd%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224a17d5884d0c9e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22187279%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2251611fcd2e65c4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22187277%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2265b74f3d830187%22%2C%22ext%22%3A%7B%22siteID%22%3A%22187278%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224a17d5884d0c9e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22187279%22%2C%22sid%22%3A%22970x251%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A251%2C%22topframe%22%3A1%7D%7D%5D%7D Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-37-38-181.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 80062ade4b28b213cde81f63c73c675807984ba60159b05ff630eb7fed87096c Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:21 GMT content-encoding gzip x-ak-initial-geo CC:[DE], RC:[HE], CN:[EU], CIP:[185.220.70.211], XFF:[] server Apache vary Is-Traffic-Invalid,Accept-Encoding content-type application/json access-control-allow-origin https://gizmodo.com x-cs-client-geo 12 cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 3582 x-ak-client-geo 12 expires Sun, 04 Jul 2021 16:05:21 GMT
POST H2	200	prebid Show response prebid.media.net/rtb/	330 B 451 B	31ms 16ms	XHR application/json	34.107.148.139 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://prebid.media.net/rtb/prebid?cid=8CU74RYRS Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 139.148.107.34.bc.googleusercontent.com Software nginx / Resource Hash 201097cb385cbaf59d460406e0bda12a7c2818684befe12009a2503462f37b6b Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:21 GMT content-encoding gzip server nginx content-type application/json;charset=UTF-8 access-control-allow-origin https://gizmodo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc clear via 1.1 google
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 471 B	37ms 18ms	XHR application/json	52.28.203.152 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96945a017373a17480a710f9dc0337&pos=top_banner_728x90&cmd=bid&secure=1 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-28-203-152.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.128 / Resource Hash 44ad3d424c7d2c687ce228c7e1271802540537bde01f55642ca917c1506470d6 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Date Sun, 04 Jul 2021 16:05:21 GMT Server ATS/7.1.2.128 Age 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://gizmodo.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 471 B	37ms 18ms	XHR application/json	52.28.203.152 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96945a017373a17480a710f9dc0337&pos=4-top-desktop79&cmd=bid&secure=1 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-28-203-152.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.128 / Resource Hash 6f4250e3b18a9565f3e414490726313fb3c351b16b67326bf58b3a2746316878 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Date Sun, 04 Jul 2021 16:05:21 GMT Server ATS/7.1.2.128 Age 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://gizmodo.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 471 B	35ms 17ms	XHR application/json	52.28.203.152 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96945a017373a17480a710f9dc0337&pos=4-top-desktop78&cmd=bid&secure=1 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-28-203-152.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.128 / Resource Hash a55331af970c90f62cc22568adec63e2a790bc0680d5ee87a9f88180767a0be9 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Date Sun, 04 Jul 2021 16:05:21 GMT Server ATS/7.1.2.128 Age 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://gizmodo.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 471 B	35ms 17ms	XHR application/json	52.28.203.152 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96945a017373a17480a710f9dc0337&pos=gizmodo_top_banner_atf_970x90&cmd=bid&secure=1 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-28-203-152.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.128 / Resource Hash 8bc0a009c9326f289b4aa216296aa9721044373eb7424066a4244aff1c8cdeee Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Date Sun, 04 Jul 2021 16:05:21 GMT Server ATS/7.1.2.128 Age 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://gizmodo.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	259 B 2 KB	169ms 108ms	XHR application/json	213.19.162.61 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=243626&zone_id=1361152&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&tk_flint=pbjs_lite_v4.17.0&x_source.tid=701bfdac-ba8e-454e-bfeb-38d927ed9ba5&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6861518435572229 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 0bbf50b7a7f4b3966866a69082efc6942e9fb33925a71a2ca8b5dcb2be58ffb1 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sun, 04 Jul 2021 16:05:21 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://gizmodo.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Keep-Alive timeout=5 Content-Length 259 Expires Wed, 17 Sep 1975 21:32:10 GMT
POST H2	204	cdb Show response bidder.criteo.com/	0 184 B	52ms 16ms	XHR text/plain	178.250.0.165 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.17.0&cb=35835878426 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.par.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://gizmodo.com date Sun, 04 Jul 2021 16:05:20 GMT access-control-allow-credentials true cross-origin-resource-policy cross-origin server Finatra timing-allow-origin * vary Origin
GET H/1.1	204 No content	hb Show response sofia.trustx.org/	0 365 B	340ms 111ms	XHR text/html	35.211.168.6 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://sofia.trustx.org/hb?pt=net&auids=9522&sizes=970x250%2C970x251%2C970x90%2C728x90&r=18defc425761fb&wrapperType=Prebid_js&wrapperVersion=4.17.0&u=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&wtimeout=1000 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.211.168.6 North Charleston, United States, ASN19527 (GOOGLE-2, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Date Sun, 04 Jul 2021 16:05:21 GMT Server nginx P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Access-Control-Allow-Origin https://gizmodo.com Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=UTF-8
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	23 B 366 B	41ms 41ms	XHR text/javascript	13.224.192.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&pid=RUYJuQbBIFXrO&cb=1&ws=1600x1200&v=7.66.00&t=1000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F4246%2Fgm.gizmodo%2Farticle_left_top%22%7D%5D&cfgv=0&gdpre=1&gdprc=CPIyjCbPIyjCbAGABCENBhCgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.192.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-192-34.fra2.r.cloudfront.net Software Server / Resource Hash 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:21 GMT via 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA2-C1 vary User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://gizmodo.com access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id npn2P9An72BVpVopJZP19gEq17idLPeU667oli-67Y4IJMR2p1MziQ==
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	237 B 2 KB	150ms 96ms	XHR application/json	213.19.162.61 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=243626&zone_id=1361186&size_id=15&p_pos=atf&rf=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&tk_flint=pbjs_lite_v4.17.0&x_source.tid=f9653ec2-c833-4c9f-8787-2446d322b082&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7275569798456347 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 74826dbf53755f4c6262619c9073237921a67ccb158f248a4055e00ffacf1588 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sun, 04 Jul 2021 16:05:21 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://gizmodo.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Keep-Alive timeout=5 Content-Length 237 Expires Wed, 17 Sep 1975 21:32:10 GMT
POST H2	200	prebid Show response prebid.media.net/rtb/	330 B 314 B	27ms 27ms	XHR application/json	34.107.148.139 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://prebid.media.net/rtb/prebid?cid=8CU74RYRS Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 139.148.107.34.bc.googleusercontent.com Software nginx / Resource Hash 5e41f7e4aab5022295d5a9afe4730af0ad0aa8f1526de11cebd80348724ec1cc Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:21 GMT content-encoding gzip server nginx content-type application/json;charset=UTF-8 access-control-allow-origin https://gizmodo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc clear via 1.1 google
POST H2	204	cdb Show response bidder.criteo.com/	0 184 B	34ms 17ms	XHR text/plain	178.250.0.165 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.17.0&cb=41861693417 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.par.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://gizmodo.com date Sun, 04 Jul 2021 16:05:21 GMT access-control-allow-credentials true cross-origin-resource-policy cross-origin server Finatra timing-allow-origin * vary Origin
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	143 B 1 KB	66ms 39ms	XHR application/json	185.33.221.87 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 9efdf3aa0355503865e6c7ff9d26ca722dd612732ae8b48884dacd4ea2063116 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sun, 04 Jul 2021 16:05:21 GMT X-Proxy-Origin 185.220.70.211; 185.220.70.211; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid bdeb0697-3c41-42ea-b296-f7c48a38bc12 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://gizmodo.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 143 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	204 No content	hb Show response sofia.trustx.org/	0 365 B	341ms 115ms	XHR text/html	35.211.168.6 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://sofia.trustx.org/hb?pt=net&auids=9526&sizes=300x250&r=285c5b3b10f6a44&wrapperType=Prebid_js&wrapperVersion=4.17.0&u=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&wtimeout=1000 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.211.168.6 North Charleston, United States, ASN19527 (GOOGLE-2, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Date Sun, 04 Jul 2021 16:05:22 GMT Server nginx P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Access-Control-Allow-Origin https://gizmodo.com Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=UTF-8
GET H2	200	cygnus Show response htlb.casalemedia.com/	6 KB 4 KB	223ms 184ms	XHR application/json	23.37.38.181 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=241215&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22307af2dd6a93923%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22318d8764c92b0b5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22241215%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-37-38-181.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 12aa085cbf6469295c9d90dab6ecde1916c55848a91a592279e0d8d908c23729 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:21 GMT content-encoding gzip x-ak-initial-geo CC:[DE], RC:[HE], CN:[EU], CIP:[185.220.70.211], XFF:[] server Apache vary Is-Traffic-Invalid,Accept-Encoding content-type application/json access-control-allow-origin https://gizmodo.com x-cs-client-geo 12 cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 3553 x-ak-client-geo 12 expires Sun, 04 Jul 2021 16:05:21 GMT
GET H2	403	insync thrtle.com/ Redirect Chain https://px.britepool.com/new?partner_id=t https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=8610ab6a-5b46-49dc-afc6-48f29cae7a67	0 0	310ms 103ms	Image text/html	3.212.71.107 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=8610ab6a-5b46-49dc-afc6-48f29cae7a67 Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.212.71.107 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-212-71-107.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Redirect headers Date Sun, 04 Jul 2021 16:05:22 GMT Server nginx Vary negotiate,Accept-Encoding P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Location https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=8610ab6a-5b46-49dc-afc6-48f29cae7a67 Cache-Control no-cache, no-store, private Tcn Choice Connection keep-alive Content-Length 0 X-Xss-Protection 0 X-Request-Id 8b1f8d06b28bd45825c6db8e9d7c446a Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	32ms 29ms	Image image/gif	2a00:1450:4001:809::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-142218-3&cid=1128206324.1625414721&jid=293484072&_u=aGDACEAAFAQCAC~&z=874837252 Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:21 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	32ms 30ms	Image image/gif	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-142218-3&cid=1128206324.1625414721&jid=293484072&_u=aGDACEAAFAQCAC~&z=874837252 Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:21 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	32ms 31ms	Image image/gif	2a00:1450:4001:809::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-142218-33&cid=1128206324.1625414721&jid=49283555&_u=aGDACEABFAQCAC~&z=1885282520 Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:21 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	30ms 30ms	Image image/gif	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-142218-33&cid=1128206324.1625414721&jid=49283555&_u=aGDACEABFAQCAC~&z=1885282520 Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:21 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sync Show response gum.criteo.com/	53 B 366 B	15ms 15ms	Script text/javascript	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sync?r=2&c=321&j=window.advBidxc.crt&gdpr=1&gdpr_consent=CPIyjCbPIyjCbAGABCENBhCgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&us_privacy=&gdpr_pd=0 Requested by Host: hbx.media.net URL: https://hbx.media.net/bidexchange.js?cid=8CUL2TG3D&version=5.1&dn=gizmodo.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash d236e1af7b71e2ccd2d2fab9d9ba66893d95c884663688306742f8934aec7594 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip date Sun, 04 Jul 2021 16:05:21 GMT vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control private, max-age=3600 server-processing-duration-in-ticks 1831 content-length 169 expires 60
GET H2	200	connatix.playspace.css cds.connatix.com/p/122361/	94 KB 13 KB	10ms 9ms	Stylesheet text/css	151.101.114.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cds.connatix.com/p/122361/connatix.playspace.css Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 21d9eee5af7bffbcd6287b951a2101dc3f011903b4bd096ef91562c53c58a0c5 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:21 GMT content-encoding br last-modified Fri, 02 Jul 2021 12:25:07 GMT age 157370 etag "3fcb479633a6305067a2012e63f60c53" vary Accept-Encoding content-type text/css access-control-allow-origin * access-control-max-age 86400 cache-control public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600 accept-ranges bytes content-length 13229
GET H2	200	rtbsspub cdn-geuw1-xch.media.net/AdExchange/	5 KB 1 KB	28ms 26ms	EventSource text/event-stream	23.62.140.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn-geuw1-xch.media.net/AdExchange/rtbsspub?&prvReqId=38671940382400691625414721741&gdpr=1&gdprconsent=1&gdprstring=CPIyjCbPIyjCbAGABCENBhCgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&cid=8CUL2TG3D&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=223272391*97%7C300x250%7C8CUL2TG3D%7C223272391_8CUL2TG3D%7C0.54%7C%7C1%40283886783*97%7C970x250~970x90~728x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C0.54%7C%7C1%40395631964*97%7C300x250%7C8CUL2TG3D%7C395631964_8CUL2TG3D%7C0.54%7C%7C1%40737331266*97%7C300x250~300x600%7C8CUL2TG3D%7C737331266_8CUL2TG3D~737331266_8CUL2TG3D%7C0.54%7C%7C1&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.45320625530173975&tscode=1&crid=223272391%2C283886783%2C395631964%2C737331266&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fgizmodo.com&https=1&requrl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=7656&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&encryptionVersion=0.0 Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-62-140-165.deploy.static.akamaitechnologies.com Software / Resource Hash ac0bad1af9b81aac0b5bab91197522062cd479f5bd63b8892fb272cf1c43488a Request headers Accept text/event-stream Cache-Control no-cache Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:21 GMT content-encoding gzip vary accept-encoding content-type text/event-stream;charset=UTF-8 access-control-allow-origin https://gizmodo.com cache-control max-age=0, no-cache, no-store access-control-allow-credentials true timing-allow-origin *, * content-length 982 expires Sun, 04 Jul 2021 16:05:21 GMT
GET H2	200	rtbsspub cdn-geuw1-xch.media.net/AdExchange/	5 KB 1 KB	28ms 27ms	EventSource text/event-stream	23.62.140.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn-geuw1-xch.media.net/AdExchange/rtbsspub?&prvReqId=26493976593152401625414721742&gdpr=1&gdprconsent=1&gdprstring=CPIyjCbPIyjCbAGABCENBhCgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&cid=8CUL2TG3D&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=223272391*97%7C300x250%7C8CUL2TG3D%7C223272391_8CUL2TG3D%7C0.54%7C%7C1%40283886783*97%7C970x250~970x90~728x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C0.54%7C%7C1%40395631964*97%7C300x250%7C8CUL2TG3D%7C395631964_8CUL2TG3D%7C0.54%7C%7C1%40737331266*97%7C300x250~300x600%7C8CUL2TG3D%7C737331266_8CUL2TG3D~737331266_8CUL2TG3D%7C0.54%7C%7C1&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.24810342743198954&tscode=1&crid=223272391%2C283886783%2C395631964%2C737331266&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fgizmodo.com&https=1&requrl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=7656&act=cache&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&encryptionVersion=0.0 Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-62-140-165.deploy.static.akamaitechnologies.com Software / Resource Hash 0d78a62f063735045b5ef703575edbc2e30ea3fa56ba2e8281ee79c1941daf3a Request headers Accept text/event-stream Cache-Control no-cache Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:21 GMT content-encoding gzip vary accept-encoding content-type text/event-stream;charset=UTF-8 access-control-allow-origin https://gizmodo.com cache-control max-age=0, no-cache, no-store access-control-allow-credentials true timing-allow-origin *, * content-length 975 expires Sun, 04 Jul 2021 16:05:21 GMT
GET H2	200	getList Show response gizmodo.com/api/core/corepost/	56 KB 14 KB	12ms 12ms	Fetch application/json	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/api/core/corepost/getList?id=1847214918&id=1847201614&id=1847214184 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/permalinkPage.5762c09860a88a398d66.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ac7660785402fcacd055f0e99a5e863eac6786bce2f77e4a68c208cffd5f6338 Security Headers Name Value Content-Security-Policy default-src 'self' X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /api/core/corepost/getList?id=1847214918&id=1847201614&id=1847214184 pragma no-cache cookie geocc=DE; KinjaBucket=8; KinjaSetBucket=8|1625414700|wOvLhrGhx32371sMAKDR1JBO88OdYcxEr7D3dTnM+l4=; lux_uid=162541472092268238; AMP_TOKEN=%24NOT_FOUND; _ga=GA1.2.1128206324.1625414721; _gid=GA1.2.2117876764.1625414721; _gat_unique=1; _gat=1; _sp_v1_uid=1:571:af3773d6-a779-4fd6-a76f-f2e8dab32d97; _sp_v1_data=2:257192:1625414721:0:1:0:1:0:0:_:-1; _sp_v1_ss=1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlXTgyqKRGXkghkFtLC59OCWUYgEO1mB4eQAAAA%3D%3D; _sp_v1_opt=1:; _sp_v1_consent=1!0:-1:-1:-1:-1:-1; _sp_v1_csv=null; _sp_v1_lt=1:; consentUUID=a25d85a5-1b93-4231-9538-5336ff0ace5d; dd_rum_test=test; _dd_r=0; __k_iut=1625414721512; pageDepth=1; _cb_ls=1; _cb=5jmtRpw2ugIp9Iw; _chartbeat2=.1625414721555.1625414721555.1.COY9q9BlkzLTBFYct8C-Cw96BGccme.1; _cb_svref=null; ka=4891154b-2285-49a3-8195-b7699e401e0b|21ec7314-bf01-4b62-89b1-c2cec424c453|1625414721562; _pbjs_userid_consent_data=3524755945110770 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority gizmodo.com referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 :scheme https sec-fetch-site same-origin :method GET Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src 'self' content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies master-only age 44 x-cache HIT, HIT x-ua-device desktop x-kinja kinja-core-kube03-56bc95bd4-nbsm7 #375 x-cdn-fetch mantle-default content-length 13813 x-xss-protection 1; mode=block x-served-by cache-bwi5171-BWI, cache-hhn4076-HHN referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-timer S1625414722.816364,VS0,VE1 x-frame-options DENY date Sun, 04 Jul 2021 16:05:21 GMT vary Accept-Encoding,Origin, Authorization, Cookie content-type application/json via 1.1 varnish, 1.1 varnish accept-ranges bytes x-robots-tag noindex, nofollow x-cache-hits 1, 1
GET H2	200	10002 Show response gizmodo.com/api/core/videoPlaylist/	16 KB 4 KB	16ms 15ms	Fetch application/json	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/api/core/videoPlaylist/10002?blogId=4 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/permalinkPage.5762c09860a88a398d66.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b85aade264aafec0d72ccc0e1188bb88a606034c22358d240e5bade91cec0898 Security Headers Name Value Content-Security-Policy default-src 'self' X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /api/core/videoPlaylist/10002?blogId=4 pragma no-cache cookie geocc=DE; KinjaBucket=8; KinjaSetBucket=8|1625414700|wOvLhrGhx32371sMAKDR1JBO88OdYcxEr7D3dTnM+l4=; lux_uid=162541472092268238; AMP_TOKEN=%24NOT_FOUND; _ga=GA1.2.1128206324.1625414721; _gid=GA1.2.2117876764.1625414721; _gat_unique=1; _gat=1; _sp_v1_uid=1:571:af3773d6-a779-4fd6-a76f-f2e8dab32d97; _sp_v1_data=2:257192:1625414721:0:1:0:1:0:0:_:-1; _sp_v1_ss=1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlXTgyqKRGXkghkFtLC59OCWUYgEO1mB4eQAAAA%3D%3D; _sp_v1_opt=1:; _sp_v1_consent=1!0:-1:-1:-1:-1:-1; _sp_v1_csv=null; _sp_v1_lt=1:; consentUUID=a25d85a5-1b93-4231-9538-5336ff0ace5d; dd_rum_test=test; _dd_r=0; __k_iut=1625414721512; pageDepth=1; _cb_ls=1; _cb=5jmtRpw2ugIp9Iw; _chartbeat2=.1625414721555.1625414721555.1.COY9q9BlkzLTBFYct8C-Cw96BGccme.1; _cb_svref=null; ka=4891154b-2285-49a3-8195-b7699e401e0b|21ec7314-bf01-4b62-89b1-c2cec424c453|1625414721562; _pbjs_userid_consent_data=3524755945110770 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority gizmodo.com referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 :scheme https sec-fetch-site same-origin :method GET Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src 'self' content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies master-only age 1 x-cache HIT, HIT x-ua-device desktop x-kinja kinja-core-kube01-6dff68fc9d-qztls #375 x-cdn-fetch mantle-default content-length 4458 x-xss-protection 1; mode=block x-served-by cache-bwi5175-BWI, cache-hhn4076-HHN referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-timer S1625414722.828104,VS0,VE1 x-frame-options DENY date Sun, 04 Jul 2021 16:05:21 GMT vary Accept-Encoding,Origin, Authorization, Cookie content-type application/json via 1.1 varnish, 1.1 varnish accept-ranges bytes x-robots-tag noindex, nofollow x-cache-hits 1, 1
GET H2	200	Notice.185fb.css sourcepoint.gizmodo.com/ Frame 8ED4	32 KB 6 KB	11ms 11ms	Stylesheet text/css	13.225.87.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sourcepoint.gizmodo.com/Notice.185fb.css Requested by Host: sourcepoint.gizmodo.com URL: https://sourcepoint.gizmodo.com/index.html?message_id=388523&consentUUID=a25d85a5-1b93-4231-9538-5336ff0ace5d&requestUUID=fa1ca45d-7ca3-4fbc-8d3c-6587cfa6b95c&preload_message=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-76.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 2ee65681169097d090e910d0525bb09e60a2ddd405f46d976daad8f29d0a1a67 Request headers Referer https://sourcepoint.gizmodo.com/index.html?message_id=388523&consentUUID=a25d85a5-1b93-4231-9538-5336ff0ace5d&requestUUID=fa1ca45d-7ca3-4fbc-8d3c-6587cfa6b95c&preload_message=true User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 15:39:46 GMT content-encoding gzip last-modified Tue, 29 Jun 2021 16:01:33 GMT server AmazonS3 age 1540 etag W/"2d1233c8e331c4bdff593199f6e12382" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-cf-id vW0QaagOL8xV3IgGPmnfPCE9v3GGplcDttWDA34rydViW9ovnu6ggQ==
GET H2	200	polyfills.01247.js Show response sourcepoint.gizmodo.com/ Frame 8ED4	5 KB 2 KB	8ms 8ms	Script application/javascript	13.225.87.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sourcepoint.gizmodo.com/polyfills.01247.js Requested by Host: sourcepoint.gizmodo.com URL: https://sourcepoint.gizmodo.com/index.html?message_id=388523&consentUUID=a25d85a5-1b93-4231-9538-5336ff0ace5d&requestUUID=fa1ca45d-7ca3-4fbc-8d3c-6587cfa6b95c&preload_message=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-76.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7 Request headers Referer https://sourcepoint.gizmodo.com/index.html?message_id=388523&consentUUID=a25d85a5-1b93-4231-9538-5336ff0ace5d&requestUUID=fa1ca45d-7ca3-4fbc-8d3c-6587cfa6b95c&preload_message=true User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 15:39:54 GMT content-encoding gzip last-modified Tue, 29 Jun 2021 16:01:33 GMT server AmazonS3 age 1528 etag W/"89661b8fd918815bcb224bba79cabab1" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-cf-id J88QjlNujydmQqXSE5mFfW9pwsZ6G8226l5H6qmbk8I-8ixyPSZgyA==
GET H2	200	Notice.93135.js Show response sourcepoint.gizmodo.com/ Frame 8ED4	203 KB 51 KB	10ms 10ms	Script application/javascript	13.225.87.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sourcepoint.gizmodo.com/Notice.93135.js Requested by Host: sourcepoint.gizmodo.com URL: https://sourcepoint.gizmodo.com/index.html?message_id=388523&consentUUID=a25d85a5-1b93-4231-9538-5336ff0ace5d&requestUUID=fa1ca45d-7ca3-4fbc-8d3c-6587cfa6b95c&preload_message=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-76.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 2b6101973deb0108f5ae9b0cdcdbb86108c17a289720c992d95cf6071714b0c6 Request headers Referer https://sourcepoint.gizmodo.com/index.html?message_id=388523&consentUUID=a25d85a5-1b93-4231-9538-5336ff0ace5d&requestUUID=fa1ca45d-7ca3-4fbc-8d3c-6587cfa6b95c&preload_message=true User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 15:39:51 GMT content-encoding gzip last-modified Tue, 29 Jun 2021 16:01:33 GMT server AmazonS3 age 1540 etag W/"403275b77fe74c6eb69c00fec0c926bf" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-cf-id AA9klVOW52wPbIF2fhcV1RXsZKd9k4qs9a5sdhhi17VOFbTUsPUhoQ==
POST H/1.1	200 OK	story Show response capi.connatix.com/core/	13 KB 5 KB	470ms 143ms	XHR multipart/form-data	52.14.23.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi.connatix.com/core/story?v=122361 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.14.23.146 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 448b24e64f8ff3b51bb8e4994d65a0fc056a0ed94fff56fcfee2e093de814115 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type multipart/form-data Response headers Date Sun, 04 Jul 2021 16:05:22 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type multipart/form-data Access-Control-Allow-Origin https://gizmodo.com transfer-encoding chunked Connection keep-alive Access-Control-Allow-Credentials true
GET H2	200	blogs Show response gizmodo.com/api/profile/	6 KB 2 KB	99ms 98ms	Fetch application/json	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/api/profile/blogs?ids=1635821517&ids=39 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/permalinkPage.5762c09860a88a398d66.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash bbfd658a0146219598458a0f5a6ba14fe2b4f018eaf55bab79fcae12b3240a9e Security Headers Name Value Content-Security-Policy default-src 'self' X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /api/profile/blogs?ids=1635821517&ids=39 pragma no-cache cookie geocc=DE; KinjaBucket=8; KinjaSetBucket=8|1625414700|wOvLhrGhx32371sMAKDR1JBO88OdYcxEr7D3dTnM+l4=; lux_uid=162541472092268238; AMP_TOKEN=%24NOT_FOUND; _ga=GA1.2.1128206324.1625414721; _gid=GA1.2.2117876764.1625414721; _gat_unique=1; _gat=1; _sp_v1_uid=1:571:af3773d6-a779-4fd6-a76f-f2e8dab32d97; _sp_v1_data=2:257192:1625414721:0:1:0:1:0:0:_:-1; _sp_v1_ss=1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlXTgyqKRGXkghkFtLC59OCWUYgEO1mB4eQAAAA%3D%3D; _sp_v1_opt=1:; _sp_v1_consent=1!0:-1:-1:-1:-1:-1; _sp_v1_csv=null; _sp_v1_lt=1:; consentUUID=a25d85a5-1b93-4231-9538-5336ff0ace5d; dd_rum_test=test; _dd_r=0; __k_iut=1625414721512; pageDepth=1; _cb_ls=1; _cb=5jmtRpw2ugIp9Iw; _chartbeat2=.1625414721555.1625414721555.1.COY9q9BlkzLTBFYct8C-Cw96BGccme.1; _cb_svref=null; ka=4891154b-2285-49a3-8195-b7699e401e0b|21ec7314-bf01-4b62-89b1-c2cec424c453|1625414721562; _pbjs_userid_consent_data=3524755945110770 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority gizmodo.com referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 :scheme https sec-fetch-site same-origin :method GET Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src 'self' content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies master-only age 3 x-cache HIT, MISS x-ua-device desktop x-kinja kinja-profile-kube03-6b78dbc8dc-jj4xj #162 x-cdn-fetch mantle-origin-cache content-length 2009 x-xss-protection 1; mode=block x-served-by cache-bwi5123-BWI, cache-hhn4076-HHN referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-timer S1625414722.904414,VS0,VE91 x-frame-options DENY date Sun, 04 Jul 2021 16:05:21 GMT vary Accept-Encoding,Origin, Authorization, Cookie content-type application/json via 1.1 varnish, 1.1 varnish accept-ranges bytes x-robots-tag noindex, nofollow x-cache-hits 1, 0
GET H2	200	getList Show response gizmodo.com/api/core/corepost/	167 KB 41 KB	126ms 125ms	Fetch application/json	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/api/core/corepost/getList?id=1847011038&id=1847050226&id=1846921675&id=1846944403&id=1840153270&id=1840208545&id=1846262124&id=1841675506&id=1846850252&id=1845085301&id=1846419061&id=1846786338&id=1846801761 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash eadb8708ed5041c77fdba4c87e98af75c37b5e76db81bcdaa1ef8c6753b52098 Security Headers Name Value Content-Security-Policy default-src 'self' X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /api/core/corepost/getList?id=1847011038&id=1847050226&id=1846921675&id=1846944403&id=1840153270&id=1840208545&id=1846262124&id=1841675506&id=1846850252&id=1845085301&id=1846419061&id=1846786338&id=1846801761 pragma no-cache cookie geocc=DE; KinjaBucket=8; KinjaSetBucket=8|1625414700|wOvLhrGhx32371sMAKDR1JBO88OdYcxEr7D3dTnM+l4=; lux_uid=162541472092268238; AMP_TOKEN=%24NOT_FOUND; _ga=GA1.2.1128206324.1625414721; _gid=GA1.2.2117876764.1625414721; _gat_unique=1; _gat=1; _sp_v1_uid=1:571:af3773d6-a779-4fd6-a76f-f2e8dab32d97; _sp_v1_data=2:257192:1625414721:0:1:0:1:0:0:_:-1; _sp_v1_ss=1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlXTgyqKRGXkghkFtLC59OCWUYgEO1mB4eQAAAA%3D%3D; _sp_v1_opt=1:; _sp_v1_consent=1!0:-1:-1:-1:-1:-1; _sp_v1_csv=null; _sp_v1_lt=1:; consentUUID=a25d85a5-1b93-4231-9538-5336ff0ace5d; dd_rum_test=test; _dd_r=0; __k_iut=1625414721512; pageDepth=1; _cb_ls=1; _cb=5jmtRpw2ugIp9Iw; _chartbeat2=.1625414721555.1625414721555.1.COY9q9BlkzLTBFYct8C-Cw96BGccme.1; _cb_svref=null; ka=4891154b-2285-49a3-8195-b7699e401e0b|21ec7314-bf01-4b62-89b1-c2cec424c453|1625414721562; _pbjs_userid_consent_data=3524755945110770 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority gizmodo.com referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 :scheme https sec-fetch-site same-origin :method GET Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src 'self' content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies master-only age 0 x-cache MISS, MISS x-ua-device desktop x-kinja kinja-core-kube03-56bc95bd4-rjk5p #375 x-cdn-fetch mantle-default content-length 41612 x-xss-protection 1; mode=block x-served-by cache-bwi5122-BWI, cache-hhn4076-HHN referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-timer S1625414722.907539,VS0,VE117 x-frame-options DENY date Sun, 04 Jul 2021 16:05:22 GMT vary Accept-Encoding,Origin, Authorization, Cookie content-type application/json via 1.1 varnish, 1.1 varnish accept-ranges bytes x-robots-tag noindex, nofollow x-cache-hits 0, 0
GET H2	200	replyCount Show response gizmodo.com/api/comments/views/	250 B 349 B	102ms 102ms	Fetch application/json	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/api/comments/views/replyCount?ids=1847011038&ids=1847050226&ids=1846921675&ids=1846944403&ids=1840153270&ids=1840208545&ids=1846262124&ids=1841675506&ids=1846850252&ids=1845085301&ids=1846419061&ids=1846786338&ids=1846801761 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e8c3f211a0b81689df4648a50db39987176d607771c429fe685932288dabf33c Security Headers Name Value Content-Security-Policy default-src 'self' X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /api/comments/views/replyCount?ids=1847011038&ids=1847050226&ids=1846921675&ids=1846944403&ids=1840153270&ids=1840208545&ids=1846262124&ids=1841675506&ids=1846850252&ids=1845085301&ids=1846419061&ids=1846786338&ids=1846801761 pragma no-cache cookie geocc=DE; KinjaBucket=8; KinjaSetBucket=8|1625414700|wOvLhrGhx32371sMAKDR1JBO88OdYcxEr7D3dTnM+l4=; lux_uid=162541472092268238; AMP_TOKEN=%24NOT_FOUND; _ga=GA1.2.1128206324.1625414721; _gid=GA1.2.2117876764.1625414721; _gat_unique=1; _gat=1; _sp_v1_uid=1:571:af3773d6-a779-4fd6-a76f-f2e8dab32d97; _sp_v1_data=2:257192:1625414721:0:1:0:1:0:0:_:-1; _sp_v1_ss=1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlXTgyqKRGXkghkFtLC59OCWUYgEO1mB4eQAAAA%3D%3D; _sp_v1_opt=1:; _sp_v1_consent=1!0:-1:-1:-1:-1:-1; _sp_v1_csv=null; _sp_v1_lt=1:; consentUUID=a25d85a5-1b93-4231-9538-5336ff0ace5d; dd_rum_test=test; _dd_r=0; __k_iut=1625414721512; pageDepth=1; _cb_ls=1; _cb=5jmtRpw2ugIp9Iw; _chartbeat2=.1625414721555.1625414721555.1.COY9q9BlkzLTBFYct8C-Cw96BGccme.1; _cb_svref=null; ka=4891154b-2285-49a3-8195-b7699e401e0b|21ec7314-bf01-4b62-89b1-c2cec424c453|1625414721562; _pbjs_userid_consent_data=3524755945110770 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority gizmodo.com referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 :scheme https sec-fetch-site same-origin :method GET Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src 'self' content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies master-only age 0 x-cache MISS, MISS x-ua-device desktop x-kinja kinja-comments-kube01-5778fbcb48-dbndf #59 x-cdn-fetch mantle-origin-cache content-length 176 x-xss-protection 1; mode=block x-served-by cache-bwi5127-BWI, cache-hhn4076-HHN referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-timer S1625414722.907823,VS0,VE95 x-frame-options DENY date Sun, 04 Jul 2021 16:05:22 GMT vary Accept-Encoding,Origin, Authorization, Cookie content-type application/json via 1.1 varnish, 1.1 varnish accept-ranges bytes x-robots-tag noindex, nofollow x-cache-hits 0, 0
GET H2	200	logo-gizmodo-600x85-300x43.png g-omedia.com/wp-content/uploads/2016/11/ Frame 8ED4	4 KB 5 KB	316ms 105ms	Image image/png	52.45.196.74 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://g-omedia.com/wp-content/uploads/2016/11/logo-gizmodo-600x85-300x43.png Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.45.196.74 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache/2.4.39 (Unix) OpenSSL/1.1.0j / Resource Hash 7712b0b9683b6bdbff4e275ef9af9b7499737f3e5d0238040fd46d8f7da05c45 Request headers Referer https://sourcepoint.gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:22 GMT last-modified Mon, 25 Nov 2019 23:54:55 GMT server Apache/2.4.39 (Unix) OpenSSL/1.1.0j accept-ranges bytes etag "1199-598347d870b61" content-length 4505 content-type image/png
GET H2	200	getList Show response gizmodo.com/api/core/corepost/	55 KB 14 KB	107ms 107ms	Fetch application/json	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/api/core/corepost/getList?id=1847221380&id=1847214184&id=1847214918&id=1847217396 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/permalinkPage.5762c09860a88a398d66.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 298721a7856a6607594b8dcd1f1ab00b45a525101213c7b3c2a60524cf4602f7 Security Headers Name Value Content-Security-Policy default-src 'self' X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /api/core/corepost/getList?id=1847221380&id=1847214184&id=1847214918&id=1847217396 pragma no-cache cookie geocc=DE; KinjaBucket=8; KinjaSetBucket=8|1625414700|wOvLhrGhx32371sMAKDR1JBO88OdYcxEr7D3dTnM+l4=; lux_uid=162541472092268238; AMP_TOKEN=%24NOT_FOUND; _ga=GA1.2.1128206324.1625414721; _gid=GA1.2.2117876764.1625414721; _gat_unique=1; _gat=1; _sp_v1_uid=1:571:af3773d6-a779-4fd6-a76f-f2e8dab32d97; _sp_v1_data=2:257192:1625414721:0:1:0:1:0:0:_:-1; _sp_v1_ss=1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlXTgyqKRGXkghkFtLC59OCWUYgEO1mB4eQAAAA%3D%3D; _sp_v1_opt=1:; _sp_v1_consent=1!0:-1:-1:-1:-1:-1; _sp_v1_csv=null; _sp_v1_lt=1:; consentUUID=a25d85a5-1b93-4231-9538-5336ff0ace5d; _dd_r=0; __k_iut=1625414721512; pageDepth=1; _cb_ls=1; _cb=5jmtRpw2ugIp9Iw; _chartbeat2=.1625414721555.1625414721555.1.COY9q9BlkzLTBFYct8C-Cw96BGccme.1; _cb_svref=null; ka=4891154b-2285-49a3-8195-b7699e401e0b|21ec7314-bf01-4b62-89b1-c2cec424c453|1625414721562; _pbjs_userid_consent_data=3524755945110770 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority gizmodo.com referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 :scheme https sec-fetch-site same-origin :method GET Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src 'self' content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies master-only age 0 x-cache HIT, MISS x-ua-device desktop x-kinja kinja-core-kube01-6dff68fc9d-mwf29 #375 x-cdn-fetch mantle-default content-length 13897 x-xss-protection 1; mode=block x-served-by cache-bwi5182-BWI, cache-hhn4076-HHN referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-timer S1625414722.007321,VS0,VE100 x-frame-options DENY date Sun, 04 Jul 2021 16:05:22 GMT vary Accept-Encoding,Origin, Authorization, Cookie content-type application/json via 1.1 varnish, 1.1 varnish accept-ranges bytes x-robots-tag noindex, nofollow x-cache-hits 1, 0
GET H2	200	c06d09b900e5e7171422713323e5e3e8.jpg i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_78,pg_1,q_60,w_140/	2 KB 2 KB	10ms 9ms	Image image/webp	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_78,pg_1,q_60,w_140/c06d09b900e5e7171422713323e5e3e8.jpg Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a6f570b0b4dbfef5ec2edf2cfec061287c125f11efa0a197abf657154bff4e61 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id KPbYoKR2LVqRqtug.nvEIEkqWb8AhqCb via 1.1 varnish, 1.1 varnish etag "5rQXafwtIFwoGdr31ky2a7ZMDrQmyz3ts73TTFWezbE" age 246020 x-cache HIT, HIT fastly-io-info ifsz=1864769 idim=3227x1815 ifmt=jpeg ofsz=1928 odim=140x78 ofmt=webp x-amz-replication-status PENDING fastly-stats io=1 content-length 1928 x-amz-id-2 Eesjja+9EPVhTWCmLIJDkN63kWvn2T6/5yDs2uriRL15N8e/X9mXy902jL6UD/7VYGw0OaAwibA= x-served-by cache-bwi5158-BWI, cache-hhn4076-HHN server AmazonS3 x-timer S1625414722.060274,VS0,VE0 date Sun, 04 Jul 2021 16:05:22 GMT vary Accept x-amz-request-id HAMSDRVY8DA8TJJF access-control-allow-origin * cache-control public, max-age=31536000 x-kinja-qs auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=78&quality=60&width=140 accept-ranges bytes content-type image/webp access-control-allow-headers X-Requested-With x-cache-hits 1, 4
GET H2	200	1bd3d19a3d2d8c279b8fefd36d48dda3.png i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_78,pg_1,q_60,w_140/	23 KB 23 KB	12ms 11ms	Image image/webp	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_78,pg_1,q_60,w_140/1bd3d19a3d2d8c279b8fefd36d48dda3.png Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 082b2c93334cb140a72cc037e15d48dac0401edcd9f4f98148c163e547d737da Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id ZG1MTytwmviisRnnwMZ45MeY6MoAEve9 via 1.1 varnish, 1.1 varnish etag "e/8+lpjC2CtynzuWQYsOmMqCjn8+NMJsa7SNuycoje4" age 252117 x-cache HIT, HIT fastly-io-info ifsz=10925210 idim=3000x1688 ifmt=png ofsz=23626 odim=140x78 ofmt=webp x-amz-replication-status PENDING fastly-stats io=1 content-length 23626 x-amz-id-2 qt9LQiz6PaqDRD0ad48tfrAC8L5PBWdDF4xQmemTMUDNenttVZJSSFTAapCYFkuGj3SL+geIYVc= x-served-by cache-bwi5179-BWI, cache-hhn4076-HHN server AmazonS3 x-timer S1625414722.060263,VS0,VE1 date Sun, 04 Jul 2021 16:05:22 GMT vary Accept x-amz-request-id F9NDT9TC7B8V6T3C access-control-allow-origin * cache-control public, max-age=31536000 x-kinja-qs auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=78&quality=60&width=140 accept-ranges bytes content-type image/webp access-control-allow-headers X-Requested-With x-cache-hits 1, 2
GET H2	200	d4bb0c75ca671da70f1633fce4dafdb4.png i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_78,pg_1,q_60,w_140/	13 KB 14 KB	10ms 9ms	Image image/webp	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_78,pg_1,q_60,w_140/d4bb0c75ca671da70f1633fce4dafdb4.png Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 8a7d0ea06858a906a31b35b186cb23a5da6aed042e719179b48b5786850fdb12 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id QxuwxHFdZ1q_D.Bo_WbYcZUYN4_65PMF via 1.1 varnish, 1.1 varnish etag "nEAWsCaUf+Rq5oX1bk0ZwIEtz1iyyxc880ChaOKLXx4" age 246445 x-cache HIT, HIT fastly-io-info ifsz=1125719 idim=2000x1125 ifmt=png ofsz=13556 odim=140x78 ofmt=webp x-amz-replication-status PENDING fastly-stats io=1 content-length 13556 x-amz-id-2 z+p2Gin0/NZpPvy7qS+S+05GDUwf7JxwycVI5uxEYTUXm3AV0eMqt52DcESTOA2jefKechfG1Wk= x-served-by cache-bwi5132-BWI, cache-hhn4076-HHN server AmazonS3 x-timer S1625414722.060340,VS0,VE0 date Sun, 04 Jul 2021 16:05:22 GMT vary Accept x-amz-request-id VB112D5PM4FWP7KQ access-control-allow-origin * cache-control public, max-age=31536000 x-kinja-qs auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=78&quality=60&width=140 accept-ranges bytes content-type image/webp access-control-allow-headers X-Requested-With x-cache-hits 1, 3
GET H2	200	c06d09b900e5e7171422713323e5e3e8.jpg i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_275,pg_1,q_60,w_490/	10 KB 11 KB	11ms 10ms	Image image/webp	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_275,pg_1,q_60,w_490/c06d09b900e5e7171422713323e5e3e8.jpg Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 6e2068a8ba31a3bb1b1f789dc3ac1dff20a1b542dcf7475f2af1a11e661ed545 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id KPbYoKR2LVqRqtug.nvEIEkqWb8AhqCb via 1.1 varnish, 1.1 varnish etag "KHSyXANzJHon2+fXvtruUZfDSMqEA6OXbL8Kvt5Sq7w" age 246020 x-cache HIT, HIT fastly-io-info ifsz=1864769 idim=3227x1815 ifmt=jpeg ofsz=10644 odim=490x275 ofmt=webp x-amz-replication-status PENDING fastly-stats io=1 content-length 10644 x-amz-id-2 Eesjja+9EPVhTWCmLIJDkN63kWvn2T6/5yDs2uriRL15N8e/X9mXy902jL6UD/7VYGw0OaAwibA= x-served-by cache-bwi5129-BWI, cache-hhn4076-HHN server AmazonS3 x-timer S1625414722.060450,VS0,VE0 date Sun, 04 Jul 2021 16:05:22 GMT vary Accept x-amz-request-id HAMSDRVY8DA8TJJF access-control-allow-origin * cache-control public, max-age=31536000 x-kinja-qs auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=275&quality=60&width=490 accept-ranges bytes content-type image/webp access-control-allow-headers X-Requested-With x-cache-hits 1, 4
GET H2	200	1bd3d19a3d2d8c279b8fefd36d48dda3.png i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_275,pg_1,q_60,w_490/	231 KB 232 KB	10ms 10ms	Image image/webp	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_275,pg_1,q_60,w_490/1bd3d19a3d2d8c279b8fefd36d48dda3.png Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 1b39a81820cc79fa3ffdc1774589407c7ed1e1e1af6dc20a154fa36ba876a70e Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id ZG1MTytwmviisRnnwMZ45MeY6MoAEve9 via 1.1 varnish, 1.1 varnish etag "mRRrBCPZc5RMiqcSlpL3/XXFzw1KTFttQCqTNDTD52c" age 252116 x-cache HIT, HIT fastly-io-info ifsz=10925210 idim=3000x1688 ifmt=png ofsz=236556 odim=490x275 ofmt=webp x-amz-replication-status PENDING fastly-stats io=1 content-length 236556 x-amz-id-2 qt9LQiz6PaqDRD0ad48tfrAC8L5PBWdDF4xQmemTMUDNenttVZJSSFTAapCYFkuGj3SL+geIYVc= x-served-by cache-bwi5174-BWI, cache-hhn4076-HHN server AmazonS3 x-timer S1625414722.060421,VS0,VE0 date Sun, 04 Jul 2021 16:05:22 GMT vary Accept x-amz-request-id F9NDT9TC7B8V6T3C access-control-allow-origin * cache-control public, max-age=31536000 x-kinja-qs auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=275&quality=60&width=490 accept-ranges bytes content-type image/webp access-control-allow-headers X-Requested-With x-cache-hits 1, 2
GET H2	200	d4bb0c75ca671da70f1633fce4dafdb4.png i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_275,pg_1,q_60,w_490/	93 KB 94 KB	11ms 11ms	Image image/webp	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_275,pg_1,q_60,w_490/d4bb0c75ca671da70f1633fce4dafdb4.png Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash b5a66e0e1e3366dc6acd70ef173b570c16f6d3cf514b3af40a34a0491d9bef43 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id QxuwxHFdZ1q_D.Bo_WbYcZUYN4_65PMF via 1.1 varnish, 1.1 varnish etag "R/AWQeawjzJl1QsO4w27hTAEVCuI60SFGgaxLlXQwCE" age 246444 x-cache HIT, HIT fastly-io-info ifsz=1125719 idim=2000x1125 ifmt=png ofsz=95684 odim=490x275 ofmt=webp x-amz-replication-status PENDING fastly-stats io=1 content-length 95684 x-amz-id-2 z+p2Gin0/NZpPvy7qS+S+05GDUwf7JxwycVI5uxEYTUXm3AV0eMqt52DcESTOA2jefKechfG1Wk= x-served-by cache-bwi5145-BWI, cache-hhn4076-HHN server AmazonS3 x-timer S1625414722.060515,VS0,VE0 date Sun, 04 Jul 2021 16:05:22 GMT vary Accept x-amz-request-id VB112D5PM4FWP7KQ access-control-allow-origin * cache-control public, max-age=31536000 x-kinja-qs auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=275&quality=60&width=490 accept-ranges bytes content-type image/webp access-control-allow-headers X-Requested-With x-cache-hits 1, 3
GET H2	200	users Show response gizmodo.com/api/profile/	2 KB 907 B	104ms 104ms	Fetch application/json	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/api/profile/users?ids=5876237249239860156&ids=5876237249239425997&ids=5876237249238337793&ids=5876237249238305953&ids=5876237249237753946&ids=5876237249239321184&ids=5876237249237183654&ids=5876237249238427715 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b1127829973527d64d5b54bbf6f78a60a7023dce928838c0aa6e345730c13a93 Security Headers Name Value Content-Security-Policy default-src 'self' X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /api/profile/users?ids=5876237249239860156&ids=5876237249239425997&ids=5876237249238337793&ids=5876237249238305953&ids=5876237249237753946&ids=5876237249239321184&ids=5876237249237183654&ids=5876237249238427715 pragma no-cache cookie geocc=DE; KinjaBucket=8; KinjaSetBucket=8|1625414700|wOvLhrGhx32371sMAKDR1JBO88OdYcxEr7D3dTnM+l4=; lux_uid=162541472092268238; AMP_TOKEN=%24NOT_FOUND; _ga=GA1.2.1128206324.1625414721; _gid=GA1.2.2117876764.1625414721; _gat_unique=1; _gat=1; _sp_v1_uid=1:571:af3773d6-a779-4fd6-a76f-f2e8dab32d97; _sp_v1_data=2:257192:1625414721:0:1:0:1:0:0:_:-1; _sp_v1_ss=1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlXTgyqKRGXkghkFtLC59OCWUYgEO1mB4eQAAAA%3D%3D; _sp_v1_opt=1:; _sp_v1_consent=1!0:-1:-1:-1:-1:-1; _sp_v1_csv=null; _sp_v1_lt=1:; consentUUID=a25d85a5-1b93-4231-9538-5336ff0ace5d; _dd_r=0; __k_iut=1625414721512; pageDepth=1; _cb_ls=1; _cb=5jmtRpw2ugIp9Iw; _chartbeat2=.1625414721555.1625414721555.1.COY9q9BlkzLTBFYct8C-Cw96BGccme.1; _cb_svref=null; ka=4891154b-2285-49a3-8195-b7699e401e0b|21ec7314-bf01-4b62-89b1-c2cec424c453|1625414721562; _pbjs_userid_consent_data=3524755945110770 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority gizmodo.com referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 :scheme https sec-fetch-site same-origin :method GET Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src 'self' content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies master-only age 0 x-cache MISS, MISS x-ua-device desktop x-kinja kinja-profile-kube01-6cdbc7c55c-9zpmk #162 x-cdn-fetch mantle-origin-cache content-length 735 x-xss-protection 1; mode=block x-served-by cache-bwi5162-BWI, cache-hhn4076-HHN referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-timer S1625414722.108748,VS0,VE94 x-frame-options DENY date Sun, 04 Jul 2021 16:05:22 GMT vary Accept-Encoding,Origin, Authorization, Cookie content-type application/json via 1.1 varnish, 1.1 varnish accept-ranges bytes x-robots-tag noindex, nofollow x-cache-hits 0, 0
GET H2	200	blogs Show response gizmodo.com/api/profile/	8 KB 3 KB	9ms 8ms	Fetch application/json	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/api/profile/blogs?ids=9&ids=1635821517&ids=1636027099 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/permalinkPage.5762c09860a88a398d66.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 8c02085e0f5e15cac317b3811bf98ea863bf359225f4fa9e4d620454decc2f7b Security Headers Name Value Content-Security-Policy default-src 'self' X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /api/profile/blogs?ids=9&ids=1635821517&ids=1636027099 pragma no-cache cookie geocc=DE; KinjaBucket=8; KinjaSetBucket=8|1625414700|wOvLhrGhx32371sMAKDR1JBO88OdYcxEr7D3dTnM+l4=; lux_uid=162541472092268238; AMP_TOKEN=%24NOT_FOUND; _ga=GA1.2.1128206324.1625414721; _gid=GA1.2.2117876764.1625414721; _gat_unique=1; _gat=1; _sp_v1_uid=1:571:af3773d6-a779-4fd6-a76f-f2e8dab32d97; _sp_v1_data=2:257192:1625414721:0:1:0:1:0:0:_:-1; _sp_v1_ss=1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlXTgyqKRGXkghkFtLC59OCWUYgEO1mB4eQAAAA%3D%3D; _sp_v1_opt=1:; _sp_v1_consent=1!0:-1:-1:-1:-1:-1; _sp_v1_csv=null; _sp_v1_lt=1:; consentUUID=a25d85a5-1b93-4231-9538-5336ff0ace5d; _dd_r=0; __k_iut=1625414721512; pageDepth=1; _cb_ls=1; _cb=5jmtRpw2ugIp9Iw; _chartbeat2=.1625414721555.1625414721555.1.COY9q9BlkzLTBFYct8C-Cw96BGccme.1; _cb_svref=null; ka=4891154b-2285-49a3-8195-b7699e401e0b|21ec7314-bf01-4b62-89b1-c2cec424c453|1625414721562; _pbjs_userid_consent_data=3524755945110770 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority gizmodo.com referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 :scheme https sec-fetch-site same-origin :method GET Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src 'self' content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies master-only age 13 x-cache HIT, HIT x-ua-device desktop x-kinja kinja-profile-kube03-6b78dbc8dc-9h8bg #162 x-cdn-fetch mantle-origin-cache content-length 2446 x-xss-protection 1; mode=block x-served-by cache-bwi5153-BWI, cache-hhn4076-HHN referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-timer S1625414722.121170,VS0,VE1 x-frame-options DENY date Sun, 04 Jul 2021 16:05:22 GMT vary Accept-Encoding,Origin, Authorization, Cookie content-type application/json via 1.1 varnish, 1.1 varnish accept-ranges bytes x-robots-tag noindex, nofollow x-cache-hits 1, 1
GET H2	200	vendors~channelSectionPage~commerceDashboardClient~curatedHomepage~customHeader~header~login~notific~da1c7d2b.37367c878de2452f00da.js Show response x.kinja-static.com/assets/new-client/	16 KB 4 KB	13ms 12ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/vendors~channelSectionPage~commerceDashboardClient~curatedHomepage~customHeader~header~login~notific~da1c7d2b.37367c878de2452f00da.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash bab52415ad1528e0e14bedfabdd748d62572a27dcd2ff1991d8cd9bdb0b0609a Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:22 GMT content-encoding br x-content-type-options nosniff age 23 via 1.1 varnish x-cache HIT content-length 4110 x-amz-id-2 6LKxT4aU0QD6WkDl5EB3AwXtREE9Zf8r8gFYPcjsBmOwp2HM8DXb8oywU1HnXHemH2Npw+tCBsk= x-served-by cache-hhn4076-HHN last-modified Fri, 18 Jun 2021 17:12:12 GMT server AmazonS3 x-timer S1625414722.221917,VS0,VE1 etag "32d386827751a53b5a9ede24089b312c" vary Accept-Encoding x-amz-request-id 8TAZHVP6AVGAX6YV access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 1
GET H2	200	category-stream~recent-video~related-stories~search~second-scroll~splice-editor.17174a9ed9110e2d4032.js Show response x.kinja-static.com/assets/new-client/	9 KB 3 KB	12ms 11ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/category-stream~recent-video~related-stories~search~second-scroll~splice-editor.17174a9ed9110e2d4032.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 875ee32822066752eba5ddcdf1bee1c9d4e838058c12894a39d6108067a4952c Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:22 GMT content-encoding br x-content-type-options nosniff age 106 via 1.1 varnish x-cache HIT content-length 2439 x-amz-id-2 DYNZMVFfitgZRePdyRSsFKQ+h4ca+HIyqeIGBkJqJTJsIpCnEbb6BR8fpZOPafly1rAmtL0Fn4s= x-served-by cache-hhn4076-HHN last-modified Fri, 02 Jul 2021 19:49:37 GMT server AmazonS3 x-timer S1625414722.221883,VS0,VE0 etag "ebfee2ad0587ba251984fc7a0ecb8cbb" vary Accept-Encoding x-amz-request-id X9DVEXBFN0JC2YKK access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 2
GET H2	200	homepage-edit~recent-video.f163dd1deb58684e049f.js Show response x.kinja-static.com/assets/new-client/	6 KB 2 KB	13ms 13ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/homepage-edit~recent-video.f163dd1deb58684e049f.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash b58cb9edad52380774e3cb7c217979fd2cdf1cc649df0f4f94c2cb80cf9bd23e Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:22 GMT content-encoding br x-content-type-options nosniff age 35 via 1.1 varnish x-cache HIT content-length 1878 x-amz-id-2 /utdIywuxZqPSStwkUwFkNaheeUdkeRlOEozOv6+y2nxH0KA1+gGNms/EEczAUV+3St4W1/aPfE= x-served-by cache-hhn4076-HHN last-modified Thu, 01 Jul 2021 14:04:18 GMT server AmazonS3 x-timer S1625414722.221870,VS0,VE1 etag "d4cb04f49fd6c85dfda780adec0a4a29" vary Accept-Encoding x-amz-request-id 1K1EGGC5XYH0ED87 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 1
GET H2	200	recent-video.11d25faaffd231c59254.js Show response x.kinja-static.com/assets/new-client/	28 KB 7 KB	12ms 11ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/recent-video.11d25faaffd231c59254.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 628ea1e6456ffe5cf18117a94e7ad62f4f55cb3df2a8e736fd7ed1a9c71b5c7e Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:22 GMT content-encoding br x-content-type-options nosniff age 102 via 1.1 varnish x-cache HIT content-length 7205 x-amz-id-2 PGABzOAElE4RAZXWnez1MYeJzPPcnLpKkZg+xZ/ij1WgvXWg2fM937kToW0EKO5t/zPgcnfaTZA= x-served-by cache-hhn4076-HHN last-modified Thu, 01 Jul 2021 14:04:18 GMT server AmazonS3 x-timer S1625414722.221844,VS0,VE0 etag "a0ff5fa495f2674eb5735b8fb543ef0a" vary Accept-Encoding x-amz-request-id 1K1EMCMXY9ZTVGBW access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 2
GET H2	200	4.441ea3f7fde4dca07f87.js Show response x.kinja-static.com/assets/new-client/	64 KB 13 KB	18ms 17ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/4.441ea3f7fde4dca07f87.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 79296a6a2779e827e8f0c3fe92029497ca68a3245d271fe5eac7e81108990dad Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:22 GMT content-encoding br x-content-type-options nosniff age 52 via 1.1 varnish x-cache HIT content-length 12523 x-amz-id-2 ALzWO973OWKvi3ZAOuN4QGgmXJR5JYhjalD89TCGrn4OPRL96OSPEwU2RvTyCPhu7dHTxp+zvdw= x-served-by cache-hhn4076-HHN last-modified Wed, 30 Jun 2021 21:03:57 GMT server AmazonS3 x-timer S1625414722.262284,VS0,VE0 etag "ae17c54674aa8808d4cb9b0c2f6add0a" vary Accept-Encoding x-amz-request-id KEMXXWX700Q200JK access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 2
GET H2	200	videojs.9c0e7007588c7f3c6583.js Show response x.kinja-static.com/assets/new-client/	299 B 397 B	18ms 18ms	Script application/javascript	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/new-client/videojs.9c0e7007588c7f3c6583.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a533441cfbe5e3ac6dda083802093249be1d8225a79e473b91c181bcef62d482 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:22 GMT content-encoding br x-content-type-options nosniff age 19 via 1.1 varnish x-cache HIT content-length 194 x-amz-id-2 0jYvidOmNydBBrGAgVO/ojv14p+wj2x9w+l459aKhLSgKvDot+cQF8Vxc1W13UhwGvINlbHUZBs= x-served-by cache-hhn4076-HHN last-modified Fri, 02 Jul 2021 19:49:39 GMT server AmazonS3 x-timer S1625414722.262056,VS0,VE0 etag "abef40ee11812046c82f8a1f282bb6bc" vary Accept-Encoding x-amz-request-id WMFXQ85MTP3ETSA2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type application/javascript x-cache-hits 201
GET H2	200	2e66dec6834c1586ff8584187a920c96.jpg i.kinja-img.com/gawker-media/image/upload/c_fit,f_auto,fl_progressive,pg_1,q_80,w_470/	7 KB 8 KB	8ms 7ms	Image image/webp	151.101.66.166 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.kinja-img.com/gawker-media/image/upload/c_fit,f_auto,fl_progressive,pg_1,q_80,w_470/2e66dec6834c1586ff8584187a920c96.jpg Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 966dc4f1bebc87c8499fd07001da5934cdfbe0bb04e9be685c70cccc1d554e44 Request headers Origin https://gizmodo.com Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id 9WvO4isRu2zGD2P8eKAKokUCNkcaDmtX via 1.1 varnish, 1.1 varnish etag "RVwKBprI3MgJTYPALeZn2HBWjXP7yKWRJw/R0UKPJno" age 2160318 x-cache HIT, HIT fastly-io-info ifsz=109383 idim=1920x1080 ifmt=jpeg ofsz=7212 odim=470x264 ofmt=webp x-amz-replication-status COMPLETED fastly-stats io=1 content-length 7212 x-amz-id-2 qEiwXgqxSl9S4qQZCoAUgNVFd7diG3NT2Cvxv19Om2Wyb3GFHjsugqR3PsXv441s4AAQoVsnagY= x-served-by cache-bwi5153-BWI, cache-hhn4026-HHN server AmazonS3 x-timer S1625414722.259745,VS0,VE1 date Sun, 04 Jul 2021 16:05:22 GMT vary Accept x-amz-request-id 43ZHQ9GW9AR92JPR access-control-allow-origin * x-kinja-qs auto=webp&enable=upscale&format=pjpg&frame=1&quality=80&width=470 accept-ranges bytes content-type image/webp access-control-allow-headers X-Requested-With x-cache-hits 1, 1
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	339 KB 117 KB	33ms 13ms	Script text/javascript	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:22 GMT content-encoding gzip x-content-type-options nosniff server sffe vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 118860 x-xss-protection 0 expires Sun, 04 Jul 2021 16:05:22 GMT
GET H2	200	videojs.css x.kinja-static.com/assets/stylesheets/	43 KB 11 KB	8ms 8ms	Stylesheet text/css	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/stylesheets/videojs.css Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 60c68b884400bc800bba771cd3ce25c5ebdf630ff54060a53e74bd6d7f2e81cd Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:22 GMT content-encoding gzip x-content-type-options nosniff age 52 via 1.1 varnish x-cache HIT content-length 11010 x-amz-id-2 iKGM7rRzg7LEjfud0VyAKfHC3jyDQvaR+N3LZPP6d27Wfu58i5n6a/7p2+OBNgx28EhjuNf5YGg= x-served-by cache-hhn4076-HHN last-modified Wed, 23 Jun 2021 20:17:34 GMT server AmazonS3 x-timer S1625414722.276734,VS0,VE0 etag "4b1d22003ba3219dcd5b72d7d4899a17" vary Accept-Encoding x-amz-request-id RT81RE0J09MM2S5J access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type text/css x-cache-hits 2
GET H2	200	2e66dec6834c1586ff8584187a920c96.jpg i.kinja-img.com/gawker-media/image/upload/c_fit,f_auto,fl_progressive,q_80,w_470/	7 KB 8 KB	8ms 8ms	Image image/webp	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.kinja-img.com/gawker-media/image/upload/c_fit,f_auto,fl_progressive,q_80,w_470/2e66dec6834c1586ff8584187a920c96.jpg Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 966dc4f1bebc87c8499fd07001da5934cdfbe0bb04e9be685c70cccc1d554e44 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id 9WvO4isRu2zGD2P8eKAKokUCNkcaDmtX via 1.1 varnish, 1.1 varnish etag "RVwKBprI3MgJTYPALeZn2HBWjXP7yKWRJw/R0UKPJno" age 2160318 x-cache HIT, HIT fastly-io-info ifsz=109383 idim=1920x1080 ifmt=jpeg ofsz=7212 odim=470x264 ofmt=webp x-amz-replication-status COMPLETED fastly-stats io=1 content-length 7212 x-amz-id-2 qEiwXgqxSl9S4qQZCoAUgNVFd7diG3NT2Cvxv19Om2Wyb3GFHjsugqR3PsXv441s4AAQoVsnagY= x-served-by cache-bwi5153-BWI, cache-hhn4076-HHN server AmazonS3 x-timer S1625414722.377117,VS0,VE1 date Sun, 04 Jul 2021 16:05:22 GMT vary Accept x-amz-request-id 43ZHQ9GW9AR92JPR access-control-allow-origin * x-kinja-qs auto=webp&enable=upscale&format=pjpg&frame=1&quality=80&width=470 accept-ranges bytes content-type image/webp access-control-allow-headers X-Requested-With x-cache-hits 1, 1
POST H/1.1	200 OK	sr Show response capi.connatix.com/tr/	0 292 B	109ms 109ms	XHR multipart/form-data	52.14.23.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi.connatix.com/tr/sr?v=122361 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.14.23.146 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type multipart/form-data Response headers Date Sun, 04 Jul 2021 16:05:22 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type multipart/form-data Access-Control-Allow-Origin https://gizmodo.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 20
GET H2	200	2934b761-3091-43fe-a6fe-2d7a9192b4b0.bin Show response vid.connatix.com/030921a5-43a2-41bf-ba81-0aaefe5d7fd7/	2 KB 1 KB	34ms 8ms	XHR application/octet-stream	151.101.14.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://vid.connatix.com/030921a5-43a2-41bf-ba81-0aaefe5d7fd7/2934b761-3091-43fe-a6fe-2d7a9192b4b0.bin Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash dfc054869dea21224fa637628cdb35974afa077601d3b81a4325f0838ad36ce3 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:22 GMT content-encoding gzip last-modified Sat, 03 Jul 2021 22:02:20 GMT age 64926 etag "525360696f048befea056e3f5c63f264" vary Accept-Encoding content-type application/octet-stream access-control-allow-origin * access-control-max-age 86400 cache-control public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600 accept-ranges bytes content-length 883
GET H2	200	3.png img.connatix.com/30fa4ccb-f9cc-4a11-8a53-33fb6fd450d3/	4 KB 4 KB	25ms 6ms	Image image/png	151.101.14.137 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.connatix.com/30fa4ccb-f9cc-4a11-8a53-33fb6fd450d3/3.png Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3088cf908da6bd8845a122e204cf3df63fcec2620af8fb796e8bafe8503fb2ec Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:22 GMT age 2128008 etag "A67wtioNOOR+HWqg85znIUwZo+J2Kt9dAn90DkOvtWs" access-control-max-age 86400 fastly-io-info ifsz=6950 idim=320x132 ifmt=png ofsz=3902 odim=320x132 ofmt=png access-control-allow-origin * cache-control max-age=2592000, public fastly-stats io=1 accept-ranges bytes content-type image/png content-length 3902
GET H3-29	200	bridge3.470.1_en.html Show response imasdk.googleapis.com/js/core/ Frame BCD2	576 KB 189 KB	22ms 8ms	Document text/html	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority imasdk.googleapis.com :scheme https :path /js/core/bridge3.470.1_en.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://gizmodo.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://gizmodo.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 193313 date Tue, 29 Jun 2021 16:15:51 GMT expires Wed, 29 Jun 2022 16:15:51 GMT last-modified Tue, 29 Jun 2021 16:12:08 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 431371 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	client.js Show response s0.2mdn.net/instream/video/	44 KB 17 KB	37ms 14ms	Script text/javascript	2a00:1450:4001:808::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/instream/video/client.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:22 GMT content-encoding gzip x-content-type-options nosniff server sffe vary Accept-Encoding content-type text/javascript cache-control private, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16746 x-xss-protection 0 expires Sun, 04 Jul 2021 16:05:22 GMT
GET H3-29	200	bridge3.470.1_en.html Show response imasdk.googleapis.com/js/core/ Frame B24F	576 KB 189 KB	17ms 11ms	Document text/html	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority imasdk.googleapis.com :scheme https :path /js/core/bridge3.470.1_en.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://gizmodo.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://gizmodo.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 193313 date Tue, 29 Jun 2021 16:15:51 GMT expires Wed, 29 Jun 2022 16:15:51 GMT last-modified Tue, 29 Jun 2021 16:12:08 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 431371 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	bridge3.470.1_en.html Show response imasdk.googleapis.com/js/core/ Frame 0179	576 KB 189 KB	15ms 15ms	Document text/html	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority imasdk.googleapis.com :scheme https :path /js/core/bridge3.470.1_en.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://gizmodo.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://gizmodo.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 193313 date Tue, 29 Jun 2021 16:15:51 GMT expires Wed, 29 Jun 2022 16:15:51 GMT last-modified Tue, 29 Jun 2021 16:12:08 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 431371 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	189204_240p,480p,720p,1080p.m3u8 Show response kinja-otfp.global.ssl.fastly.net/189204/	1 KB 1 KB	37ms 7ms	XHR application/x-mpegurl	151.101.1.194 FASTLY
General Check archive.org Show headers Download Go to Full URL https://kinja-otfp.global.ssl.fastly.net/189204/189204_240p,480p,720p,1080p.m3u8 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.194 , United States, ASN54113 (FASTLY, US), Reverse DNS Software otfp / Resource Hash ce735e48d4d2dc2867b54b9c506b72e215446946da224ffc17bfa1428924ac28 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Jul 2021 16:05:22 GMT Via 1.1 varnish, 1.1 varnish Age 106084 X-Cache HIT, HIT Connection keep-alive Content-Encoding gzip Content-Length 333 X-Served-By cache-bwi5181-BWI, cache-hhn4061-HHN Server otfp X-Timer S1625414723.534281,VS0,VE1 Etag "28SWecDOEiB33y428Xe7d_bl2QrGFYctk9noE9Ik8ldeRB7e05gNS3ZM-snSaY_hIOfWBp6KSFqWMG6taZupVXp9eDh2qpZ-8f5v9MNh2Skmtkog6mtqBiQZfcZzSOmICNIVKyNc33GS-1mRazA385ZQTP7LMEb65cn4BJjisGZCV2Pa2h727XQtlRGg-0vvi3VGggyHlOl2bWvE1QdgDgebIKH0HfF1U2hosrIxUZ8" Vary Accept-Encoding Strict-Transport-Security max-age=300 Content-Type application/x-mpegurl Access-Control-Allow-Origin * Fastly-Stats otfp=1 Accept-Ranges bytes X-Cache-Hits 1, 1
POST H/1.1	200 OK	ao Show response capi.connatix.com/tr/	0 292 B	110ms 110ms	XHR multipart/form-data	52.14.23.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi.connatix.com/tr/ao?v=122361 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.14.23.146 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type multipart/form-data Response headers Date Sun, 04 Jul 2021 16:05:22 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type multipart/form-data Access-Control-Allow-Origin https://gizmodo.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 20
POST H/1.1	200 OK	g Show response capi.connatix.com/rtb/	1 KB 935 B	638ms 313ms	XHR multipart/form-data	52.14.23.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi.connatix.com/rtb/g?v=122361 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.14.23.146 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 0d607e81963dbb5b8666b091a72ab4135a2ecfae79c5713f9edd5a8dfdfd607e Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type multipart/form-data Response headers Date Sun, 04 Jul 2021 16:05:23 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type multipart/form-data Access-Control-Allow-Origin https://gizmodo.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 662
POST H/1.1	200 OK	ps Show response capi.connatix.com/tr/	0 292 B	217ms 111ms	XHR multipart/form-data	52.14.23.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi.connatix.com/tr/ps?v=122361 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.14.23.146 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type multipart/form-data Response headers Date Sun, 04 Jul 2021 16:05:22 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type multipart/form-data Access-Control-Allow-Origin https://gizmodo.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 20
GET H2	200	25c49cf2-541f-4f50-aed9-d4c52fd153de.jpg img.connatix.com/030921a5-43a2-41bf-ba81-0aaefe5d7fd7/	22 KB 22 KB	7ms 7ms	Image image/jpeg	151.101.14.137 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.connatix.com/030921a5-43a2-41bf-ba81-0aaefe5d7fd7/25c49cf2-541f-4f50-aed9-d4c52fd153de.jpg?crop=590:404,smart&width=590&height=404&format=jpeg&quality=60&fit=crop Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 8c628fd678acc5535f1d797d0face3473eabb0d114c26b7533a83d95efc9b4ca Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:22 GMT age 64915 etag "ZLCQd0t1IwUBW9fVY1Uf4qobf+juZ42QLN0ZOvFosCE" access-control-max-age 86400 fastly-io-info ifsz=98192 idim=1200x675 ifmt=jpeg ofsz=22283 odim=590x404 ofmt=jpeg access-control-allow-origin * cache-control max-age=2592000, public fastly-stats io=1 accept-ranges bytes content-type image/jpeg content-length 22283
GET BLOB	200 OK	910ea5df-5743-40cf-ad0a-82b2fcf8487a https://gizmodo.com/	5 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://gizmodo.com/910ea5df-5743-40cf-ad0a-82b2fcf8487a Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 1382ac8052df72ce2aa352dbd65717c6d59790d99bdf233730b4bc1ba08c1967 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 5409 Content-Type application/javascript
GET H/1.1	200 OK	189204_240p.m3u8 Show response kinja-otfp.global.ssl.fastly.net/189204/	665 B 769 B	9ms 9ms	XHR application/x-mpegurl	151.101.1.194 FASTLY
General Check archive.org Show headers Download Go to Full URL https://kinja-otfp.global.ssl.fastly.net/189204/189204_240p.m3u8 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.194 , United States, ASN54113 (FASTLY, US), Reverse DNS Software otfp / Resource Hash 37b5a42f4ce5bea965dc44b40092774accff268ab9f3ebf1bc3954023a02ca0c Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Jul 2021 16:05:22 GMT Via 1.1 varnish, 1.1 varnish Age 119396 X-Cache HIT, HIT Connection keep-alive Content-Encoding gzip Content-Length 183 X-Served-By cache-bwi5164-BWI, cache-hhn4061-HHN Server otfp X-Timer S1625414723.604174,VS0,VE1 Etag "T5S1fv5tOrduNhXp7SgoVKibcqubY6QEInpdZV2XVdLme_pV_AJhX47IKgQdUCalS6hB8wTehozx7OzOC3XxpiV3HA" Vary Accept-Encoding Strict-Transport-Security max-age=300 Content-Type application/x-mpegurl Access-Control-Allow-Origin * Fastly-Stats otfp=1 Accept-Ranges bytes X-Cache-Hits 1, 1
GET H2	200	25c49cf2-541f-4f50-aed9-d4c52fd153de.jpg img.connatix.com/030921a5-43a2-41bf-ba81-0aaefe5d7fd7/	19 KB 19 KB	9ms 9ms	Image image/jpeg	151.101.14.137 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.connatix.com/030921a5-43a2-41bf-ba81-0aaefe5d7fd7/25c49cf2-541f-4f50-aed9-d4c52fd153de.jpg?crop=590:332,smart&width=590&height=332&format=jpeg&quality=60&fit=crop Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 2bcb616c52c2bec2640c97066fc64358836779bd46d4c4152fb1cbe0ba423525 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:22 GMT age 64915 etag "w2Up4ZGExJLhTyrpFzV85sCBvfWO2RjEjLW8RvAUXGY" access-control-max-age 86400 fastly-io-info ifsz=98192 idim=1200x675 ifmt=jpeg ofsz=19312 odim=590x332 ofmt=jpeg access-control-allow-origin * cache-control max-age=2592000, public fastly-stats io=1 accept-ranges bytes content-type image/jpeg content-length 19312
GET H2	200	455f7ed5-36bf-4aa6-b176-e50574490ce0.jpg img.connatix.com/030921a5-43a2-41bf-ba81-0aaefe5d7fd7/	14 KB 14 KB	19ms 18ms	Image image/jpeg	151.101.14.137 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.connatix.com/030921a5-43a2-41bf-ba81-0aaefe5d7fd7/455f7ed5-36bf-4aa6-b176-e50574490ce0.jpg?crop=590:332,smart&width=590&height=332&format=jpeg&quality=60&fit=crop Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d68ea61308e14cb5c6a242095f01a376abfc765d4a40def0b347493772726362 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:22 GMT age 64916 etag "uvM84cJtmwVmW9qz/9jEZgByRaIT/hLdE812XJO5QEs" access-control-max-age 86400 fastly-io-info ifsz=59389 idim=1200x675 ifmt=jpeg ofsz=14217 odim=590x332 ofmt=jpeg access-control-allow-origin * cache-control max-age=2592000, public fastly-stats io=1 accept-ranges bytes content-type image/jpeg content-length 14217
GET H2	200	dae89cf7-3583-4498-b3a6-eae7698b991c.jpg img.connatix.com/030921a5-43a2-41bf-ba81-0aaefe5d7fd7/	7 KB 7 KB	19ms 19ms	Image image/jpeg	151.101.14.137 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.connatix.com/030921a5-43a2-41bf-ba81-0aaefe5d7fd7/dae89cf7-3583-4498-b3a6-eae7698b991c.jpg?crop=590:332,smart&width=590&height=332&format=jpeg&quality=60&fit=crop Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ce7aaeec2e4da82e245000b3227a04273f3d576d5190079080f51b5f5792b22d Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:22 GMT age 64916 etag "5v0OZupiMEoU1BiDwwozuatKPHXI6Ppni602gHQ3FA4" access-control-max-age 86400 fastly-io-info ifsz=21816 idim=1200x675 ifmt=jpeg ofsz=7223 odim=590x332 ofmt=jpeg access-control-allow-origin * cache-control max-age=2592000, public fastly-stats io=1 accept-ranges bytes content-type image/jpeg content-length 7223
GET H2	200	2b326f33-de9d-436e-8fd9-04f0e147662c.jpg img.connatix.com/030921a5-43a2-41bf-ba81-0aaefe5d7fd7/	11 KB 11 KB	19ms 19ms	Image image/jpeg	151.101.14.137 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.connatix.com/030921a5-43a2-41bf-ba81-0aaefe5d7fd7/2b326f33-de9d-436e-8fd9-04f0e147662c.jpg?crop=590:332,smart&width=590&height=332&format=jpeg&quality=60&fit=crop Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 166df1a340f7cb95bbfa07547c465dc31feb095522a70b369c919148a18be67c Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:22 GMT age 64915 etag "EK2xE2lgdiX7FYvUayYulm/5/B2/8+/G61HO2Wgk+Kw" access-control-max-age 86400 fastly-io-info ifsz=44734 idim=1200x675 ifmt=jpeg ofsz=11288 odim=590x332 ofmt=jpeg access-control-allow-origin * cache-control max-age=2592000, public fastly-stats io=1 accept-ranges bytes content-type image/jpeg content-length 11288
GET H2	200	4cef0e87-2949-4175-a512-745c97b4a4ed.jpg img.connatix.com/030921a5-43a2-41bf-ba81-0aaefe5d7fd7/	11 KB 11 KB	18ms 18ms	Image image/jpeg	151.101.14.137 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.connatix.com/030921a5-43a2-41bf-ba81-0aaefe5d7fd7/4cef0e87-2949-4175-a512-745c97b4a4ed.jpg?crop=590:332,smart&width=590&height=332&format=jpeg&quality=60&fit=crop Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 472d9b5e3bde3536f75e5ac5f875934d24067f774372829eae0ff80e22e217f8 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:22 GMT age 64916 etag "GyIf0/CV6oNZwDpQtlK4xDNLgFHI1rRNTRXkfPdOlgA" access-control-max-age 86400 fastly-io-info ifsz=504514 idim=1200x675 ifmt=png ofsz=10902 odim=590x332 ofmt=jpeg access-control-allow-origin * cache-control max-age=2592000, public fastly-stats io=1 accept-ranges bytes content-type image/jpeg content-length 10902
GET H2	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4D87	36 KB 13 KB	9ms 7ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software sffe / Resource Hash a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 15:09:58 GMT content-encoding gzip x-content-type-options nosniff age 3324 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12603 x-xss-protection 0 last-modified Mon, 14 Dec 2020 16:45:56 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Sun, 04 Jul 2021 16:09:58 GMT
GET H2	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6399	36 KB 12 KB	11ms 9ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software sffe / Resource Hash a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 15:09:58 GMT content-encoding gzip x-content-type-options nosniff age 3324 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12603 x-xss-protection 0 last-modified Mon, 14 Dec 2020 16:45:56 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Sun, 04 Jul 2021 16:09:58 GMT
GET H2	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8B5E	36 KB 12 KB	9ms 8ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software sffe / Resource Hash a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 15:09:58 GMT content-encoding gzip x-content-type-options nosniff age 3324 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12603 x-xss-protection 0 last-modified Mon, 14 Dec 2020 16:45:56 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Sun, 04 Jul 2021 16:09:58 GMT
GET BLOB	200 OK	d32404ad-5a90-4c11-bdb2-0a6a3110615a https://gizmodo.com/	52 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://gizmodo.com/d32404ad-5a90-4c11-bdb2-0a6a3110615a Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b525d5b79e347e163079f3e39feb5365cf589e09333ae58153b27ebbe5ef9090 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 52795 Content-Type application/javascript
GET H/1.1	200 OK	189204_240p-1.ts Show response kinja-otfp.global.ssl.fastly.net/189204/	185 KB 186 KB	12ms 12ms	XHR video/mp2t	151.101.1.194 FASTLY
General Check archive.org Show headers Download Go to Full URL https://kinja-otfp.global.ssl.fastly.net/189204/189204_240p-1.ts Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.194 , United States, ASN54113 (FASTLY, US), Reverse DNS Software otfp / Resource Hash d19409a3e3ca7cd4d7addfaf11df14820823449c0031f90eef771f13515880c8 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Jul 2021 16:05:22 GMT Via 1.1 varnish, 1.1 varnish Age 122542 X-Cache HIT, HIT Connection keep-alive Content-Length 189880 X-Served-By cache-bwi5156-BWI, cache-hhn4061-HHN X-Fastly-Otfp-Info ss=0.000 sl=6.000 vl=98.083 rs=424x240 Server otfp X-Timer S1625414723.652035,VS0,VE1 Etag "vfQACB7ACQ0o2b2FeKc3C_PCH_WOis4qkwFTJU_V3pc1fLZdQQLpmcI216W_kvPvpt1pVCo__tgmBAw_cwGuINPeWg" Strict-Transport-Security max-age=300 Content-Type video/mp2t Access-Control-Allow-Origin * Fastly-Stats otfp=1 Accept-Ranges bytes X-Cache-Hits 1, 1
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/	83 KB 27 KB	94ms 45ms	Script text/javascript	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.040e71fc472a18014308.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:22 GMT content-encoding gzip last-modified Wed, 02 Jun 2021 14:09:58 GMT server nginx etag W/"60b79136-14aab" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Mon, 05 Jul 2021 16:05:22 GMT
POST H3-29	200	collect Show response www.google-analytics.com/j/	2 B 22 B	13ms 13ms	XHR text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1978864785&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&ul=en-us&de=UTF-8&dt=A%20Large%20Ransomware%20Attack%20May%20Have%20Ensnared%20Upwards%20of%20200%20Companies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=Video%20Load&el=kinjavideo-189204&_u=aGDACEABFAQCAC~&jid=1736290503&gjid=961973337&cid=1128206324.1625414721&tid=UA-142218-33&_gid=2117876764.1625414721&_r=1&cd39=none&cd40=none&cd42=189204&cd50=7.6.0&cd83=article&cd101=gizmodo&cd105=Gizmodo&cd111=0&cd16=article&cd22=none&cd41=clip&cd44=96-100&cd45=Hear%20the%20Table%20Manners%20of%20Canada%20Lynx%20in%20Gruesome%20Detail&cd62=none&cd63=gizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&cd65=0&cd89=none&cd120=gizmodo&cd121=outstream&cd122=none&cd129=Kinja&z=278601049 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:22 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://gizmodo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-29	200	collect Show response stats.g.doubleclick.net/j/	4 B 25 B	28ms 15ms	XHR text/plain	2a00:1450:400c:c08::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-142218-33&cid=1128206324.1625414721&jid=1736290503&gjid=961973337&_gid=2117876764.1625414721&_u=aGDACEABFAQCAC~&z=973509320 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sun, 04 Jul 2021 16:05:22 GMT content-type text/plain access-control-allow-origin https://gizmodo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	ga-audiences www.google.com/ads/	42 B 63 B	29ms 29ms	Image image/gif	2a00:1450:4001:809::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-142218-33&cid=1128206324.1625414721&jid=1736290503&_u=aGDACEABFAQCAC~&z=818556263 Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:22 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	ga-audiences www.google.de/ads/	42 B 63 B	35ms 35ms	Image image/gif	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-142218-33&cid=1128206324.1625414721&jid=1736290503&_u=aGDACEABFAQCAC~&z=818556263 Requested by Host: gizmodo.com URL: https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:22 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/	83 KB 27 KB	68ms 25ms	XHR text/javascript	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 16:05:22 GMT content-encoding gzip last-modified Wed, 02 Jun 2021 14:09:58 GMT server nginx etag W/"60b79136-14aab" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Mon, 05 Jul 2021 16:05:22 GMT
GET H2	200	checksync.php Show response hbx.media.net/ Frame 39EB	23 KB 8 KB	30ms 30ms	Document text/html	2.18.235.93 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://hbx.media.net/checksync.php?cid=8CUL2TG3D&cs=1&cv=37&hb=1&prvid=239%2C246%2C106%2C182%2C2034%2C56%2C171%2C215%2C238%2C201%2C2033%2C221%2C228%2C273%2C3018%2C148%2C184%2C23%2C80%2C126%2C222%2C236%2C3%2C77%2C82%2C3014%2C3015%2C208%2C97%2C188%2C51%2C172%2C96%2C157%2C203%2C220%2C225%2C145%2C251%2C186%2C29%2C122%2C175%2C132%2C147%2C159%2C229%2C109%2C79&vsSync=1&refUrl=&gdpr=1&gdprconsent=0&gdprstring=CPIyjCbPIyjCbAGABCENBhCgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&usp_status=0&usp_consent=1&coppa=0 Requested by Host: hbx.media.net URL: https://hbx.media.net/bidexchange.js?cid=8CUL2TG3D&version=5.1&dn=gizmodo.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-235-93.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 56c732542aa5644c4df32f074a913e1347f0a61bdf90934eba440eb6f5a2862d Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers :method GET :authority hbx.media.net :scheme https :path /checksync.php?cid=8CUL2TG3D&cs=1&cv=37&hb=1&prvid=239%2C246%2C106%2C182%2C2034%2C56%2C171%2C215%2C238%2C201%2C2033%2C221%2C228%2C273%2C3018%2C148%2C184%2C23%2C80%2C126%2C222%2C236%2C3%2C77%2C82%2C3014%2C3015%2C208%2C97%2C188%2C51%2C172%2C96%2C157%2C203%2C220%2C225%2C145%2C251%2C186%2C29%2C122%2C175%2C132%2C147%2C159%2C229%2C109%2C79&vsSync=1&refUrl=&gdpr=1&gdprconsent=0&gdprstring=CPIyjCbPIyjCbAGABCENBhCgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&usp_status=0&usp_consent=1&coppa=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://gizmodo.com/ accept-encoding gzip, deflate, br accept-language en-US cookie gdpr_status=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://gizmodo.com/ Response headers server Apache content-type text/html; charset=UTF-8 set-cookie gdpr_status=1; Expires=Wed, 05 Jan 2022 16:05:22 GMT; domain=.media.net; Path=/; sameSite=none; secure=true x-mnet-hl2 E strict-transport-security max-age=604800 vary Accept-Encoding content-encoding gzip cache-control max-age=172800 expires Tue, 06 Jul 2021 16:05:22 GMT date Sun, 04 Jul 2021 16:05:22 GMT content-length 8040
GET H2	200	syncframe Show response gum.criteo.com/ Frame 238F	291 B 590 B	14ms 14ms	Document text/html	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=gizmodo.com&gdpr=1&gdpr_consent=CPIyjCbPIyjCbAGABCENBhCgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/gomedia/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :method GET :authority gum.criteo.com :scheme https :path /syncframe?origin=publishertag&topUrl=gizmodo.com&gdpr=1&gdpr_consent=CPIyjCbPIyjCbAGABCENBhCgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://gizmodo.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://gizmodo.com/ Response headers cache-control private, max-age=0 content-type text/html; charset=utf-8 content-encoding gzip vary Accept-Encoding strict-transport-security max-age=31536000 cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp server-processing-duration-in-ticks 380 date Sun, 04 Jul 2021 16:05:22 GMT content-length 321
POST H/1.1	200 OK	g Show response capi.connatix.com/rtb/	2 B 324 B	110ms 109ms	XHR multipart/form-data	52.14.23.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi.connatix.com/rtb/g?v=122361 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.14.23.146 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash ffdbea2a5a9959ea5f9809139a0178c725fa9474a88f1cfe10f702bdb35c3cc0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type multipart/form-data Response headers Date Sun, 04 Jul 2021 16:05:23 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type multipart/form-data Access-Control-Allow-Origin https://gizmodo.com transfer-encoding chunked Connection keep-alive Access-Control-Allow-Credentials true
GET H2	200	ad Show response ssp.lkqd.net/	168 B 344 B	300ms 98ms	XHR application/xml	146.20.128.177 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://ssp.lkqd.net/ad?pid=593&sid=1081149&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=590&height=332&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=185.220.70.211&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&pageurl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=12a845be-4258-4340-bbfd-a9ecdbbb3bf0 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.128.177 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://gizmodo.com date Sun, 04 Jul 2021 16:05:23 GMT cache-control max-age=0, no-cache, no-store access-control-allow-credentials true server nginx content-encoding gzip content-type application/xml; charset=UTF-8
GET H2	200	ad Show response ssp.lkqd.net/	168 B 343 B	97ms 96ms	XHR application/xml	146.20.128.177 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://ssp.lkqd.net/ad?pid=593&sid=1081147&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=590&height=332&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=185.220.70.211&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&pageurl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=5645f856-53c1-4cf3-a14f-ce15b4a94b7b Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.128.177 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://gizmodo.com date Sun, 04 Jul 2021 16:05:23 GMT cache-control max-age=0, no-cache, no-store access-control-allow-credentials true server nginx content-encoding gzip content-type application/xml; charset=UTF-8
GET H2	200	ad Show response ssp.lkqd.net/	168 B 343 B	96ms 96ms	XHR application/xml	146.20.128.177 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://ssp.lkqd.net/ad?pid=593&sid=1081151&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=590&height=332&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=185.220.70.211&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&pageurl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=6a869195-5e11-491d-a65e-5030fdaa7b8a Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.128.177 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://gizmodo.com date Sun, 04 Jul 2021 16:05:23 GMT cache-control max-age=0, no-cache, no-store access-control-allow-credentials true server nginx content-encoding gzip content-type application/xml; charset=UTF-8
GET H3-29	200	show_companion_ad.js Show response pagead2.googlesyndication.com/pagead/	14 KB 6 KB	8ms 7ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/show_companion_ad.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061751 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash 3879a0fc2d086133ea0ed7f74ac0bdc275c0bb42232e6b916a1d9579a400345c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 15:23:00 GMT content-encoding gzip x-content-type-options nosniff age 2543 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5950 x-xss-protection 0 server cafe etag 2487224863526668102 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 timing-allow-origin * expires Sun, 04 Jul 2021 16:23:00 GMT
GET H2	200	sync Show response gum.criteo.com/	53 B 366 B	15ms 15ms	Script text/javascript	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sync?r=2&c=321&j=window.advBidxc.crt&gdpr=1&gdpr_consent=CPIyjCbPIyjCbAGABCENBhCgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&us_privacy=&gdpr_pd=0 Requested by Host: hbx.media.net URL: https://hbx.media.net/bidexchange.js?cid=8CUL2TG3D&version=5.1&dn=gizmodo.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash d236e1af7b71e2ccd2d2fab9d9ba66893d95c884663688306742f8934aec7594 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip date Sun, 04 Jul 2021 16:05:23 GMT vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control private, max-age=3600 server-processing-duration-in-ticks 1657 content-length 169 expires 60
POST H/1.1	200 OK	/ Show response colossusssp.com/	2 B 238 B	91ms 90ms	XHR application/json	88.214.207.207 NATCOWEB
General Check archive.org Show headers Download Go to Full URL https://colossusssp.com/?c=o&m=multi Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 88.214.207.207 , United Kingdom, ASN46636 (NATCOWEB, US), Reverse DNS Software nginx / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin https://gizmodo.com Date Sun, 04 Jul 2021 16:05:28 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Content-Length 2 Content-Type application/json
GET H2	200	ad Show response ssp.lkqd.net/	168 B 343 B	96ms 96ms	XHR application/xml	146.20.128.177 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://ssp.lkqd.net/ad?pid=593&sid=1081148&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=590&height=332&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=185.220.70.211&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&pageurl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=5971d37b-dddd-4d84-9c09-ad888555daf9 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.128.177 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://gizmodo.com date Sun, 04 Jul 2021 16:05:23 GMT cache-control max-age=0, no-cache, no-store access-control-allow-credentials true server nginx content-encoding gzip content-type application/xml; charset=UTF-8
GET H2	200	rtbsspub cdn-geuw1-xch.media.net/AdExchange/	18 KB 2 KB	29ms 29ms	EventSource text/event-stream	23.62.140.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn-geuw1-xch.media.net/AdExchange/rtbsspub?&prvReqId=67943183709800041625414723847&gdpr=1&gdprconsent=0&gdprstring=CPIyjCbPIyjCbAGABCENBhCgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&cid=8CUL2TG3D&itype=HB&ptrid=8PRL4E7N3&sd=-1&requestString=677734661*23%7C320x50%7C1722916%7C18816281%7C%7C%7C1%40677734661*29%7C300x50~320x50%7C12156%7C317126_1626192~317126_1626192_43%7C%7C%7C1%40677734661*51%7C300x50~320x50%7C1703006%7C18682188~18682188%7C0.43%7C%7C1%40677734661*106%7C300x50~320x50%7C541006788%7C541006790~541006790%7C%7C%7C1%40677734661*145%7C320x50~300x50%7C100600%7C499192~499192%7C0.4%7C%7C1%40677734661*175%7C320x50~300x50%7C8CUL2TG3D%7C677734661_8CUL2TG3D~677734661_8CUL2TG3D%7C0.43%7C%7C1%40677734661*201%7C300x50~320x50%7C8CUL2TG3D%7C677734661_8CUL2TG3D~677734661_8CUL2TG3D%7C0.37%7C%7C1%40677734661*203%7C320x50~300x50%7C8CUL2TG3D%7C677734661_8CUL2TG3D~677734661_8CUL2TG3D%7C0.27%7C%7C1%40677734661*222%7C300x50~320x50%7C8CUL2TG3D%7C677734661_8CUL2TG3D~677734661_8CUL2TG3D%7C0.37%7C%7C1%40677734661*228%7C300x50~320x50%7C8CUL2TG3D%7C677734661_8CUL2TG3D~677734661_8CUL2TG3D%7C%7C%7C1%40677734661*236%7C320x50~300x50%7C159463%7C2927740_715385~2927740_715385%7C0.33%7C%7C1%40677734661*251%7C320x50%7C8CUL2TG3D%7C677734661_8CUL2TG3D%7C%7C%7C1%40677734661*273%7C300x50~320x50%7C8CUL2TG3D%7C677734661_8CUL2TG3D~677734661_8CUL2TG3D%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.07613893803053817&tscode=1&crid=677734661&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fgizmodo.com&https=1&requrl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=7656&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&taginfo=%7B%22677734661%22%3A%7B%22supply_tag_id%22%3A%22div-gpt-ad-1589549806211-a66f0b41-f33d-48c0-ba87-3bb0d9032f9d%22%2C%22xps%22%3A576.21875%2C%22yps%22%3A2401.390625%7D%7D&encryptionVersion=0.0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-62-140-165.deploy.static.akamaitechnologies.com Software / Resource Hash eadaec65448cec81d19ee63ed107774c133a4c19918ebc46488d1d80ee2679d5 Request headers Accept text/event-stream Cache-Control no-cache Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:23 GMT content-encoding gzip vary accept-encoding content-type text/event-stream;charset=UTF-8 access-control-allow-origin https://gizmodo.com cache-control max-age=0, no-cache, no-store access-control-allow-credentials true timing-allow-origin *, * expires Sun, 04 Jul 2021 16:05:23 GMT
GET H2	200	sync Show response gum.criteo.com/	53 B 366 B	14ms 14ms	Script text/javascript	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sync?r=2&c=321&j=window.advBidxc.crt&gdpr=1&gdpr_consent=CPIyjCbPIyjCbAGABCENBhCgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&us_privacy=&gdpr_pd=0 Requested by Host: hbx.media.net URL: https://hbx.media.net/bidexchange.js?cid=8CUL2TG3D&version=5.1&dn=gizmodo.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash d236e1af7b71e2ccd2d2fab9d9ba66893d95c884663688306742f8934aec7594 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip date Sun, 04 Jul 2021 16:05:22 GMT vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control private, max-age=3600 server-processing-duration-in-ticks 1326 content-length 169 expires 60
GET H2	200	rtbsspub cdn-geuw1-xch.media.net/AdExchange/	2 KB 1 KB	25ms 25ms	EventSource text/event-stream	23.62.140.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn-geuw1-xch.media.net/AdExchange/rtbsspub?&prvReqId=44543614319771811625414723861&gdpr=1&gdprconsent=0&gdprstring=CPIyjCbPIyjCbAGABCENBhCgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&cid=8CUL2TG3D&itype=HB&ptrid=8PRL4E7N3&sd=-1&requestString=677734661*97%7C320x50~300x50%7C8CUL2TG3D%7C677734661_8CUL2TG3D~677734661_8CUL2TG3D%7C0.54%7C%7C1&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.7505595337913913&tscode=1&crid=677734661&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fgizmodo.com&https=1&requrl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=7656&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&taginfo=%7B%22677734661%22%3A%7B%22supply_tag_id%22%3A%22div-gpt-ad-1589549806211-a66f0b41-f33d-48c0-ba87-3bb0d9032f9d%22%2C%22xps%22%3A576.21875%2C%22yps%22%3A2401.390625%7D%7D&encryptionVersion=0.0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-62-140-165.deploy.static.akamaitechnologies.com Software / Resource Hash 074335fe763b5328ef78ba75ef170f482251e4a4e8707439298ec4b1b4ef0258 Request headers Accept text/event-stream Cache-Control no-cache Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:23 GMT content-encoding gzip vary accept-encoding content-type text/event-stream;charset=UTF-8 access-control-allow-origin https://gizmodo.com cache-control max-age=0, no-cache, no-store access-control-allow-credentials true timing-allow-origin *, * expires Sun, 04 Jul 2021 16:05:23 GMT
POST H2	200	beacon Show response gizmodo.com/api/kala/stats/	49 B 548 B	128ms 128ms	Fetch application/json	151.101.194.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://gizmodo.com/api/kala/stats/beacon?pageType=permalink Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 05fddbe5beb38d7f2552ee3374eae0ae8ee2d4c32ea632d20bdeaef35a26157d Security Headers Name Value Content-Security-Policy default-src 'self' X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-fetch-mode cors origin https://gizmodo.com accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest empty cookie geocc=DE; KinjaBucket=8; KinjaSetBucket=8|1625414700|wOvLhrGhx32371sMAKDR1JBO88OdYcxEr7D3dTnM+l4=; lux_uid=162541472092268238; AMP_TOKEN=%24NOT_FOUND; _ga=GA1.2.1128206324.1625414721; _gid=GA1.2.2117876764.1625414721; _gat_unique=1; _gat=1; _sp_v1_uid=1:571:af3773d6-a779-4fd6-a76f-f2e8dab32d97; _sp_v1_data=2:257192:1625414721:0:1:0:1:0:0:_:-1; _sp_v1_ss=1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlXTgyqKRGXkghkFtLC59OCWUYgEO1mB4eQAAAA%3D%3D; _sp_v1_opt=1:; _sp_v1_consent=1!0:-1:-1:-1:-1:-1; _sp_v1_csv=null; _sp_v1_lt=1:; consentUUID=a25d85a5-1b93-4231-9538-5336ff0ace5d; _dd_r=0; __k_iut=1625414721512; pageDepth=1; _cb_ls=1; _cb=5jmtRpw2ugIp9Iw; _chartbeat2=.1625414721555.1625414721555.1.COY9q9BlkzLTBFYct8C-Cw96BGccme.1; _cb_svref=null; ka=4891154b-2285-49a3-8195-b7699e401e0b|21ec7314-bf01-4b62-89b1-c2cec424c453|1625414721562; _pbjs_userid_consent_data=3524755945110770; _gat_kinjavideo189204=1 content-length 1085 :path /api/kala/stats/beacon?pageType=permalink pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/json accept */* cache-control no-cache :authority gizmodo.com referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 :scheme https sec-fetch-site same-origin :method POST Referer https://gizmodo.com/a-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers content-security-policy default-src 'self' content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies master-only via 1.1 varnish, 1.1 varnish x-cache MISS, MISS x-ua-device desktop x-kinja kinja-kala-kube01-5d5469547c-52fjb #55 x-cdn-fetch mantle-default content-length 73 x-xss-protection 1; mode=block x-served-by cache-bwi5151-BWI, cache-hhn4076-HHN referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-timer S1625414724.934700,VS0,VE120 x-frame-options DENY date Sun, 04 Jul 2021 16:05:24 GMT vary Accept-Encoding,Origin, Authorization, Cookie content-type application/json access-control-allow-origin https://gizmodo.com accept-ranges bytes x-robots-tag noindex, nofollow x-cache-hits 0, 0
GET H2	200	ad Show response ssp.lkqd.net/	168 B 343 B	97ms 97ms	XHR application/xml	146.20.128.177 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://ssp.lkqd.net/ad?pid=593&sid=1081146&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=590&height=332&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=185.220.70.211&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&pageurl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=1ab77cdf-1ddd-47ce-aba4-50039ebaea9b Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.128.177 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://gizmodo.com date Sun, 04 Jul 2021 16:05:23 GMT cache-control max-age=0, no-cache, no-store access-control-allow-credentials true server nginx content-encoding gzip content-type application/xml; charset=UTF-8
GET H2	200	ad Show response ssp.lkqd.net/	168 B 343 B	97ms 96ms	XHR application/xml	146.20.128.177 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://ssp.lkqd.net/ad?pid=593&sid=1081150&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=590&height=332&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=185.220.70.211&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&pageurl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=2756c02d-d701-43ec-9c12-6269352c3083 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.128.177 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://gizmodo.com date Sun, 04 Jul 2021 16:05:24 GMT cache-control max-age=0, no-cache, no-store access-control-allow-credentials true server nginx content-encoding gzip content-type application/xml; charset=UTF-8
POST		id api.britepool.com/v1/britepool/	0 0
OPTIONS		id api.britepool.com/v1/britepool/ Frame	0 0
GET H/1.1	204 No content	push_sync sofia.trustx.org/	0 275 B	113ms 113ms	Image text/html	35.211.168.6 GOOGLE-2
General Check archive.org Show headers Download Go to Show image Full URL https://sofia.trustx.org/push_sync Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.211.168.6 North Charleston, United States, ASN19527 (GOOGLE-2, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Jul 2021 16:05:25 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Type text/html; charset=UTF-8 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H2	200	cksync.php cs.media.net/	45 B 376 B	32ms 25ms	Image image/gif	2.18.235.93 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cs.media.net/cksync.php?cs=8 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-235-93.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Jul 2021 16:05:25 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" content-type image/gif cache-control max-age=0, no-cache, no-store timing-allow-origin * content-length 45 x-mnet-hl2 E expires Sun, 04 Jul 2021 16:05:25 GMT
POST H/1.1	200 OK	abt Show response capi.connatix.com/tr/	0 292 B	113ms 113ms	XHR multipart/form-data	52.14.23.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi.connatix.com/tr/abt?v=122361 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.14.23.146 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type multipart/form-data Response headers Date Sun, 04 Jul 2021 16:05:27 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type multipart/form-data Access-Control-Allow-Origin https://gizmodo.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 20
POST H/1.1	200 OK	st Show response capi.connatix.com/tr/	0 292 B	113ms 113ms	XHR multipart/form-data	52.14.23.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi.connatix.com/tr/st?v=122361 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.14.23.146 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type multipart/form-data Response headers Date Sun, 04 Jul 2021 16:05:29 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type multipart/form-data Access-Control-Allow-Origin https://gizmodo.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 20
GET H2	200	ad Show response ssp.lkqd.net/	168 B 343 B	105ms 105ms	XHR application/xml	146.20.128.177 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://ssp.lkqd.net/ad?pid=593&sid=1081149&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=590&height=332&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=185.220.70.211&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&pageurl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=132923b6-924d-4715-8387-a78a4f737733 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.128.177 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://gizmodo.com date Sun, 04 Jul 2021 16:05:29 GMT cache-control max-age=0, no-cache, no-store access-control-allow-credentials true server nginx content-encoding gzip content-type application/xml; charset=UTF-8
GET H2	200	ad Show response ssp.lkqd.net/	168 B 343 B	96ms 96ms	XHR application/xml	146.20.128.177 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://ssp.lkqd.net/ad?pid=593&sid=1081147&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=590&height=332&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=185.220.70.211&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&pageurl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=06cd9971-7df7-485a-9d9c-82281cdf4fec Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.128.177 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://gizmodo.com date Sun, 04 Jul 2021 16:05:29 GMT cache-control max-age=0, no-cache, no-store access-control-allow-credentials true server nginx content-encoding gzip content-type application/xml; charset=UTF-8
GET H2	200	ad Show response ssp.lkqd.net/	168 B 343 B	96ms 96ms	XHR application/xml	146.20.128.177 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://ssp.lkqd.net/ad?pid=593&sid=1081151&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=590&height=332&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=185.220.70.211&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&pageurl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=31f2c6a5-b116-4d85-bc6f-066975876031 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.128.177 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://gizmodo.com date Sun, 04 Jul 2021 16:05:29 GMT cache-control max-age=0, no-cache, no-store access-control-allow-credentials true server nginx content-encoding gzip content-type application/xml; charset=UTF-8
GET H2	200	ad Show response ssp.lkqd.net/	168 B 343 B	116ms 116ms	XHR application/xml	146.20.128.177 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://ssp.lkqd.net/ad?pid=593&sid=1081148&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=590&height=332&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=185.220.70.211&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&pageurl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=9b024795-14c1-465e-9f0e-6fbf0693e8e0 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.128.177 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://gizmodo.com date Sun, 04 Jul 2021 16:05:30 GMT cache-control max-age=0, no-cache, no-store access-control-allow-credentials true server nginx content-encoding gzip content-type application/xml; charset=UTF-8
GET H2	200	ad Show response ssp.lkqd.net/	168 B 343 B	96ms 96ms	XHR application/xml	146.20.128.177 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://ssp.lkqd.net/ad?pid=593&sid=1081146&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=590&height=332&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=185.220.70.211&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&pageurl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=de8abd53-5458-41cf-85eb-df49ff1d65ef Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.128.177 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://gizmodo.com date Sun, 04 Jul 2021 16:05:30 GMT cache-control max-age=0, no-cache, no-store access-control-allow-credentials true server nginx content-encoding gzip content-type application/xml; charset=UTF-8
GET H2	200	ad Show response ssp.lkqd.net/	168 B 343 B	251ms 250ms	XHR application/xml	146.20.128.177 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://ssp.lkqd.net/ad?pid=593&sid=1081150&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=590&height=332&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=185.220.70.211&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&pageurl=https%3A%2F%2Fgizmodo.com%2Fa-large-ransomware-attack-may-have-ensnared-hundreds-of-1847222405&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=ef888948-c121-460e-842d-16e42e9e9c16 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.128.177 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://gizmodo.com date Sun, 04 Jul 2021 16:05:30 GMT cache-control max-age=0, no-cache, no-store access-control-allow-credentials true server nginx content-encoding gzip content-type application/xml; charset=UTF-8
POST H/1.1	200 OK	abt Show response capi.connatix.com/tr/	0 292 B	111ms 111ms	XHR multipart/form-data	52.14.23.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi.connatix.com/tr/abt?v=122361 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.14.23.146 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type multipart/form-data Response headers Date Sun, 04 Jul 2021 16:05:32 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type multipart/form-data Access-Control-Allow-Origin https://gizmodo.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 20
POST H/1.1	200 OK	g Show response capi.connatix.com/rtb/	501 B 581 B	190ms 190ms	XHR multipart/form-data	52.14.23.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi.connatix.com/rtb/g?v=122361 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.14.23.146 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 1816f4f0ec241f0b27176782d5fa277fd7da648d994331d3572b80ba796babdb Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type multipart/form-data Response headers Date Sun, 04 Jul 2021 16:05:33 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type multipart/form-data Access-Control-Allow-Origin https://gizmodo.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 308
POST H/1.1	200 OK	g Show response capi.connatix.com/rtb/	2 B 300 B	109ms 109ms	XHR multipart/form-data	52.14.23.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi.connatix.com/rtb/g?v=122361 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.14.23.146 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash ffdbea2a5a9959ea5f9809139a0178c725fa9474a88f1cfe10f702bdb35c3cc0 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type multipart/form-data Response headers Date Sun, 04 Jul 2021 16:05:33 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type multipart/form-data Access-Control-Allow-Origin https://gizmodo.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 28
POST H/1.1	200 OK	st Show response capi.connatix.com/tr/	0 292 B	109ms 109ms	XHR multipart/form-data	52.14.23.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://capi.connatix.com/tr/st?v=122361 Requested by Host: x.kinja-static.com URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~ac135e6b.3bd0adb4e812889625c1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.14.23.146 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://gizmodo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type multipart/form-data Response headers Date Sun, 04 Jul 2021 16:05:37 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type multipart/form-data Access-Control-Allow-Origin https://gizmodo.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 20

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

adserver-us.adtech.advertising.com

URL

https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/5204333/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=19cdd6dc0206b2;misc=1625414721019;gdpr=1;

Domain

adserver-us.adtech.advertising.com

URL

https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/5204322/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=2d0e64c4269f09;misc=1625414721032;gdpr=1;

Domain

adserver-us.adtech.advertising.com

URL

https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/5204319/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=3b78319a1d034f;misc=1625414721033;gdpr=1;

Domain

adserver-us.adtech.advertising.com

URL

https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/5204333/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=4eeff783b55cad;misc=1625414721039;gdpr=1;

Domain

adserver-us.adtech.advertising.com

URL

https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/5204322/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5a9cd7e83bf667;misc=1625414721042;gdpr=1;

Domain

adserver-us.adtech.advertising.com

URL

https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/5204319/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=67dfd3a5dc289d;misc=1625414721044;gdpr=1;

Domain

api.britepool.com

URL

https://api.britepool.com/v1/britepool/id

Domain

api.britepool.com

URL

https://api.britepool.com/v1/britepool/id