www.zdnet.com Open in urlscan Pro
2.18.233.143 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Submission: On March 21 via automatic, source hackernews (March 21st 2019, 5:19:43 pm UTC)

Summary HTTP 132 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 42 IPs in 4 countries across 37 domains to perform 132 HTTP transactions. The main IP is 2.18.233.143, located in European Union and belongs to AKAMAI-AS - Akamai Technologies, Inc., US. The main domain is www.zdnet.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on November 26th 2018. Valid for: 7 months.

This is the only time www.zdnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2.18.233.143 2.18.233.143	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
33	2.18.233.149 2.18.233.149	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
7	104.107.252.81 104.107.252.81	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	23.52.55.108 23.52.55.108	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
8	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.230.95.142 54.230.95.142	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	18.214.158.180 18.214.158.180	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	172.217.16.166 172.217.16.166	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE - Google LLC)
2 3	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	52.51.38.48 52.51.38.48	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	151.101.122.133 151.101.122.133	54113 (FASTLY) (FASTLY - Fastly)
10	68.232.35.180 68.232.35.180	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
10	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
3	104.111.214.229 104.111.214.229	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba1b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6810:a20d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
8	2606:4700::68... 2606:4700::6810:4ea5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2 6	34.246.247.78 34.246.247.78	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	64.30.230.22 64.30.230.22	6623 (CBSI-1) (CBSI-1 - CBS Interactive Inc.)
1	104.109.87.166 104.109.87.166	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700:20:... 2606:4700:20::6819:a222	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2600:9000:200... 2600:9000:200c:3400:15:efbc:e300:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.5.125.127 52.5.125.127	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	34.235.206.33 34.235.206.33	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	104.123.104.241 104.123.104.241	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2 2	34.192.38.147 34.192.38.147	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
3	54.171.224.12 54.171.224.12	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2 2	34.251.85.190 34.251.85.190	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3 4	18.195.251.148 18.195.251.148	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 4	52.213.58.51 52.213.58.51	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	54.154.175.204 54.154.175.204	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.213.106.142 52.213.106.142	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	63.140.43.37 63.140.43.37	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
2	23.99.128.52 23.99.128.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
132	42

3 2.18.233.143 (European Union) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-143.deploy.static.akamaitechnologies.com

www.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2.18.233.149 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-149.deploy.static.akamaitechnologies.com

zdnet4.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet3.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet2.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet1.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.107.252.81 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-107-252-81.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.21 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.55.108 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-52-55-108.deploy.static.akamaitechnologies.com

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.95.142 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-142.fra2.r.cloudfront.net

native.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.214.158.180 (Cambridge, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-214-158-180.compute-1.amazonaws.com

l.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.166 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f166.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.194 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.200 (San Francisco, United States) 2 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.38.48 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-51-38-48.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.122.133 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

vidtech.cbsinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 68.232.35.180 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.214.229 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-214-229.deploy.static.akamaitechnologies.com

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
364bf6cc.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba1b (European Union)

ASN20940 (AKAMAI-ASN1, US)

iicbsi-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:a20d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:4ea5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.246.247.78 (United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-246-247-78.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.30.230.22 (Fort Lauderdale, United States)

ASN6623 (CBSI-1 - CBS Interactive Inc., US)
PTR: phx2-dw-cbsi-xw-ext-lb.cnet.com

dw.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.87.166 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-87-166.deploy.static.akamaitechnologies.com

www.everestjs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::6819:a222 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200c:3400:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

js.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.5.125.127 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-5-125-127.compute-1.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.206.33 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-235-206-33.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.123.104.241 (Amsterdam, Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-123-104-241.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.192.38.147 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-192-38-147.compute-1.amazonaws.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.171.224.12 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-224-12.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (European Union) 2 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.85.190 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-251-85-190.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.195.251.148 (Cambridge, United States) 3 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-251-148.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.213.58.51 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-213-58-51.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.175.204 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-175-204.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.106.142 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-213-106-142.eu-west-1.compute.amazonaws.com

cbsi.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.43.37 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: cbsi.com.ssl.sc.omtrdc.net

saa.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.99.128.52 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: waws-prod-dm1-001.cloudapp.net

lightboxapi2.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lightboxapi3.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	cbsistatic.com zdnet4.cbsistatic.com zdnet3.cbsistatic.com zdnet2.cbsistatic.com zdnet1.cbsistatic.com	697 KB
11	twimg.com cdn.syndication.twimg.com abs.twimg.com pbs.twimg.com ton.twimg.com	85 KB
11	twitter.com 2 redirects platform.twitter.com syndication.twitter.com	110 KB
10	ml314.com 2 redirects ml314.com in.ml314.com	17 KB
10	tiqcdn.com tags.tiqcdn.com	76 KB
8	lightboxcdn.com www.lightboxcdn.com	178 KB
7	evidon.com c.evidon.com	79 KB
5	demdex.net 1 redirects dpm.demdex.net cbsi.demdex.net	4 KB
5	cbsi.com dw.cbsi.com saa.cbsi.com	11 KB
5	viglink.com cdn.viglink.com api.viglink.com	29 KB
4	eyeota.net 3 redirects ps.eyeota.net	1 KB
3	tru.am tru.am beacon.tru.am	14 KB
3	go-mpulse.net c.go-mpulse.net	57 KB
3	zdnet.com 1 redirects www.zdnet.com	182 KB
2	azurewebsites.net lightboxapi2.azurewebsites.net lightboxapi3.azurewebsites.net	738 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	mathtag.com 2 redirects pixel.mathtag.com	1 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com	852 B
2	agkn.com js.agkn.com d.agkn.com	3 KB
2	doubleclick.net ad.doubleclick.net securepubads.g.doubleclick.net	58 KB
2	betrad.com l.betrad.com	240 B
1	gstatic.com fonts.gstatic.com	13 KB
1	jsdelivr.net cdn.jsdelivr.net	2 KB
1	googleapis.com fonts.googleapis.com	439 B
1	bluekai.com 1 redirects tags.bluekai.com	341 B
1	akstat.io 364bf6cc.akstat.io	354 B
1	everestjs.net www.everestjs.net	6 KB
1	akamaihd.net iicbsi-a.akamaihd.net	262 B
1	cbsinteractive.com vidtech.cbsinteractive.com	203 KB
1	adsrvr.org match.adsrvr.org	525 B
1	google.com adservice.google.com	490 B
1	google.de adservice.google.de	490 B
1	sharethrough.com native.sharethrough.com	108 KB
1	youtube.com www.youtube.com
1	googletagservices.com www.googletagservices.com	11 KB
1	indexww.com js-sec.indexww.com	26 KB
0	onmodulus.net Failed lightboxgeoipjsonp-88248.onmodulus.net Failed
132	37

	Domain	Requested by
15	zdnet4.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com
10	tags.tiqcdn.com	zdnet2.cbsistatic.com tags.tiqcdn.com
9	ml314.com	2 redirects tags.tiqcdn.com ml314.com www.zdnet.com
8	www.lightboxcdn.com	www.zdnet.com www.lightboxcdn.com
8	platform.twitter.com	www.zdnet.com platform.twitter.com
7	c.evidon.com	www.zdnet.com c.evidon.com
7	zdnet1.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com
7	zdnet2.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com
4	dpm.demdex.net	1 redirects www.zdnet.com tags.tiqcdn.com
4	ps.eyeota.net	3 redirects www.zdnet.com
4	pbs.twimg.com	www.zdnet.com
4	zdnet3.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com
3	ton.twimg.com	platform.twitter.com www.zdnet.com
3	dw.cbsi.com	tags.tiqcdn.com www.zdnet.com
3	cdn.viglink.com	tags.tiqcdn.com www.zdnet.com
3	abs.twimg.com	www.zdnet.com
3	syndication.twitter.com	2 redirects www.zdnet.com
3	c.go-mpulse.net	www.zdnet.com zdnet1.cbsistatic.com c.go-mpulse.net
3	www.zdnet.com	1 redirects www.zdnet.com
2	saa.cbsi.com	tags.tiqcdn.com
2	api.viglink.com	cdn.viglink.com
2	sync.crwdcntrl.net	2 redirects
2	pixel.mathtag.com	2 redirects
2	idsync.rlcdn.com	2 redirects
2	tru.am	tags.tiqcdn.com tru.am
2	l.betrad.com	www.zdnet.com
1	lightboxapi3.azurewebsites.net	www.zdnet.com
1	fonts.gstatic.com	www.lightboxcdn.com
1	cdn.jsdelivr.net	www.lightboxcdn.com
1	fonts.googleapis.com	www.lightboxcdn.com
1	lightboxapi2.azurewebsites.net	www.lightboxcdn.com
1	cbsi.demdex.net	tags.tiqcdn.com
1	tags.bluekai.com	1 redirects
1	beacon.tru.am	tru.am
1	in.ml314.com	ml314.com
1	d.agkn.com	js.agkn.com
1	364bf6cc.akstat.io	zdnet1.cbsistatic.com
1	js.agkn.com	tags.tiqcdn.com
1	www.everestjs.net	tags.tiqcdn.com
1	iicbsi-a.akamaihd.net	tags.tiqcdn.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	vidtech.cbsinteractive.com	zdnet2.cbsistatic.com
1	match.adsrvr.org	js-sec.indexww.com
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	ad.doubleclick.net	www.zdnet.com
1	native.sharethrough.com	www.zdnet.com
1	www.youtube.com	www.zdnet.com
1	www.googletagservices.com	www.zdnet.com
1	js-sec.indexww.com	www.zdnet.com
0	lightboxgeoipjsonp-88248.onmodulus.net Failed	www.lightboxcdn.com
132	52

This site contains links to these domains. Also see Links.

Domain
www.zdnet.com.cn
www.zdnet.fr
www.zdnet.de
www.zdnet.co.kr
japan.zdnet.com
www.techrepublic.com
downloads.zdnet.com
www.youtube.com
github.com
decrypter.emsisoft.com
www.nytimes.com
www.theverge.com
en.wikipedia.org
variety.com
www.cnet.com
cbsi.force.com
www.cbsinteractive.com
cbsi.secure.force.com
www.facebook.com
twitter.com
www.linkedin.com
legalterms.cbsinteractive.com
narratives.zdnet.com
academy.zdnet.com

Subject Issuer	Validity	Valid
www.cbs.com GeoTrust RSA CA 2018	`2018-11-26` - `2019-06-22`	7 months	crt.sh
cc.cnetcontent.com DigiCert SHA2 Secure Server CA	`2019-01-25` - `2020-01-25`	a year	crt.sh
*.evidon.com DigiCert ECC Secure Server CA	`2019-02-01` - `2020-05-02`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-01-09` - `2020-03-09`	a year	crt.sh
akstat.io DigiCert ECC Secure Server CA	`2018-03-12` - `2019-05-11`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
*.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.sharethrough.com Go Daddy Secure Certificate Authority - G2	`2018-09-18` - `2019-11-17`	a year	crt.sh
l.betrad.com Go Daddy Secure Certificate Authority - G2	`2017-04-25` - `2019-06-24`	2 years	crt.sh
*.doubleclick.net Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-01-24` - `2020-01-24`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2017-02-15` - `2019-04-19`	2 years	crt.sh
vidtech.cbsinteractive.com DigiCert SHA2 High Assurance Server CA	`2018-12-13` - `2020-12-17`	2 years	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2017-10-25` - `2020-05-13`	3 years	crt.sh
a248.e.akamai.net DigiCert ECC Secure Server CA	`2018-10-18` - `2019-10-18`	a year	crt.sh
ssl418259.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-02` - `2019-09-08`	6 months	crt.sh
ssl516460.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-16` - `2019-09-22`	6 months	crt.sh
*.ml314.com Amazon	`2019-03-16` - `2020-04-16`	a year	crt.sh
*.cbsi.com DigiCert SHA2 High Assurance Server CA	`2017-11-07` - `2021-02-04`	3 years	crt.sh
www.everestjs.net DigiCert SHA2 Secure Server CA	`2018-10-15` - `2020-10-15`	2 years	crt.sh
ssl389962.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-01-10` - `2019-07-19`	6 months	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2018-06-21` - `2020-09-16`	2 years	crt.sh
www.eyeota.com COMODO RSA Domain Validation Secure Server CA	`2018-02-12` - `2021-02-11`	3 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
viglink.com Amazon	`2019-02-09` - `2020-03-09`	a year	crt.sh
saa.cbsi.com DigiCert SHA2 High Assurance Server CA	`2018-05-19` - `2019-08-22`	a year	crt.sh
*.azurewebsites.net Microsoft IT TLS CA 4	`2017-12-17` - `2019-12-17`	2 years	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
ssl363648.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-10-27` - `2019-05-05`	6 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Frame ID: 67FA8CA211EA8603C8CAD53DCEF7AF96
Requests: 128 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Frame ID: A53953910CCD0020B3B0E43D7B3BC633
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/KzOM31dhrbU
Frame ID: DD1C8B05679974B15DDDB94624B0BEBC
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fwww.zdnet.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 11E908A76665D4A450BE51BCFE837640
Requests: 1 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/lightbox.js?cb=1553188750469&lv=1
Frame ID: BCAD81022332987A66F34D32D540535B
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 8167F997B8F55E7A68AA8CD00A1D8E53
Requests: 1 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8613/?che=854570593&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fpewdiepie-fans-keep-making-junk-ransomware%2F&bpid=cbsinteractive&c=%7B%22bpid%22%3A%22cbsinteractive%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fpewdiepie-fans-keep-making-junk-ransomware%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: E64217B69DA9CF482284D5BE423F1796
Requests: 1 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/lclst/a1583f50-579b-41d0-8c4e-1cd1790d945c/ls.html?purl=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fpewdiepie-fans-keep-making-junk-ransomware%2F&vid=a1583f50-579b-41d0-8c4e-1cd1790d945c&se=0&prev=0&cb=636885417983100100
Frame ID: 7E8C15DF334D6D37B90A7DB2899A2A6E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 88E9ECBA5FC2670C47A397E99992D9B8
Requests: 1 HTTP requests in this frame

Frame: https://cbsi.demdex.net/dest5.html?d_nsid=undefined
Frame ID: D3FB78BAF93D9794A23840EFD43FCFCF
Requests: 1 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/lightbox_builder.js?cb=636885417983100100
Frame ID: D1D3AA378CA2403AB1133594B294ECB8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^requirejs$/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /pbjs/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^Modernizr$/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^optimizely$/i

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^SWFObject$/i

SiteCatalyst (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^s_(?:account|objectID|code|INST)$/i

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:^[^\/]*\/\/[^\/]*viglink\.com\/api\/|vglnk\.js)/i
env /^(?:vglnk(?:$|_)|vl_(?:cB|disable)$)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

132
Requests

99 %
HTTPS

33 %
IPv6

37
Domains

52
Subdomains

42
IPs

4
Countries

1969 kB
Transfer

5907 kB
Size

0
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: http://www.zdnet.com.cn/
Title: ZDNet China

Search URL Search Domain Scan URL

URL: http://www.zdnet.fr/
Title: ZDNet France

Search URL Search Domain Scan URL

URL: http://www.zdnet.de/
Title: ZDNet Germany

Search URL Search Domain Scan URL

URL: http://www.zdnet.co.kr/
Title: ZDNet Korea

Search URL Search Domain Scan URL

URL: http://japan.zdnet.com/
Title: ZDNet Japan

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/whitepapers/
Title: White Papers

Search URL Search Domain Scan URL

URL: https://downloads.zdnet.com/
Title: Downloads

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/forums/
Title: TechRepublic Forums

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC-lHJZR3Gqxm24_Vd_AJ5Yw
Title: PewDiePie

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/tseries
Title: T-Series

Search URL Search Domain Scan URL

URL: https://github.com/000JustMe/PewCrypt
Title: on GitHub

Search URL Search Domain Scan URL

URL: https://decrypter.emsisoft.com/pewcrypt
Title: their own decrypter app

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2019/03/15/technology/pewdiepie-new-zealand-shooting.html
Title: New York Times

Search URL Search Domain Scan URL

URL: https://www.theverge.com/2019/3/19/18270905/subscribe-to-pewdiepie-youtube-new-zealand-attack-meme
Title: The Verge

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Christchurch_mosque_shootings
Title: in a New Zealand mosque

Search URL Search Domain Scan URL

URL: https://variety.com/2019/digital/global/pewdiepie-tseries-youtube-most-subscribed-channel-1202980436/
Title: lost his top YouTube billing

Search URL Search Domain Scan URL

URL: https://www.cnet.com/news/new-ransomware-demands-payment-via-wechat-pay-in-china/
Title: New ransomware demands payment over WeChat Pay in China

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/article/ransomware-the-smart-persons-guide/
Title: Ransomware: A cheat sheet for professionals

Search URL Search Domain Scan URL

URL: http://cbsi.force.com/CBSi/zdnetcommunityfaq
Title: Community Guidelines

Search URL Search Domain Scan URL

URL: http://www.cbsinteractive.com/legal/cbsi/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://cbsi.secure.force.com/CBSi/articles/FAQ/Privacy-Policy?categories=CBS_Interactive%3AmPrivacy&template=template_mobilePrivacy&referer=mobileprivacy.com&data=&cfs=default
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cbsi.secure.force.com/CBSi/articles/FAQ/mThird-Party-Social-Networking-Services?template=template_mobilepp&referer=mobilepp.com&data=&cfs=default
Title: Video Services Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/ZDNet/5953112932
Title:

Search URL Search Domain Scan URL

URL: http://twitter.com/zdnet
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/zdnet-com
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCr9QWb5RKLfaunjKHJZAdQQ
Title:

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/cookies
Title: Cookies

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/adchoice
Title: Ad Choice

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/eula
Title: Mobile User Agreement

Search URL Search Domain Scan URL

URL: http://narratives.zdnet.com/
Title: Sponsored Narratives

Search URL Search Domain Scan URL

URL: https://cbsi.secure.force.com/CBSi/knowledgehome?referer=zdnet.com
Title: Site Assistance

Search URL Search Domain Scan URL

URL: https://academy.zdnet.com/
Title: ZDNet Academy

Search URL Search Domain Scan URL

URL: https://www.cbsinteractive.com/legal/cbsi/privacy-policy/cookies-and-beacons
Title: cookie policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://www.zdnet.com/ad/ad-cookie/01e230fc-a91b-4dd0-b93a-9315fd951bbd?_=1553188750430 HTTP 301
https://www.zdnet.com/ad/ad-cookie/01e230fc-a91b-4dd0-b93a-9315fd951bbd/?_=1553188750430

Request Chain 88

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 112

https://tags.bluekai.com/site/20486?limit=0&id=5978151465687257429&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151465687257429%26eid=50056 HTTP 302
https://ml314.com/csync.ashx?fp=$_BK_UUID&person_id=5978151465687257429&eid=50056

Request Chain 113

https://idsync.rlcdn.com/395886.gif?partner_uid=5978151465687257429 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTNTk3ODE1MTQ2NTY4NzI1NzQyORAAGg0Ij4_P5AUSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=6b727aaeb73a67aa6f82c50b998260712ccd8dc68e603ae9cd62df62cdcf2e7cf4cb09cee1a4f8eb&person_id=5978151465687257429&eid=50082

Request Chain 114

https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151465687257429%26eid=50220 HTTP 302
https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151465687257429%26eid=50220&mm_bnc&mm_bct HTTP 302
https://ml314.com/csync.ashx?fp=29ed5c93-c640-4700-a8ca-9ef29621bc22&person_id=5978151465687257429&eid=50220

Request Chain 115

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151465687257429 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151465687257429 HTTP 302
https://ml314.com/csync.ashx?fp=56216becbf7858e42f879af7780b234e&eid=50146&person_id=5978151465687257429

Request Chain 116

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=28npp3LuWzQn6SL6HIn53-4ImbrgejqK51HXR0YWVntI&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil HTTP 302
https://ml314.com/csync.ashx?fp=28npp3LuWzQn6SL6HIn53-4ImbrgejqK51HXR0YWVntI&person_id=5978151465687257429&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil HTTP 302
https://ps.eyeota.net/match/bounce/?bid=r8hrb20&uid=nil

Request Chain 117

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=5978151465687257429&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=5978151465687257429&redir=

Request Chain 122

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

132 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/ 435 KB
94 KB 726ms
620ms Document
text/html 2.18.233.143
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.143 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a2-18-233-143.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a7e64f7ed3f8b228460dcc3f36512fd52f12ea6cbb764eeff6413d308eb81d01

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval'; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.zdnet.com
:scheme: https
:path: /article/pewdiepie-fans-keep-making-junk-ransomware/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
server: nginx
content-type: text/html; charset=UTF-8
set-cookie: fly_device=desktop; expires=Thu, 28-Mar-2019 17:19:08 GMT; path=/; domain=.zdnet.com; secure nemo_highlander=ad_stack%3a1%3aa; expires=Mon, 25 Mar 2019 06:59:59 GMT; path=/; domain=.zdnet.com; secure; fly_default_edition=eu; path=/; domain=.zdnet.com; secure fly_preferred_edition=eu; path=/; domain=.zdnet.com; secure fly_geo={"countryCode": "de"}; expires=Thu, 28-Mar-2019 17:19:08 GMT; path=/; domain=.zdnet.com; secure
x-enable-esi: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, User-Agent
access-control-allow-origin: https://www.zdnet.com
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval'; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
expires: Thu, 21 Mar 2019 18:27:45 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-tx-id: f942e447-d02f-4bb3-9fb7-952d8e13a30f
content-encoding: gzip
date: Thu, 21 Mar 2019 17:19:08 GMT

GET
H2 200 main-4a2e80177e-rev.css
zdnet4.cbsistatic.com/fly/1660-fly/css/core/ 320 KB
59 KB 184ms
25ms Stylesheet
text/css 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://zdnet4.cbsistatic.com/fly/1660-fly/css/core/main-4a2e80177e-rev.css
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 28e2960b8daa25db02de7244e062aa66f9134462ca6b62975a01667e42fb08ba

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:08 GMT
content-encoding: gzip
last-modified: Tue, 19 Mar 2019 18:27:54 GMT
server: nginx
etag: W/"5c9134aa-4ff15"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=604800
timing-allow-origin: *
content-length: 59674
expires: Thu, 28 Mar 2019 17:19:08 GMT

GET
H2 200 controls-9423ff3b54-rev.css
zdnet4.cbsistatic.com/fly/css/video/htmlPlayerControls/ 41 KB
7 KB 207ms
48ms Stylesheet
text/css 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://zdnet4.cbsistatic.com/fly/css/video/htmlPlayerControls/controls-9423ff3b54-rev.css
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f04be93e144932a277b3b79253acc171ea7bbb59460c33d2f4f07dcf684a6b14

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:08 GMT
content-encoding: gzip
last-modified: Tue, 19 Mar 2019 18:28:05 GMT
server: nginx
etag: W/"5c9134b5-a561"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=604800
timing-allow-origin: *
content-length: 6564
expires: Thu, 28 Mar 2019 17:19:08 GMT

GET
H2 200 catalin-cimpanu.jpg
zdnet3.cbsistatic.com/hub/i/r/2018/08/21/a59867e9-8d75-40af-a87c-690638f8afa4/thumbnail/40x40/e9e4d21a35e101b1402c656cf979114c/ 910 B
1 KB 190ms
40ms Image
image/jpeg 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdnet3.cbsistatic.com/hub/i/r/2018/08/21/a59867e9-8d75-40af-a87c-690638f8afa4/thumbnail/40x40/e9e4d21a35e101b1402c656cf979114c/catalin-cimpanu.jpg
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ba2fa15976662b87f31dccdd53d415b927f2118760fdafc4ac21dd2c1b234ff3

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:08 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: http://origin.img.hub.zdnet.com
etag: "c3829e4116c9d009ce51c32b304b9e46"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=14289197, s-maxage=21600
content-transfer-encoding: binary
timing-allow-origin: *
content-length: 868

GET
H2 200 0-car-rear-light-markusspiske-eileen-brown-zdnet.jpg
zdnet4.cbsistatic.com/hub/i/r/2019/02/18/29ceb643-814d-4f3d-95ed-6bc38641a058/thumbnail/170x128/73f6465a3b67c5b412afbaedd9062546/ 4 KB
4 KB 182ms
72ms Image
image/jpeg 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdnet4.cbsistatic.com/hub/i/r/2019/02/18/29ceb643-814d-4f3d-95ed-6bc38641a058/thumbnail/170x128/73f6465a3b67c5b412afbaedd9062546/0-car-rear-light-markusspiske-eileen-brown-zdnet.jpg
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5bfdcddf96d401948b646d8fcf6162f5356898d4e435d1ce749d252adaeff664

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:08 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: http://origin.img.hub.zdnet.com
etag: "6236c78e73f52110ae39e588ba88de0b"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=28855872, s-maxage=21600
content-transfer-encoding: binary
timing-allow-origin: *
content-length: 3835

GET
H2 200 1-keyless-entry-rja1988-eileen-brown-zdnet.jpg
zdnet3.cbsistatic.com/hub/i/r/2019/02/18/8407f65e-5005-432e-ae91-fabdc493b29c/thumbnail/170x128/71a08b40e2eec16427fa210839485e0b/ 4 KB
4 KB 49ms
33ms Image
image/jpeg 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdnet3.cbsistatic.com/hub/i/r/2019/02/18/8407f65e-5005-432e-ae91-fabdc493b29c/thumbnail/170x128/71a08b40e2eec16427fa210839485e0b/1-keyless-entry-rja1988-eileen-brown-zdnet.jpg
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 54c21c3d0c39837212933126f79b25f98b7f92415299facf1cc1915f5525a90d

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:08 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: http://origin.img.hub.zdnet.com
etag: "c4fa7aecedac73641320d24d5bf3bf38"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=31493688, s-maxage=21600
content-transfer-encoding: binary
timing-allow-origin: *
content-length: 3597

GET
H2 200 2-car-lock-jammer-jammerspro.png
zdnet2.cbsistatic.com/hub/i/r/2019/02/18/3726c7c6-c14b-41fd-9e85-6ee89fd5dc4d/thumbnail/170x128/ec0bac95a2386a48095c76d6e7d9bc70/ 16 KB
16 KB 47ms
29ms Image
image/png 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdnet2.cbsistatic.com/hub/i/r/2019/02/18/3726c7c6-c14b-41fd-9e85-6ee89fd5dc4d/thumbnail/170x128/ec0bac95a2386a48095c76d6e7d9bc70/2-car-lock-jammer-jammerspro.png
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ca8f48b540d18416166b438dc0f7e497f642c9a3408e1b668ec70a20df1777be

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:08 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: http://origin.img.hub.zdnet.com
etag: "4b22a8375108a514ef8340e01c2e1af4"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31494037, s-maxage=21600
content-transfer-encoding: binary
timing-allow-origin: *
content-length: 16548

GET
H2 200 3-flat-tyre-stux-eileen-brown-zdnet.jpg
zdnet1.cbsistatic.com/hub/i/r/2019/02/18/54d6ab9e-2d02-44ff-8bd8-ec34de9812f4/thumbnail/170x128/dff282f62b9778fd3e0d9c8d0404ed65/ 5 KB
5 KB 85ms
46ms Image
image/jpeg 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdnet1.cbsistatic.com/hub/i/r/2019/02/18/54d6ab9e-2d02-44ff-8bd8-ec34de9812f4/thumbnail/170x128/dff282f62b9778fd3e0d9c8d0404ed65/3-flat-tyre-stux-eileen-brown-zdnet.jpg
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ec94a2b08f0f5a02d84a67e0918794af1f8c451112f1f350b4c1fd6142d79c81

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:08 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: http://origin.img.hub.zdnet.com
etag: "3f1656d9668dffcf8119e3ecff873558"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=31494272, s-maxage=21600
content-transfer-encoding: binary
timing-allow-origin: *
content-length: 5102

GET
H2 200 4-dashboard-autophotography-eileen-brown-zdnet.jpg
zdnet2.cbsistatic.com/hub/i/r/2019/02/18/dedf5bc5-2337-4c79-a93c-eab720f1c4db/thumbnail/170x128/78d269d241ba73224b0608959d918e21/ 6 KB
6 KB 53ms
35ms Image
image/jpeg 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdnet2.cbsistatic.com/hub/i/r/2019/02/18/dedf5bc5-2337-4c79-a93c-eab720f1c4db/thumbnail/170x128/78d269d241ba73224b0608959d918e21/4-dashboard-autophotography-eileen-brown-zdnet.jpg
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 55c46587a33cd13531d08be1f1b2fa01eb72b54422834960ca652542161ee3ba

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:08 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: http://origin.img.hub.zdnet.com
etag: "3a9044746ffc9e6f539ecace6d3e2c82"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=31494117, s-maxage=21600
content-transfer-encoding: binary
timing-allow-origin: *
content-length: 6309

GET
H2 200 bestplacetoworkgooglefacebookslip-5c0961f860b27765480787401dec102018151541poster.jpg
zdnet1.cbsistatic.com/hub/i/r/2018/12/10/f497f549-93e9-4983-a3c5-be1c2cd85982/thumbnail/170x128/270bc875261a8980645e9f97b59bab26/ 2 KB
2 KB 84ms
47ms Image
image/jpeg 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdnet1.cbsistatic.com/hub/i/r/2018/12/10/f497f549-93e9-4983-a3c5-be1c2cd85982/thumbnail/170x128/270bc875261a8980645e9f97b59bab26/bestplacetoworkgooglefacebookslip-5c0961f860b27765480787401dec102018151541poster.jpg
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0aff92d0424973e3d93027c79182b9bf06e55062fffcabf4ed0814d9abd070a1

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:08 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: http://origin.img.hub.zdnet.com
etag: "00a03ec6533ca7f5c644d198d815329c"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=31534047, s-maxage=21600
content-transfer-encoding: binary
timing-allow-origin: *
content-length: 2161

GET
H2 200 nokia-7-1-9303.jpg
zdnet2.cbsistatic.com/hub/i/r/2018/10/05/9b0de361-97e2-43d3-9d01-989967cec72c/thumbnail/170x128/3d9b5e69e8649d60880c8c9c5f04ff6a/ 9 KB
8 KB 53ms
36ms Image
image/jpeg 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdnet2.cbsistatic.com/hub/i/r/2018/10/05/9b0de361-97e2-43d3-9d01-989967cec72c/thumbnail/170x128/3d9b5e69e8649d60880c8c9c5f04ff6a/nokia-7-1-9303.jpg
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0730d62aad8991d4abe2f5b68d6d2207778e4bdf2142bbb4713bf0184151c113

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:08 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: http://origin.img.hub.zdnet.com
etag: "9523147e5a6707baf674941812ee5c94"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=31533328, s-maxage=21600
content-transfer-encoding: binary
timing-allow-origin: *
content-length: 8367

GET
H2 200 screenshot-2019-01-10-at-17-37-46.png
zdnet2.cbsistatic.com/hub/i/r/2019/01/10/038236c8-e684-48f5-8276-0aa4b30be1d0/thumbnail/170x128/a447fc8e7233c0f2b45f4c030606ecc4/ 49 KB
50 KB 52ms
36ms Image
image/png 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdnet2.cbsistatic.com/hub/i/r/2019/01/10/038236c8-e684-48f5-8276-0aa4b30be1d0/thumbnail/170x128/a447fc8e7233c0f2b45f4c030606ecc4/screenshot-2019-01-10-at-17-37-46.png
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9e371436db613ae74ff8252f069bc64959d668caebf42dc14ffbb0366df9cc05

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:08 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: http://origin.img.hub.zdnet.com
etag: "fe292163d06253b716e9a0099b42031d"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31526202, s-maxage=21600
content-transfer-encoding: binary
timing-allow-origin: *
content-length: 50525

GET
H2 200 wp-smtp.png
zdnet3.cbsistatic.com/hub/i/r/2019/03/21/8988e317-18c5-49dd-9d58-d6a690289793/thumbnail/170x128/bab388aea30b6bd790361c6586e6b510/ 14 KB
15 KB 71ms
57ms Image
image/png 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdnet3.cbsistatic.com/hub/i/r/2019/03/21/8988e317-18c5-49dd-9d58-d6a690289793/thumbnail/170x128/bab388aea30b6bd790361c6586e6b510/wp-smtp.png
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 80e7b318c4c21d8f60a9e7228626723e71a03c53e6814b285fcbcae66d082ba7

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:08 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: http://origin.img.hub.zdnet.com
etag: "b29e1baea1aa0702319961bcae84d87b"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31523272, s-maxage=21600
content-transfer-encoding: binary
timing-allow-origin: *
content-length: 14668

GET
H2 200 istock-488253356.jpg
zdnet1.cbsistatic.com/hub/i/r/2019/03/01/817912d7-4468-491c-a4b8-4809761588e3/thumbnail/170x128/03b6d6770409e089eae26c54023edc17/ 15 KB
14 KB 81ms
47ms Image
image/jpeg 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdnet1.cbsistatic.com/hub/i/r/2019/03/01/817912d7-4468-491c-a4b8-4809761588e3/thumbnail/170x128/03b6d6770409e089eae26c54023edc17/istock-488253356.jpg
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 56110ff5555202342949a5203c0789bd23251c2b1eb6e0b1a4ff8cac6b11b4aa

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:08 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: http://origin.img.hub.zdnet.com
etag: "91e480d943dda6147aff2bd2dc418c96"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=31372557, s-maxage=21600
content-transfer-encoding: binary
timing-allow-origin: *
content-length: 14393

GET
H2 200 screenshot-2019-03-21-at-09-22-02.png
zdnet2.cbsistatic.com/hub/i/r/2019/03/21/19a211b2-df3f-4f36-8a63-1787ca698b39/thumbnail/170x128/498cf31c4ba8152a4c1c2f2fa43dceab/ 41 KB
41 KB 71ms
58ms Image
image/png 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdnet2.cbsistatic.com/hub/i/r/2019/03/21/19a211b2-df3f-4f36-8a63-1787ca698b39/thumbnail/170x128/498cf31c4ba8152a4c1c2f2fa43dceab/screenshot-2019-03-21-at-09-22-02.png
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a0eeba57c50d301a64672a459abf71d3269bad55b8421637df831de2f39b908a

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:08 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: http://origin.img.hub.zdnet.com
etag: "0d21d741c65d5b132fa8db59fcf73abc"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31518001, s-maxage=21600
content-transfer-encoding: binary
timing-allow-origin: *
content-length: 41452

GET
H2 200 apple-macbook-pro-touch-bar-15-inch-2017-41941.jpg
zdnet1.cbsistatic.com/hub/i/r/2019/01/23/faaee353-177d-4310-bd80-6eac748fdd42/thumbnail/170x128/e315e3e2d9e53fe85e57392dd71f6bbb/ 8 KB
8 KB 81ms
48ms Image
image/jpeg 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdnet1.cbsistatic.com/hub/i/r/2019/01/23/faaee353-177d-4310-bd80-6eac748fdd42/thumbnail/170x128/e315e3e2d9e53fe85e57392dd71f6bbb/apple-macbook-pro-touch-bar-15-inch-2017-41941.jpg
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d33559581528f2b623b94363b31092d87796baf6711eadebaf8635b30bc9d7c7

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:08 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: http://origin.img.hub.zdnet.com
etag: "4fc66104f8ada6257fa55f29a2a567c7"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=29284096, s-maxage=21600
content-transfer-encoding: binary
timing-allow-origin: *
content-length: 7538

GET
H2 200 istock-a-fancy-bear.jpg
zdnet4.cbsistatic.com/hub/i/r/2018/11/20/6b7fbb77-a05c-42db-ba63-cb0d43cff627/thumbnail/170x128/209a9edd21f43c4b08fb172ba03c22dc/ 10 KB
9 KB 75ms
63ms Image
image/jpeg 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdnet4.cbsistatic.com/hub/i/r/2018/11/20/6b7fbb77-a05c-42db-ba63-cb0d43cff627/thumbnail/170x128/209a9edd21f43c4b08fb172ba03c22dc/istock-a-fancy-bear.jpg
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ff65ec45c2cccd9e9687651fb75a3abd337492ac0710d5a513be085cc2ff0a89

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:08 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: http://origin.img.hub.zdnet.com
etag: "f702defbc67edb455949f46babab0c18"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=31512832, s-maxage=21600
content-transfer-encoding: binary
timing-allow-origin: *
content-length: 9437

GET
H2 200 screenshot-2019-03-21-at-09-22-23.png
zdnet4.cbsistatic.com/hub/i/r/2019/03/21/a10bcf08-f2ff-47d0-be3c-f20008672b61/thumbnail/170x128/f2bf481f75c9408bb8f3b790800559fd/ 45 KB
45 KB 75ms
63ms Image
image/png 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdnet4.cbsistatic.com/hub/i/r/2019/03/21/a10bcf08-f2ff-47d0-be3c-f20008672b61/thumbnail/170x128/f2bf481f75c9408bb8f3b790800559fd/screenshot-2019-03-21-at-09-22-23.png
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bae4514110b43a9a8417e48bb8a4e7e688de2abac4bfabffbf3859af31730f78

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:08 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: http://origin.img.hub.zdnet.com
etag: "8f69556a5e7face8c322a00de415b9d1"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31512561, s-maxage=21600
content-transfer-encoding: binary
timing-allow-origin: *
content-length: 45512

GET
H2 200 require-2.1.2.js Show response
zdnet2.cbsistatic.com/fly/1660-fly/js/libs/ 16 KB
6 KB 71ms
25ms Script
application/javascript 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://zdnet2.cbsistatic.com/fly/1660-fly/js/libs/require-2.1.2.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f96f203f5605c9f56e7f6f97caf6ea84f122872ec3c5ac1f9037a1b508c706ee

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:08 GMT
content-encoding: gzip
last-modified: Tue, 19 Mar 2019 18:27:49 GMT
server: nginx
etag: W/"5c9134a5-3f09"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=604800
timing-allow-origin: *
content-length: 6305
expires: Thu, 28 Mar 2019 17:19:08 GMT

GET
H2 200 evidon-sitenotice-tag.js Show response
c.evidon.com/sitenotice/ 40 KB
11 KB 83ms
13ms Script
application/x-javascript 104.107.252.81
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.107.252.81 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-107-252-81.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: dff46486a11e8e9c5785ce5d037c4e9e507511c5cb404a044602c68a777b0e7b

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
status: 200
access-control-max-age: 86400
content-length: 10669
last-modified: Wed, 20 Mar 2019 19:57:18 GMT
server: Apache
etag: "a0688cb77159ce22f4bcb1519b8859fc:1553111839"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400, private;max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 22 Mar 2019 17:19:09 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ 260 B
456 B 93ms
26ms Script
application/x-javascript 104.107.252.81
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.107.252.81 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-107-252-81.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f9784f57729f84391b084eed9e944e048f771129d65e9b58f34095fdfba86473

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
last-modified: Wed, 30 May 2018 22:23:16 GMT
server: Apache
access-control-allow-origin: *
etag: "c1e367d098d326049811561575dbda4a:1527718996"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/x-javascript
status: 200
access-control-max-age: 86400
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 165

GET
H2 200 snthemes.js Show response
c.evidon.com/sitenotice/425/ 79 KB
4 KB 78ms
14ms Script
application/x-javascript 104.107.252.81
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/425/snthemes.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.107.252.81 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-107-252-81.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f05f427c0a3425f17ce1b199296557b22f8b385c963696f80d588f692364abca

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
status: 200
access-control-max-age: 86400
content-length: 3992
last-modified: Sun, 18 Nov 2018 21:52:50 GMT
server: Apache
etag: "f23a8c8a532eb957f9790e1985bb8e9c:1542577970"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400, private;max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 22 Mar 2019 17:19:09 GMT

GET
H2 200 settings.js Show response
c.evidon.com/sitenotice/425/zdnet/ 15 KB
2 KB 63ms
14ms Script
application/x-javascript 104.107.252.81
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/425/zdnet/settings.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.107.252.81 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-107-252-81.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1b91058b5969c2319ee3f3efb2b91ccf388c64fe22f806e59b0edb43694150d4

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
status: 200
access-control-max-age: 86400
content-length: 1239
last-modified: Tue, 28 Aug 2018 21:08:55 GMT
server: Apache
etag: "09891370db88cdd3a58c49f5cd396b85:1535490535"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400, private;max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 22 Mar 2019 17:19:09 GMT

GET
DATA 200
OK truncated
/ 917 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41

Request headers

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c

Request headers

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108

Request headers

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9

Request headers

Response headers

Content-Type: image/jpeg

GET
H2 200 mag-white01.png
zdnet1.cbsistatic.com/fly/1553019935-fly/bundles/zdnetcss/images/core/ 1 KB
1 KB 24ms
24ms Image
image/png 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdnet1.cbsistatic.com/fly/1553019935-fly/bundles/zdnetcss/images/core/mag-white01.png
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c

Request headers

Referer: https://zdnet4.cbsistatic.com/fly/1660-fly/css/core/main-4a2e80177e-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:08 GMT
content-encoding: gzip
last-modified: Tue, 19 Mar 2019 18:25:35 GMT
server: nginx
etag: W/"5c91341f-4f1"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=604800
timing-allow-origin: *
content-length: 936
expires: Thu, 28 Mar 2019 17:19:08 GMT

GET
H2 200 Raleway-Bold.woff2
zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/raleway/ 51 KB
51 KB 142ms
32ms Font
application/octet-stream 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/raleway/Raleway-Bold.woff2
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9db8bd3e641dc88d54edf476a148e75e29b4e8ccd040cb340404d557578dcfbd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://zdnet4.cbsistatic.com/fly/1660-fly/css/core/main-4a2e80177e-rev.css
Origin: https://www.zdnet.com

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
last-modified: Tue, 26 Feb 2019 17:11:40 GMT
server: nginx
access-control-allow-origin: *
etag: "5c75734c-cbf4"
content-type: application/octet-stream
status: 200
cache-control: max-age=29632069
accept-ranges: bytes
timing-allow-origin: *
content-length: 52212
expires: Thu, 27 Feb 2020 16:26:58 GMT

GET
H2 200 Raleway-Regular.woff2
zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/raleway/ 50 KB
51 KB 194ms
84ms Font
application/octet-stream 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/raleway/Raleway-Regular.woff2
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 66ef1b7581d8ef7b82bfe2ca363a612a479d89b808e2241f68d3e8c75f4f06d4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://zdnet4.cbsistatic.com/fly/1660-fly/css/core/main-4a2e80177e-rev.css
Origin: https://www.zdnet.com

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
last-modified: Tue, 26 Feb 2019 17:11:40 GMT
server: nginx
access-control-allow-origin: *
etag: "5c75734c-c974"
content-type: application/octet-stream
status: 200
cache-control: max-age=29632019
accept-ranges: bytes
timing-allow-origin: *
content-length: 51572
expires: Thu, 27 Feb 2020 16:26:08 GMT

GET
H2 200 Raleway-ExtraLight.woff2
zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/raleway/ 50 KB
50 KB 165ms
56ms Font
application/octet-stream 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/raleway/Raleway-ExtraLight.woff2
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c2c432e808e795014171d087ba8abd58d8337f59ad387c08d8a6c6b3c32106fb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://zdnet4.cbsistatic.com/fly/1660-fly/css/core/main-4a2e80177e-rev.css
Origin: https://www.zdnet.com

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
last-modified: Tue, 26 Feb 2019 17:11:40 GMT
server: nginx
access-control-allow-origin: *
etag: "5c75734c-c634"
content-type: application/octet-stream
status: 200
cache-control: max-age=29632069
accept-ranges: bytes
timing-allow-origin: *
content-length: 50740
expires: Thu, 27 Feb 2020 16:26:58 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Response headers

Content-Type: image/gif

GET
H2 200 Raleway-Light.woff2
zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/raleway/ 50 KB
51 KB 68ms
66ms Font
application/octet-stream 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/raleway/Raleway-Light.woff2
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6de73873dd441f953668e77030299f082e0f3e6335bf944d88d44978162e6609

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://zdnet4.cbsistatic.com/fly/1660-fly/css/core/main-4a2e80177e-rev.css
Origin: https://www.zdnet.com

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
last-modified: Tue, 26 Feb 2019 17:11:40 GMT
server: nginx
access-control-allow-origin: *
etag: "5c75734c-c998"
content-type: application/octet-stream
status: 200
cache-control: max-age=29631977
accept-ranges: bytes
timing-allow-origin: *
content-length: 51608
expires: Thu, 27 Feb 2020 16:25:26 GMT

GET
H2 200 Raleway-Black.woff2
zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/raleway/ 50 KB
51 KB 74ms
74ms Font
application/octet-stream 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://zdnet4.cbsistatic.com/bundles/zdnetcss/fonts/raleway/Raleway-Black.woff2
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 927048ad11de8981ab14882b0cac610a1c194aa991d07247cdbf875032dec422

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://zdnet4.cbsistatic.com/fly/1660-fly/css/core/main-4a2e80177e-rev.css
Origin: https://www.zdnet.com

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
last-modified: Tue, 26 Feb 2019 17:11:40 GMT
server: nginx
access-control-allow-origin: *
etag: "5c75734c-c8ec"
content-type: application/octet-stream
status: 200
cache-control: max-age=29632110
accept-ranges: bytes
timing-allow-origin: *
content-length: 51436
expires: Thu, 27 Feb 2020 16:27:39 GMT

GET
H2 200 en.js Show response
c.evidon.com/sitenotice/425/translations/ 217 KB
7 KB 16ms
16ms Script
application/x-javascript 104.107.252.81
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/425/translations/en.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.107.252.81 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-107-252-81.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8238f5f25e0f6c79352684181f41e1f8fb226fbbeefe07cb21aa9c074b5141b2

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
status: 200
access-control-max-age: 86400
content-length: 7080
last-modified: Sun, 18 Nov 2018 21:51:12 GMT
server: Apache
etag: "b62d382931b2460857acce0af48570f2:1542577872"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400, private;max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 22 Mar 2019 17:19:09 GMT

GET
H2 200 logo.png
zdnet4.cbsistatic.com/fly/1553019935-fly/bundles/zdnetcss/images/core/ 4 KB
4 KB 31ms
31ms Image
image/png 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdnet4.cbsistatic.com/fly/1553019935-fly/bundles/zdnetcss/images/core/logo.png
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

Request headers

Referer: https://zdnet4.cbsistatic.com/fly/1660-fly/css/core/main-4a2e80177e-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
last-modified: Tue, 19 Mar 2019 18:25:35 GMT
server: nginx
etag: W/"5c91341f-1009"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=604800
timing-allow-origin: *
content-length: 4128
expires: Thu, 28 Mar 2019 17:19:09 GMT

GET
H2 200 vendorlist.js Show response
c.evidon.com/sitenotice/ 126 KB
52 KB 13ms
13ms Script
application/x-javascript 104.107.252.81
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/vendorlist.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.107.252.81 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-107-252-81.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cd1d44243c825f1c5b6fece79fb2f3605907af8e9948469e3be7fe265a74e6dc

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
status: 200
access-control-max-age: 86400
content-length: 52671
last-modified: Wed, 06 Mar 2019 21:39:02 GMT
server: Apache
etag: "5bddbb4465cdcb7d5352e5dd7b6078cc:1551908342"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400, private;max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 22 Mar 2019 17:19:09 GMT

GET
H2 200 main.default.ad-test.js Show response
zdnet3.cbsistatic.com/fly/1660-fly/js/ 164 KB
57 KB 25ms
24ms Script
application/javascript 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://zdnet3.cbsistatic.com/fly/1660-fly/js/main.default.ad-test.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1660-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 08cb45b308f54b35aa41c2b1245f33631ed9a44390e6fb57145392d36a6e293e

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
last-modified: Tue, 19 Mar 2019 18:27:50 GMT
server: nginx
etag: W/"5c9134a6-29199"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=604800
timing-allow-origin: *
content-length: 58366
expires: Thu, 28 Mar 2019 17:19:09 GMT

GET
H/1.1 200
OK ls-zdnet.js Show response
js-sec.indexww.com/ht/ 85 KB
26 KB 165ms
26ms Script
text/javascript 2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/ls-zdnet.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 57e1e8e64fe95a0acc0822d690633b9450b26919fcedc32958ebcf7d39393181

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Mar 2019 17:19:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Mar 2019 16:55:52 GMT
Server: Apache
ETag: "da16ff-15269-5849d9c68873a"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2254
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 26184
Expires: Thu, 21 Mar 2019 17:56:43 GMT

GET
H/1.1 200
OK YZ2TK-PC7PJ-K64DL-L53CR-P2G4E Show response
c.go-mpulse.net/boomerang/ Frame A539 187 KB
55 KB 94ms
25ms Script
application/javascript 23.52.55.108
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.52.55.108 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-52-55-108.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Mar 2019 17:19:09 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Cache-Control: max-age=604800, s-maxage=604800
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Timing-Allow-Origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 33 KB
11 KB 66ms
39ms Script
text/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7564246758705b370a2573e1c1b6a50b63dc21ffb9da3109aa9b41bbc57ece2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "113 / 606 of 1000 / last-modified: 1553173067"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10841
x-xss-protection: 1; mode=block
expires: Thu, 21 Mar 2019 17:19:09 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 93 KB
28 KB 36ms
13ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4188) /
Resource Hash: 460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Mar 2019 17:19:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:40:21 GMT
Server: ECS (fcn/4188)
Etag: "4cf9f34505e9344b9a7e4d00e67b6c88+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28028

GET
H2 200 KzOM31dhrbU
www.youtube.com/embed/ Frame DD1C 0
0 154ms
140ms Document
text/html 2a00:1450:4001:820::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/KzOM31dhrbU

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/KzOM31dhrbU
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/

Response headers

status: 200
cache-control: no-cache
content-type: text/html; charset=utf-8
expires: Tue, 27 Apr 1971 19:44:06 EST
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Thu, 21 Mar 2019 17:19:09 GMT
server: YouTube Frontend Proxy
x-xss-protection: 1; mode=block
set-cookie: VISITOR_INFO1_LIVE=vwzq1LFyhN0; path=/; domain=.youtube.com; expires=Tue, 17-Sep-2019 17:19:09 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Wed, 20-Nov-2019 05:12:09 GMT YSC=S-i3Pu0JJBg; path=/; domain=.youtube.com; httponly VISITOR_INFO1_LIVE=vwzq1LFyhN0; path=/; domain=.youtube.com; expires=Tue, 17-Sep-2019 17:19:09 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Thu, 21-Mar-2019 17:49:09 GMT
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 sfp.js Show response
native.sharethrough.com/assets/ 371 KB
108 KB 77ms
14ms Script
application/javascript 54.230.95.142
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://native.sharethrough.com/assets/sfp.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.95.142 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-95-142.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 712ccd370ade5278a0e57ac492debbf1a7bd97fcc81c7b9b0c8eea4abe0fa8cb

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:08:20 GMT
content-encoding: gzip
last-modified: Thu, 21 Mar 2019 15:08:16 GMT
server: AmazonS3
age: 651
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=3600
x-amz-cf-id: SnfDue72bYtYERV_uVtxUyUP7rmBfPPflGcUFxpfUPOCjlMb_g7fVw==
via: 1.1 f9448dbaac49aad821506cba2852f911.cloudfront.net (CloudFront)
expires: Thu, 21 Mar 2019 16:08:15 GMT

GET
H2 200 evidon-banner.js Show response
c.evidon.com/sitenotice/ 8 KB
3 KB 13ms
13ms Script
application/x-javascript 104.107.252.81
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-banner.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.107.252.81 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-107-252-81.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4b51cad50779921c134fe5f8a46df29da7bdedf5f643c331d192b6057af97992

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
status: 200
access-control-max-age: 86400
content-length: 2538
last-modified: Wed, 20 Mar 2019 19:57:19 GMT
server: Apache
etag: "41298c7c9394582aaf744ce4397a8521:1553111841"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400, private;max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 22 Mar 2019 17:19:09 GMT

GET
H2 204 18863
l.betrad.com/site/v3/425/3445/3/1/2/2/ 0
120 B 350ms
114ms Image
text/plain 18.214.158.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/425/3445/3/1/2/2/18863?consent=1
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.158.180 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-18-214-158-180.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by: Express
vary: Accept-Encoding

GET
H2 200 ;ord=1553188749448
ad.doubleclick.net/ddm/ad/ifmqbknabg/dymicjs/dhzz/yvnohxopzgj/qwwaazepb/ 43 B
502 B 67ms
18ms Image
image/gif 172.217.16.166
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/ad/ifmqbknabg/dymicjs/dhzz/yvnohxopzgj/qwwaazepb/;ord=1553188749448?

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.16.166 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f166.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2019 17:19:09 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 18863
l.betrad.com/site/v3/425/3445/3/4/2/2/ 0
120 B 307ms
114ms Image
text/plain 18.214.158.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/425/3445/3/4/2/2/18863?consent=1
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.158.180 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-18-214-158-180.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by: Express
vary: Accept-Encoding

GET
H/1.1 200
OK widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html
platform.twitter.com/widgets/ Frame 11E9 0
0 13ms
11ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fwww.zdnet.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AB) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 21 Mar 2019 17:19:09 GMT
Etag: "347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified: Thu, 07 Mar 2019 17:39:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41AB)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5783

GET
H/1.1 200
OK moment~timeline~tweet.6e5b62723488aee38af0c77681396a5b.js Show response
platform.twitter.com/js/ 24 KB
8 KB 35ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.6e5b62723488aee38af0c77681396a5b.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4186) /
Resource Hash: e26fdccb214e020f70cf2aede7b77d5dc51854e23b3acbb4bcff0018773a636f

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Mar 2019 17:19:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:39:15 GMT
Server: ECS (fcn/4186)
Etag: "da3e8002f83d92efe615008a56f12f48+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 7925

GET
H/1.1 200
OK tweet.2b7769d244a8dfeb3ab9d97583412dec.js Show response
platform.twitter.com/js/ 18 KB
6 KB 34ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/tweet.2b7769d244a8dfeb3ab9d97583412dec.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40EA) /
Resource Hash: 9c6ea1ab4588c0be7dc9cb629aa641415dd91acaea7084de6921a7ffa2299bfb

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Mar 2019 17:19:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:39:15 GMT
Server: ECS (fcn/40EA)
Etag: "20fa27831d8703b8d33a11abad368f93+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 6038

GET
H2 200 scrolling-mpu.js Show response
zdnet4.cbsistatic.com/fly/js/components/ 1 KB
780 B 60ms
59ms Script
application/javascript 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://zdnet4.cbsistatic.com/fly/js/components/scrolling-mpu.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1660-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 308a64084fd0c823eb8f8b1000feaf70b9cbc45f18fbbcecde55860b089e15c4

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 14:12:59 GMT
server: nginx
etag: W/"5c8fa76b-4f8"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=604800
timing-allow-origin: *
content-length: 575
expires: Thu, 28 Mar 2019 17:19:09 GMT

GET
H2 200 require.optional-dependency.js Show response
zdnet4.cbsistatic.com/fly/js/libs/ 582 B
518 B 60ms
59ms Script
application/javascript 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://zdnet4.cbsistatic.com/fly/js/libs/require.optional-dependency.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1660-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f27c0c9f284c6959dd7db1e768c6e43a518ea650afc69d7a60383f3a963cde7b

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
last-modified: Mon, 30 Jul 2018 16:42:46 GMT
server: nginx
etag: "5b5f4006-246"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
content-length: 307
expires: Thu, 28 Mar 2019 17:19:09 GMT

GET
H2 200 article.js Show response
zdnet1.cbsistatic.com/fly/js/pages/ 250 KB
71 KB 73ms
72ms Script
application/javascript 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://zdnet1.cbsistatic.com/fly/js/pages/article.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1660-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c480ce7d4d5f2fb023403c864eac3350b46fab68728482d625d4d4b45b049427

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 14:13:07 GMT
server: nginx
etag: W/"5c8fa773-3e718"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=604800
timing-allow-origin: *
content-length: 72107
expires: Thu, 28 Mar 2019 17:19:09 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
490 B 67ms
15ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
490 B 69ms
18ms Script
application/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl_319.js Show response
securepubads.g.doubleclick.net/gpt/ 160 KB
58 KB 133ms
52ms Script
text/javascript 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_319.js?21063343

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

sffe /

Resource Hash

cf65e308f1c461e06038b45d5bfa27689e22241f6b673b7d540d35cdd0ca4c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Mar 2019 16:13:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 58724
x-xss-protection: 1; mode=block
expires: Thu, 21 Mar 2019 17:19:09 GMT

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
492 B 189ms
125ms Image
image/gif 104.244.42.200
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1553188749665%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 103
pragma: no-cache
last-modified: Thu, 21 Mar 2019 17:19:09 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 863853e6db01a9b65bd2274be3760da2
x-transaction: 005e890500a0e3e2
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
525 B 146ms
39ms XHR
application/json 52.51.38.48
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184216
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/ls-zdnet.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.38.48 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-51-38-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f4b7aa9e3e4bd003c0dab54805b76e92b937cf843bfb6bee5dd336ac486b1717

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zdnet.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sat, 20 Apr 2019 17:19:09 GMT

GET
H2 200 waypoints.js Show response
zdnet2.cbsistatic.com/fly/js/managers/ 293 B
419 B 35ms
31ms Script
application/javascript 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://zdnet2.cbsistatic.com/fly/js/managers/waypoints.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1660-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1916ac88ca53ca6fa357cd4eb661206e3c933c24385cc503aade6937ac631f39

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 14:13:05 GMT
server: nginx
etag: "5c8fa771-125"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
content-length: 210
expires: Thu, 28 Mar 2019 17:19:09 GMT

GET
H2 200 jquery.waypoints.js Show response
zdnet4.cbsistatic.com/fly/js/libs/jquery/ 9 KB
3 KB 36ms
32ms Script
application/javascript 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://zdnet4.cbsistatic.com/fly/js/libs/jquery/jquery.waypoints.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1660-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0db1739b6bec8463f52771aaccbd974dde17f5db7c9fe4bb0a8f2c00564d603d

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 14:13:00 GMT
server: nginx
etag: W/"5c8fa76c-2267"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=604800
timing-allow-origin: *
content-length: 2735
expires: Thu, 28 Mar 2019 17:19:09 GMT

GET
H2 200 waypoints.sticky.js Show response
zdnet4.cbsistatic.com/fly/js/libs/jquery/ 1 KB
809 B 36ms
33ms Script
application/javascript 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://zdnet4.cbsistatic.com/fly/js/libs/jquery/waypoints.sticky.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1660-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: deee21acc86b40fe0cb13584d9b68a15a21f471fcd0523822aa1f5b58b603604

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 14:13:01 GMT
server: nginx
etag: W/"5c8fa76d-4e1"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=604800
timing-allow-origin: *
content-length: 604
expires: Thu, 28 Mar 2019 17:19:09 GMT

GET
H2 200 CBSI-PLAYER.js Show response
vidtech.cbsinteractive.com/uvpjs/2.8.3/ 760 KB
203 KB 129ms
23ms Script
application/javascript 151.101.122.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://vidtech.cbsinteractive.com/uvpjs/2.8.3/CBSI-PLAYER.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1660-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.122.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1491a1594a4058a62ea4c08441cfcbbfe82a0916b4f26b55f3605af896766dd7

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
age: 2479444
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 306
content-length: 206982
x-amz-id-2: 00wxkpwuAzVTkPD8/nzRtFNLsfyAqVWfcEHoC2EHo/t6ZcwKMq60wTYpksh3aMjkKJ0nwH342Hg=
x-served-by: cache-dca17743-DCA, cache-cdg20737-CDG
last-modified: Fri, 21 Dec 2018 01:15:44 GMT
server: AmazonS3
x-timer: S1553188750.997251,VS0,VE0
etag: "ffe80da4a589534ffbb17f46d6ef50a3"
vary: Accept-Encoding
x-amz-request-id: A730A61B7DDD0284
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
backend-origin: fastlyshield--shield_cache_dca17743_DCA
x-amz-meta-mtime: 1522022400

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 94 KB
19 KB 74ms
8ms Script
text/javascript 68.232.35.180
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1660-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.180 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/418F) /
Resource Hash: 98a91b898a824dd0cf24f33ff1e83eed96b8846b34906a04d148d679ec76328a

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
last-modified: Mon, 04 Feb 2019 23:26:44 GMT
server: ECS (fcn/418F)
etag: "3967517189"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
content-length: 19639
expires: Thu, 21 Mar 2019 17:24:09 GMT

GET
H2 200 tweets.json Show response
cdn.syndication.twimg.com/ 20 KB
4 KB 66ms
6ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb0&ids=1074787908375207936%2C1100117870103674885-t&lang=en&suppress_response_codes=true&theme=light&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4194) /

Resource Hash

af75f60ebe368904e8640eb0af9279f6dde3b6c35646475e20d88d10f11d1fa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-disposition: attachment; filename=jsonp.jsonp
strict-transport-security: max-age=631138519
content-length: 3889
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 162
last-modified: Thu, 21 Mar 2019 17:18:35 GMT
server: ECS (fcn/4194)
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=60
x-connection-hash: a9e04e70d818e5cbf65bd4be276ea6b2
accept-ranges: bytes
timing-allow-origin: *
x-transaction: 001e07320061eca7
expires: Thu, 21 Mar 2019 17:20:09 GMT

GET
H2 200 mpulse-1.0.2.js Show response
zdnet1.cbsistatic.com/fly/js/libs/ 12 KB
5 KB 25ms
24ms Script
application/javascript 2.18.233.149
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1660-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.149 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-149.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 763fa0bd7eff816d0a5f8c3e4075f9173a5cebf51a1e2c0d1174f841de10b9dd

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
content-encoding: gzip
last-modified: Tue, 04 Sep 2018 19:29:20 GMT
server: nginx
etag: W/"5b8edd10-2fdf"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=604800
timing-allow-origin: *
content-length: 4877
expires: Thu, 28 Mar 2019 17:19:10 GMT

GET
H2 200 1f914.png
abs.twimg.com/emoji/v2/72x72/ 1 KB
1 KB 60ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f914.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4194) /

Resource Hash

5116f7d07677f06785887c0af23c189b541a306d6b792d605ffaf3ed9f0e912d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
x-content-type-options: nosniff
x-ton-expected-size: 1028
x-cache: HIT
status: 200
content-length: 1028
x-response-time: 130
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:34 GMT
server: ECS (fcn/4194)
etag: "X7St/AzVm+1oZjkmNZWNow=="
content-type: image/png
access-control-allow-origin: *
x-connection-hash: e399e513aa3507909afec0b1b25f2ad4
accept-ranges: bytes
expires: Fri, 20 Mar 2020 17:19:10 GMT

GET
H2 200 1f602.png
abs.twimg.com/emoji/v2/72x72/ 1 KB
1 KB 57ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f602.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E4) /

Resource Hash

c252a58367211c11d839155e50dc5e98551826c64b8d2e8d6267124c054ceae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
x-content-type-options: nosniff
x-ton-expected-size: 1095
x-cache: HIT
status: 200
content-length: 1095
x-response-time: 133
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:28 GMT
server: ECS (fcn/40E4)
etag: "CskKXLmjEnqr5kggS5rnnQ=="
content-type: image/png
access-control-allow-origin: *
x-connection-hash: d4a4215a2bef4420bae8515b77d545fd
accept-ranges: bytes
expires: Fri, 20 Mar 2020 17:19:10 GMT

GET
H/1.1 200
OK tweet.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
platform.twitter.com/css/ 54 KB
13 KB 9ms
6ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/tweet.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A3) /
Resource Hash: c139b8dd7b1ccda2813ae79d127d1c0256f91a71fce5581887a1d5fbbca81bde

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Mar 2019 17:19:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:39:11 GMT
Server: ECS (fcn/41A3)
Etag: "ae6fef09ef216879adf6be6beb2522ea+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 12323

GET
H/1.1 200
OK tweet.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
platform.twitter.com/css/ 54 KB
54 KB 8ms
7ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/tweet.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A3) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Mar 2019 17:19:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:39:11 GMT
Server: ECS (fcn/41A3)
Etag: "ae6fef09ef216879adf6be6beb2522ea+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 12323

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/v2/ 2 KB
1 KB 173ms
72ms XHR
application/json 104.111.214.229
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/v2/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&t=1553188750295&s=98392a1069391a5f94ef52c2b553d49f3abd7dce8f948cb134cd640f59815352
Requested by: Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.229 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-229.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c755282022c2c52eddcf8d058df1c9de4d1e7fc42c771faff17c94ecaf858498

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Origin: https://www.zdnet.com

Response headers

Date: Thu, 21 Mar 2019 17:19:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 735

GET
H/1.1 200
OK isInternalUser.js Show response
iicbsi-a.akamaihd.net/common/js/esi/ 22 B
262 B 86ms
7ms Script
application/x-javascript 2a02:26f0:6c00::210:ba1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://iicbsi-a.akamaihd.net/common/js/esi/isInternalUser.js?cb=cbsiInternal
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1b , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 0f91e664ba993207337dbd5b1ab9f156c5f579d99d9b2e1315706815deadd0ae

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Mar 2019 17:19:10 GMT
Cache-Control: max-age=224926
Server: Apache
Connection: keep-alive
ETag: "fb25287978f1b619e801f164a2dfd9ea:1473886414"
Content-Length: 22
Content-Type: application/x-javascript

GET
H2 200 vglnk.js Show response
cdn.viglink.com/api/ 78 KB
27 KB 93ms
16ms Script
text/javascript 2606:4700::6810:a20d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viglink.com/api/vglnk.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a20d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0dd0d42e82bfcc16e96fb72d732787a0edf0bc99b0a34f6f6eaaf1d1b32a8f9

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 10188A31AAAD84F6
status: 200
content-length: 27355
x-amz-id-2: DqydBfcU3scbnAmCHibbgGUjt9NeYrjWjZWtMQ9zgQT9RYVOhrlkzz28Ae6Ws0CLqevAPK6qseU=
last-modified: Thu, 28 Feb 2019 16:44:17 GMT
server: cloudflare
etag: "e4a0c710d19e7cd4fd23cd54aeb7db5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 4bb196da38e363f7-FRA
expires: Thu, 21 Mar 2019 17:49:10 GMT

GET
H2 200 utag.1779.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 3 KB
2 KB 8ms
7ms Script
text/javascript 68.232.35.180
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1779.js?utv=ut4.43.201812051842
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.180 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AB) /
Resource Hash: cd5e6512fdbb698425174148dba05f72357a3b1944413f8812c55c4025d3d562

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2016 20:43:57 GMT
server: ECS (fcn/41AB)
etag: "392561602"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1785
expires: Fri, 05 Apr 2019 17:19:10 GMT

GET
H2 200 utag.1782.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 2 KB
1 KB 8ms
7ms Script
text/javascript 68.232.35.180
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1782.js?utv=ut4.43.201810291720
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.180 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DB) /
Resource Hash: 791b7ff5657f9c41e24adaa1f6f5a4dc51046d292b25b01a5a8d152ff4a951ac

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
content-encoding: gzip
last-modified: Mon, 29 Oct 2018 17:20:42 GMT
server: ECS (fcn/40DB)
etag: "3447796852"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1071
expires: Fri, 05 Apr 2019 17:19:10 GMT

GET
H2 200 utag.1787.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 142 KB
48 KB 9ms
7ms Script
text/javascript 68.232.35.180
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201902042326
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.180 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DE) /
Resource Hash: d4ccc0936dea09d1846d5bb1487dd533738e598752d8215cd883f77b3cd91d4b

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
content-encoding: gzip
last-modified: Mon, 04 Feb 2019 23:26:45 GMT
server: ECS (fcn/40DE)
etag: "3502559672"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 48643
expires: Fri, 05 Apr 2019 17:19:10 GMT

GET
H2 200 utag.1790.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 2 KB
956 B 9ms
9ms Script
text/javascript 68.232.35.180
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1790.js?utv=ut4.43.201805241512
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.180 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AF) /
Resource Hash: 10113bad06fefd5698a45480ffaedd421c6e06f9dbd0d1c772b7128bbea0842d

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2016 14:31:10 GMT
server: ECS (fcn/41AF)
etag: "2267415266"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 872
expires: Fri, 05 Apr 2019 17:19:10 GMT

GET
H2 200 utag.1791.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 2 KB
1 KB 8ms
8ms Script
text/javascript 68.232.35.180
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1791.js?utv=ut4.43.201805241512
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.180 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E6) /
Resource Hash: 7eae865fd7c820936603897a072b7ddd77b2c74e8022160fd19792291a63fac8

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2016 14:31:10 GMT
server: ECS (fcn/40E6)
etag: "3334871598"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1196
expires: Fri, 05 Apr 2019 17:19:10 GMT

GET
H2 200 utag.1792.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 4 KB
2 KB 8ms
7ms Script
text/javascript 68.232.35.180
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1792.js?utv=ut4.43.201805241512
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.180 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40D8) /
Resource Hash: dabf73474662398f4f686a1b3103542f53384dd6241e6ac13f8ba535c6372aff

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2016 14:28:47 GMT
server: ECS (fcn/40D8)
etag: "2022868805+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1664
expires: Fri, 05 Apr 2019 17:19:10 GMT

GET
H2 200 utag.1797.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 2 KB
967 B 8ms
8ms Script
text/javascript 68.232.35.180
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1797.js?utv=ut4.43.201805241512
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.180 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40AE) /
Resource Hash: 3ff065de0d90b0510727a72c173d05652c30967c5e6561dbf1d82fa077cabb22

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
content-encoding: gzip
last-modified: Wed, 25 Jan 2017 20:07:58 GMT
server: ECS (fcn/40AE)
etag: "1907756232"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 883
expires: Fri, 05 Apr 2019 17:19:10 GMT

GET
H2 200 utag.1800.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 2 KB
999 B 9ms
8ms Script
text/javascript 68.232.35.180
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1800.js?utv=ut4.43.201805241512
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.180 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40D7) /
Resource Hash: e9b3eb7f022396e969766ad5e908b21df0b646c943e149902c64de590e9549d9

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2017 22:40:35 GMT
server: ECS (fcn/40D7)
etag: "3890296134+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 912
expires: Fri, 05 Apr 2019 17:19:10 GMT

GET
H2

404

/ Show response
www.zdnet.com/ad/ad-cookie/01e230fc-a91b-4dd0-b93a-9315fd951bbd/
Redirect Chain

https://www.zdnet.com/ad/ad-cookie/01e230fc-a91b-4dd0-b93a-9315fd951bbd?_=1553188750430
https://www.zdnet.com/ad/ad-cookie/01e230fc-a91b-4dd0-b93a-9315fd951bbd/?_=1553188750430

380 KB
87 KB

765ms
747ms

XHR
text/html

2.18.233.143
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/ad/ad-cookie/01e230fc-a91b-4dd0-b93a-9315fd951bbd/?_=1553188750430

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.143 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a2-18-233-143.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

60ce6805dd57d4a59bac8584a189147d62afe7ca1ce56d8b7dff6dc964e4e9b1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /ad/ad-cookie/01e230fc-a91b-4dd0-b93a-9315fd951bbd/?_=1553188750430
pragma: no-cache
cookie: utag_main=v_id:0169a14383f10017e7d764c0a0bb00078004907000b08$_sn:1$_ss:1$_st:1553190550324$ses_id:1553188750324%3Bexp-session$_pn:1%3Bexp-session$linktag:undefined%3Bexp-session; fly_device=desktop; fly_geo={"countryCode": "de"}; fly_preferred_edition=eu; fly_default_edition=eu; ak_bmsc=447ED6C03C448AE569FEE5DA83BCA74F0210BA845B7200008EC7935C5C8EC374~plSR4+97k0YIdnDsNQvL1Z/AH+fzehxzl1lfT702145LH+3S14Ez7iEtj6RuFDcmE7exm2upp7nvLP0ajIyGOLjNPArCwTIx81kfUYtshxOZw8Kd51zZxGjpYz2BgXXqo2HDayWxoSI+260HxajPY9zj0pIASuLuOFxIss5F+32oBKj1OWGD8n2RutvXSyRoluMddBf6M8Dv5WAcOGY6qXL6f50Qhh27ZDDEokv0IyQCs=
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.zdnet.com
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
:method: GET
Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com;
content-encoding: gzip
x-content-type-options: nosniff
status: 404
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: SAMEORIGIN
date: Thu, 21 Mar 2019 17:19:11 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
vary: Accept-Encoding, User-Agent
x-tx-id: ed01339f-8af9-44da-9c75-d5a9074adf9b
content-type: text/html; charset=UTF-8
cache-control: max-age=5400, private
set-cookie: bm_mi=67E4EAAB95DEBCEA497F67943D07B7CD~E1NJiyA2eybFVdZV/dgZkgiLN5TtWA2ZoxsdrncRs+2RWdZTbfO87RZ9RwF0WJj7KbDlsDuti8GD+Y5WsFUhHqjhzpnFK/S0yIj10WD51VpiYuy2i9ByDqgsfx/OGed0fhbb2aG3ZYF7XbZuDGuLfV7cBjDwoZDscCznlLd1nMFpu2vkZu+tXZ8XoTfyFhBSmAGk2QlUFWY+3SigFv1zFrmaFXalq6/sgFZcRLeOdN88pCoSguk4uHmj+Zk8wOKWKLU1/rcn/odjWx/XgIIbuRjfE4CRptgVVMx3QGa3iSY=; Domain=.zdnet.com; Path=/; Max-Age=7200; HttpOnly bm_sv=E99F1AB27CA116CBBAA6C2EA0423BB65~brRXVk8Ntip0jsZbYwezoUMjYBn5lV62+B5NzSFuXmwGVUHbgLR4vTliPuk79QywHn1lfKzEww2WwQhsezJ1oJFp4y7kdoMLQ4OHSSuKvdUgjGQKAkTB5TG4BZTqcjNTu+fehq5OvgKfRCByk7dwON3Kt+mDg1/L9rAzv3NDDTQ=; Domain=.zdnet.com; Path=/; Max-Age=7199; HttpOnly
expires: Thu, 21 Mar 2019 18:49:11 GMT

Redirect headers

status: 301
date: Thu, 21 Mar 2019 17:19:10 GMT
vary: Accept-Encoding, User-Agent
server: nginx
location: https://www.zdnet.com/ad/ad-cookie/01e230fc-a91b-4dd0-b93a-9315fd951bbd/?_=1553188750430
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/html
access-control-allow-origin: https://www.zdnet.com
set-cookie: fly_device=desktop; expires=Thu, 28-Mar-2019 17:19:10 GMT; path=/; domain=.zdnet.com; secure fly_geo={"countryCode": "de"}; expires=Thu, 28-Mar-2019 17:19:10 GMT; path=/; domain=.zdnet.com; secure fly_preferred_edition=eu; path=/; domain=.zdnet.com; secure fly_default_edition=eu; path=/; domain=.zdnet.com; secure ak_bmsc=447ED6C03C448AE569FEE5DA83BCA74F0210BA845B7200008EC7935C5C8EC374~plSR4+97k0YIdnDsNQvL1Z/AH+fzehxzl1lfT702145LH+3S14Ez7iEtj6RuFDcmE7exm2upp7nvLP0ajIyGOLjNPArCwTIx81kfUYtshxOZw8Kd51zZxGjpYz2BgXXqo2HDayWxoSI+260HxajPY9zj0pIASuLuOFxIss5F+32oBKj1OWGD8n2RutvXSyRoluMddBf6M8Dv5WAcOGY6qXL6f50Qhh27ZDDEokv0IyQCs=; expires=Thu, 21 Mar 2019 19:19:10 GMT; max-age=7200; path=/; domain=.zdnet.com; HttpOnly
content-length: 178

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/ Frame BCAD 326 B
544 B 65ms
18ms Script
application/javascript 2606:4700::6810:4ea5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/lightbox.js?cb=1553188750469&lv=1
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8cbc6f6b56bd4267915a2dc3fb476ff37dc18f9abcaf7fe8768afad282d809b6

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-ray: 4bb196dadef964c9-FRA

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 26 KB
12 KB 143ms
32ms Script
application/javascript 34.246.247.78
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?2122019
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1782.js?utv=ut4.43.201810291720
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.247.78 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-247-78.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a3273dce4deb1a87d9c6b75ce1b9305872ee56ad6da2ab873858d9d20d1ff3a8

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Mar 2019 17:19:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Mar 2019 06:07:44 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=46114
Connection: keep-alive
Content-Length: 11908
Expires: Fri, 22 Mar 2019 06:07:44 GMT

GET
H/1.1 200
OK ds.js Show response
dw.cbsi.com/js/cbsi/ 18 KB
7 KB 658ms
214ms Script
application/javascript 64.30.230.22
CBS Interactive Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://dw.cbsi.com/js/cbsi/ds.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1790.js?utv=ut4.43.201805241512
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.30.230.22 Fort Lauderdale, United States, ASN6623 (CBSI-1 - CBS Interactive Inc., US),
Reverse DNS: phx2-dw-cbsi-xw-ext-lb.cnet.com
Software: Apache/2.4.25 /
Resource Hash: d696da403b0169c2191d0ec0b0fcdaa85487b21b19fd58f4b1fb5b9edf40b153

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Mar 2019 17:19:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Sep 2017 19:06:40 GMT
Server: Apache/2.4.25
ETag: "1917-55916dc13f000"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200, s-maxage=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=80, max=662
Content-Length: 6423
Expires: Thu, 21 Mar 2019 17:49:11 GMT

GET
H/1.1 200
OK st.v3.js Show response
www.everestjs.net/static/ 17 KB
6 KB 58ms
8ms Script
text/javascript 104.109.87.166
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/static/st.v3.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.87.166 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-87-166.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 35733dd71de077b039d2bac6614c78eb3ab7d3879cb307cc10cc1907d2f61eb6

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Mar 2019 17:19:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Nov 2018 08:53:52 GMT
Server: Apache
ETag: "183a208-4205-57ba196bd494e"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=36771
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5509
Expires: Fri, 22 Mar 2019 03:32:01 GMT

GET
H2 200 cbsinteractive.js Show response
tru.am/scripts/custom/ 2 KB
1 KB 66ms
16ms Script
application/javascript 2606:4700:20::6819:a222
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/custom/cbsinteractive.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1797.js?utv=ut4.43.201805241512
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:a222 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a27fab6c5a0b1db438219c7d24ce2fff95e0910378fe4bdeb64b4f970eebccc

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Jan 2018 19:10:31 GMT
server: cloudflare
etag: W/"8c3752e674fdabefc911d5c40f71780d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4bb196dafbcbc2f6-FRA
expires: Thu, 21 Mar 2019 21:19:10 GMT

GET
H2 200 tag.js Show response
js.agkn.com/prod/v0/ 3 KB
3 KB 69ms
7ms Script
application/javascript 2600:9000:200c:3400:15:efbc:e300:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.agkn.com/prod/v0/tag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1800.js?utv=ut4.43.201805241512
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:3400:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 22:38:54 GMT
via: 1.1 ae322f9f82b436687f3bcaf36433b2bb.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 22:35:38 GMT
server: AmazonS3
age: 67283
etag: "a5442c681a576408c25edbf365995343"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 3167
x-amz-cf-id: jdsrTX1gMinFwLulKVIo7Yp4wN_vDSyF9nXlFeRtNK6AKITtf6MeFg==

GET
H/1.1 200
OK anonc.js Show response
dw.cbsi.com/ 73 B
620 B 634ms
205ms Script
application/javascript 64.30.230.22
CBS Interactive Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://dw.cbsi.com/anonc.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201902042326
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.30.230.22 Fort Lauderdale, United States, ASN6623 (CBSI-1 - CBS Interactive Inc., US),
Reverse DNS: phx2-dw-cbsi-xw-ext-lb.cnet.com
Software: Apache/2.4.25 /
Resource Hash: 66a54236fb1d1249adbd36dd6844730e9cb78c763d8f135f858132fce4aa2cb0

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Mar 2019 17:19:11 GMT
Server: Apache/2.4.25
Etag: b9BRUFyTx4+eGJFrZlk.1.dw_anonc
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
Cache-control: private, max-age=43200, s-max-age=0
Connection: Keep-Alive
Content-Type: application/javascript
Keep-Alive: timeout=80, max=367
Content-Length: 73
Expires: Mon, 05 Jan 1970 12:12:12 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame 8167
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

19ms
7ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E3) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 21 Mar 2019 17:19:10 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Thu, 07 Mar 2019 17:40:21 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40E3)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Thu, 21 Mar 2019 17:19:10 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Thu, 21 Mar 2019 17:19:10 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_f
strict-transport-security: max-age=631138519
x-connection-hash: 863853e6db01a9b65bd2274be3760da2
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 105
x-transaction: 00192af6002333a6
x-tsa-request-body-time: 1
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H2 200 BPp7B47T_normal.png
pbs.twimg.com/profile_images/526793652673064960/ 5 KB
5 KB 43ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/526793652673064960/BPp7B47T_normal.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E4) /

Resource Hash

6a108e0af8fe6848b275a2827822879e528159c28a6f189f18288ab169abad78

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
x-content-type-options: nosniff
content-md5: aJR7+J10DaeUejCtCQoIhw==
x-cache: HIT
status: 200
content-length: 5303
x-response-time: 175
surrogate-key: profile_images profile_images/bucket/2 profile_images/526793652673064960
last-modified: Mon, 27 Oct 2014 17:50:48 GMT
server: ECS (fcn/40E4)
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 80d467691e40c3433abdd906eabc03d8
accept-ranges: bytes

GET
H2 200 n_7ZFFM5_normal.jpeg
pbs.twimg.com/profile_images/455156807850139649/ 2 KB
2 KB 42ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/455156807850139649/n_7ZFFM5_normal.jpeg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41D8) /

Resource Hash

aab73e6139dc400b2967f20845867129b3f7d2d73c84a5c4ae46cac580cd4028

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
x-content-type-options: nosniff
content-md5: AT8Jbn2+2adW0oRiLMiTYg==
x-cache: HIT
status: 200
content-length: 2111
x-response-time: 258
surrogate-key: profile_images profile_images/bucket/4 profile_images/455156807850139649
last-modified: Sun, 13 Apr 2014 01:31:34 GMT
server: ECS (fcn/41D8)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 35600865f4a8ecaba317944de4a54a61
accept-ranges: bytes

GET
H2 200 DupWFVwUcAAX4hH
pbs.twimg.com/media/ 5 KB
6 KB 42ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DupWFVwUcAAX4hH?format=jpg&name=360x360

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

14936044ec368cc946cff8ad9bdd59e74d17dd3f1ffd4f783eefdf1a869d4c07

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 116
date: Thu, 21 Mar 2019 17:19:10 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/2 media/1074766110820429824
last-modified: Mon, 17 Dec 2018 20:37:43 GMT
server: ECS (fcn/418C)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 51004004b6b981bdc4147701835de6fc
accept-ranges: bytes
content-length: 5517

GET
H2 200 DupWGj0UYAA3dew
pbs.twimg.com/media/ 13 KB
13 KB 28ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DupWGj0UYAA3dew?format=jpg&name=360x360

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E1) /

Resource Hash

8e494b61172dda630247a270e1061ce528f4cd286618a1b8cfef822a48e92943

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 122
date: Thu, 21 Mar 2019 17:19:10 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/2 media/1074766131775168512
last-modified: Mon, 17 Dec 2018 20:37:48 GMT
server: ECS (fcn/40E1)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 75a7e4ab16f28a394ca4d68035da8e14
accept-ranges: bytes
content-length: 12920

GET
H2 200 default_profile_normal.png
abs.twimg.com/sticky/default_profile_images/ 504 B
637 B 7ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/sticky/default_profile_images/default_profile_normal.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4186) /

Resource Hash

e34a680ea26c1aeeb0163f836240d84892c4a889cd3fd92bd6b322eb575e3b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
x-content-type-options: nosniff
x-ton-expected-size: 504
x-cache: HIT
status: 200
content-length: 504
x-response-time: 112
surrogate-key: twitter-assets
last-modified: Tue, 19 Sep 2017 21:03:47 GMT
server: ECS (fcn/4186)
etag: "QcuRPIhOAYpzfGh0vMtQAQ=="
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 5880dac5cf7cb49649621c82f115b2c9
accept-ranges: bytes
expires: Fri, 20 Mar 2020 17:19:10 GMT

GET
H/1.1 204
No Content / Show response
364bf6cc.akstat.io/ 0
354 B 164ms
71ms XHR
image/gif 104.111.214.229
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://364bf6cc.akstat.io/?h.pg=article&h.ab=ad_stack_a_1&when=1553188750433&t_other=custom4%7C739&d=zdnet.com&h.key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&h.d=zdnet.com&h.cr=cc6a1fb386d166a79970eb5d53049c9d380fdd2c&h.t=1553188750431&http.initiator=api&rt.start=api&rt.si=699d1070-2642-4056-b84d-7b21de5fe4f5&rt.ss=1553188752748&rt.sl=0&api=1&api.v=2&api.l=js&api.lv=0.0.1

Requested by

Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.214.229 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-214-229.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Origin: https://www.zdnet.com

Response headers

Pragma: no-cache
Date: Thu, 21 Mar 2019 17:19:10 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Thu, 21 Mar 2019 17:19:10 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
7 KB 39ms
11ms Stylesheet
text/css 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 45170
x-cache: HIT
status: 200
content-length: 6944
x-response-time: 114
surrogate-key: tfw
last-modified: Fri, 25 Jan 2019 15:01:44 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://twitter.com
x-transaction-id: 0031078900ced605
perf: 6
x-connection-hash: b35e9861833e9d357d77200e6c9fb911
accept-ranges: bytes
expires: Thu, 28 Mar 2019 17:19:10 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 25ms
10ms Image
text/css 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 45170
x-cache: HIT
status: 200
content-length: 6944
x-response-time: 114
surrogate-key: tfw
last-modified: Fri, 25 Jan 2019 15:01:44 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://twitter.com
x-transaction-id: 0031078900ced605
perf: 6
x-connection-hash: b35e9861833e9d357d77200e6c9fb911
accept-ranges: bytes
expires: Thu, 28 Mar 2019 17:19:10 GMT

GET
DATA 200
OK truncated
/ 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0

Request headers

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0341a4478ce861ef85c819b913fa0a2501836a6a2ffda8643e95e39f4a2a7de0

Request headers

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 707 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29

Request headers

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 835 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e8d9c376f9c2619e8812440b680d6b28c3ed51cb6e7e71ea877fe5441aa9215

Request headers

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 323 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3531ed2c934e5daee80955db42a0245d666131e6322c6ec6985992922520ab4

Request headers

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
263 B 23ms
22ms Image
image/gif 2606:4700::6810:a20d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=1&rn=3.842841541952292
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a20d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
x-amz-request-id: 1A44048EE6D14824
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=15, must-revalidate
accept-ranges: bytes
cf-ray: 4bb196db59e763f7-FRA
content-length: 43
x-amz-id-2: MzLO+M36nfrkYr60LBEdLjWIZQP+zdpEDuEKphP3iM5lGEG7+bXlUdmyZWj6f44IsVLtTSb4i6I=

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
102 B 22ms
22ms Image
image/gif 2606:4700::6810:a20d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=2&rn=3.842841541952292
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a20d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
x-amz-request-id: 1A44048EE6D14824
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=15, must-revalidate
accept-ranges: bytes
cf-ray: 4bb196db59ec63f7-FRA
content-length: 43
x-amz-id-2: MzLO+M36nfrkYr60LBEdLjWIZQP+zdpEDuEKphP3iM5lGEG7+bXlUdmyZWj6f44IsVLtTSb4i6I=

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/ Frame BCAD 616 KB
116 KB 14ms
13ms Script
application/javascript 2606:4700::6810:4ea5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=636885417988309970
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/lightbox.js?cb=1553188750469&lv=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b536d88c3df185fc95a5c3120148b75da6dbe0960d3108642c9ec87d239f727

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Mar 2019 17:19:10 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 7bBbWBinUYzuMBUFRxJi/A==
cf-polished: origSize=998594
status: 200
x-ms-lease-status: unlocked
last-modified: Mon, 18 Mar 2019 21:36:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: c399d447-501e-003e-68d2-dde3e0000000
expires: Fri, 20 Mar 2020 17:19:10 GMT
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 4bb196db8fdd64c9-FRA
cf-bgj: minify

GET
H2 200 ta-pagesocial-sdk.js Show response
tru.am/scripts/ 34 KB
12 KB 30ms
17ms Script
application/javascript 2606:4700:20::6819:a222
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/custom/cbsinteractive.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:a222 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb9007c254c493be4a067de535b19a30f5e5aef3d5b19f58b1c72d2c65a04f79

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 May 2018 10:49:23 GMT
server: cloudflare
etag: W/"8761e04182a1c11ff30f706f8052c8d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
cf-ray: 4bb196dbae6dc2f6-FRA
expires: Fri, 22 Mar 2019 17:19:10 GMT

GET
H/1.1 200
OK Cookie set /
d.agkn.com/iframe/8613/ Frame E642 0
0 492ms
134ms Document
text/html 52.5.125.127
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.agkn.com/iframe/8613/?che=854570593&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fpewdiepie-fans-keep-making-junk-ransomware%2F&bpid=cbsinteractive&c=%7B%22bpid%22%3A%22cbsinteractive%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fpewdiepie-fans-keep-making-junk-ransomware%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Requested by: Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.125.127 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-5-125-127.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Host: d.agkn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/

Response headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html;charset=UTF-8
Date: Thu, 21 Mar 2019 17:19:11 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ab=0001%3AYlgo0Ey7wNgAgIXFtydolezzKJ3xuREt;Max-Age=31536000;domain=agkn.com;path=/ u=C|0AEAkJoQPJCaEDwAAAAAAAg1RAQCADVIBAIA;Max-Age=31536000;domain=agkn.com;path=/
Content-Length: 481
Connection: keep-alive

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 906 B
1 KB 58ms
29ms Script
application/javascript 34.246.247.78
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=50070&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fpewdiepie-fans-keep-making-junk-ransomware%2F&pv=1553188750660_5gygtsbe0&bl=en-us&cb=5449496&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D%5BPersonID%5D%26redir%3D&ht=&d=&dc=&si=1553188750660_5gygtsbe0&cid=01e230fc-a91b-4dd0-b93a-9315fd951bbd&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?2122019
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.247.78 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-247-78.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4549db85e4e317e4a13e44ac97e4c0cc886a110d97ac02c0842148039d698484

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Mar 2019 17:19:09 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 519
Expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
698 B 600ms
213ms Script
application/javascript 34.235.206.33
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=2122019
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?2122019
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.206.33 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-235-206-33.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Mar 2019 17:19:10 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 138
Expires: Fri, 22 Mar 2019 17:19:11 GMT

GET
H2 200 news_stroke_v1_78ce5b21fb24a7c7e528d22fc25bd9f9df7f24e2.svg
ton.twimg.com/tfw/assets/ 829 B
520 B 8ms
7ms Image
image/svg+xml 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/assets/news_stroke_v1_78ce5b21fb24a7c7e528d22fc25bd9f9df7f24e2.svg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AC) /

Resource Hash

5c0f79d0286f1fd3db48e1b689358017b302c0f4babde540329e8c644cf119c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 829
x-cache: HIT
status: 200
content-length: 395
x-response-time: 125
surrogate-key: tfw
last-modified: Fri, 25 Jan 2019 15:01:44 GMT
server: ECS (fcn/41AC)
etag: "CTUg6L9PuY+d9h5xpE0zmw=="
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://twitter.com
x-connection-hash: 3e444a7756f5eb618803b28868884c14
accept-ranges: bytes
expires: Thu, 28 Mar 2019 17:19:10 GMT

POST
H2 200 beacon Show response
beacon.tru.am/ 17 B
387 B 177ms
117ms Fetch
application/json 2606:4700:20::6819:a222
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.tru.am/beacon
Requested by: Host: tru.am
URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:a222 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27676ea482895bdddd3f3796f430a812e11364efc224227c86973a52398966c2

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 21 Mar 2019 17:19:11 GMT
content-encoding: br
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, private, max-age=0
cf-ray: 4bb196dd3ba4c288-FRA
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame A539 2 KB
1 KB 86ms
86ms XHR
application/json 104.111.214.229
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&d=www.zdnet.com&t=5177296&v=1.571.0&if=&sl=0&si=ll21qjf59ic-NaN&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,LOGN&acao=
Requested by: Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.229 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-229.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: accd63594714cd7dfcc3699c315125fb029d79b87c576682a5a680659f823fe0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Origin: https://www.zdnet.com

Response headers

Date: Thu, 21 Mar 2019 17:19:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 692

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://tags.bluekai.com/site/20486?limit=0&id=5978151465687257429&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151465687257429%26eid=50056
https://ml314.com/csync.ashx?fp=$_BK_UUID&person_id=5978151465687257429&eid=50056

43 B
312 B

67ms
31ms

Image
image/gif

34.246.247.78
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=$_BK_UUID&person_id=5978151465687257429&eid=50056
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.247.78 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-247-78.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Mar 2019 17:19:10 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Fri, 22 Mar 2019 13:19:11 GMT

Redirect headers

Location: https://ml314.com/csync.ashx?fp=$_BK_UUID&person_id=5978151465687257429&eid=50056
Date: Thu, 21 Mar 2019 17:19:11 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 5de6
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=5978151465687257429
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTNTk3ODE1MTQ2NTY4NzI1NzQyORAAGg0Ij4_P5AUSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=6b727aaeb73a67aa6f82c50b998260712ccd8dc68e603ae9cd62df62cdcf2e7cf4cb09cee1a4f8eb&person_id=5978151465687257429&eid=50082

43 B
312 B

31ms
28ms

Image
image/gif

54.171.224.12
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=6b727aaeb73a67aa6f82c50b998260712ccd8dc68e603ae9cd62df62cdcf2e7cf4cb09cee1a4f8eb&person_id=5978151465687257429&eid=50082
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.224.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-171-224-12.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Mar 2019 17:19:10 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Fri, 22 Mar 2019 13:19:11 GMT

Redirect headers

status: 307
date: Thu, 21 Mar 2019 17:19:11 GMT
cache-control: no-cache, no-store
timing-allow-origin: *
content-length: 0
location: https://ml314.com/csync.ashx?fp=6b727aaeb73a67aa6f82c50b998260712ccd8dc68e603ae9cd62df62cdcf2e7cf4cb09cee1a4f8eb&person_id=5978151465687257429&eid=50082
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151465687257429%26eid=50220
https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151465687257429%26eid=50220&mm_bnc&mm_bct
https://ml314.com/csync.ashx?fp=29ed5c93-c640-4700-a8ca-9ef29621bc22&person_id=5978151465687257429&eid=50220

43 B
312 B

36ms
29ms

Image
image/gif

34.246.247.78
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=29ed5c93-c640-4700-a8ca-9ef29621bc22&person_id=5978151465687257429&eid=50220
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.247.78 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-247-78.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Mar 2019 17:19:10 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Fri, 22 Mar 2019 13:19:11 GMT

Redirect headers

Date: Thu, 21 Mar 2019 17:19:11 GMT
Server: MT3 1.31.3.9 fe26b9c DPLAT-404 zrh-pixel-x15
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://ml314.com/csync.ashx?fp=29ed5c93-c640-4700-a8ca-9ef29621bc22&person_id=5978151465687257429&eid=50220
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Thu, 21 Mar 2019 17:19:10 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151465687257429
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151465687257429
https://ml314.com/csync.ashx?fp=56216becbf7858e42f879af7780b234e&eid=50146&person_id=5978151465687257429

43 B
312 B

37ms
31ms

Image
image/gif

54.171.224.12
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=56216becbf7858e42f879af7780b234e&eid=50146&person_id=5978151465687257429
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.224.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-171-224-12.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Mar 2019 17:19:10 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Fri, 22 Mar 2019 13:19:11 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 21 Mar 2019 17:19:11 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: https://ml314.com/csync.ashx?fp=56216becbf7858e42f879af7780b234e&eid=50146&person_id=5978151465687257429
Cache-Control: no-cache
X-Server: 10.26.24.104
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=28npp3LuWzQn6SL6HIn53-4ImbrgejqK51HXR0YWVntI&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil
https://ml314.com/csync.ashx?fp=28npp3LuWzQn6SL6HIn53-4ImbrgejqK51HXR0YWVntI&person_id=5978151465687257429&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
https://ps.eyeota.net/match/bounce/?bid=r8hrb20&uid=nil

70 B
171 B

11ms
10ms

Image
image/gif

18.195.251.148
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?bid=r8hrb20&uid=nil
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.195.251.148 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-195-251-148.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Mar 2019 17:19:11 GMT
Content-Length: 70
Content-Type: image/gif

Redirect headers

Location: /match/bounce/?bid=r8hrb20&uid=nil
Date: Thu, 21 Mar 2019 17:19:11 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=5978151465687257429&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=5978151465687257429&redir=

42 B
769 B

102ms
40ms

Image
image/gif

52.213.58.51
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=5978151465687257429&redir=
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.58.51 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-213-58-51.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v021-0472015ba.edge-irl1.demdex.com 5.49.0.20190304124312 3ms
Pragma: no-cache
X-TID: KIqXl83QRJE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
X-TID: fDSAcJD1T2o=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=5978151465687257429&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 fb_digioh.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 10ms
9ms Stylesheet
text/css 2606:4700::6810:4ea5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_digioh.2.1.5.css?cb=636885417983100100
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=636885417988309970
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2a804abed27cf1276fba69a26f3da96befe05f5661af72545fc97a508c82e5e

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Mar 2019 17:19:11 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: i+12d4SLet4LAL0q+CrTcw==
cf-polished: origSize=5372
x-ms-meta-cbmodifiedtime: Tue, 03 Nov 2015 22:12:06 GMT
status: 200
x-ms-lease-status: unlocked
last-modified: Wed, 20 Feb 2019 20:29:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: c1bdb8e7-601e-00b5-02d2-dd583e000000
expires: Fri, 20 Mar 2020 17:19:11 GMT
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 4bb196ddfb0664c9-FRA
cf-bgj: minify

GET
H2 200 ls.html
www.lightboxcdn.com/lclst/a1583f50-579b-41d0-8c4e-1cd1790d945c/ Frame 7E8C 0
0 94ms
0ms Document
text/html 2606:4700::6810:4ea5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/lclst/a1583f50-579b-41d0-8c4e-1cd1790d945c/ls.html?purl=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fpewdiepie-fans-keep-making-junk-ransomware%2F&vid=a1583f50-579b-41d0-8c4e-1cd1790d945c&se=0&prev=0&cb=636885417983100100
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=636885417988309970
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: www.lightboxcdn.com
:scheme: https
:path: /lclst/a1583f50-579b-41d0-8c4e-1cd1790d945c/ls.html?purl=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fpewdiepie-fans-keep-making-junk-ransomware%2F&vid=a1583f50-579b-41d0-8c4e-1cd1790d945c&se=0&prev=0&cb=636885417983100100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
accept-encoding: gzip, deflate, br
cookie: __cfduid=df30d14e8284c8aa0aad76f91e577219e1553188750
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/

Response headers

status: 200
date: Thu, 21 Mar 2019 17:19:11 GMT
content-type: text/html
content-md5: xa1/rdPe0J6SwxlD7atkzw==
last-modified: Mon, 18 Mar 2019 21:36:38 GMT
x-ms-request-id: 1a749e9f-c01e-00b8-14a8-dfb732000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
cf-cache-status: HIT
expires: Fri, 20 Mar 2020 17:19:11 GMT
cache-control: public, max-age=31536000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 4bb196deabfd64c9-FRA
content-encoding: br

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
248 B 98ms
0ms Image
image/gif 2606:4700::6810:4ea5
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1553188751027&h=www.zdnet.com&e=p&u=40913
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Mar 2019 17:19:11 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
status: 200
content-length: 35
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 7e3e704a-501e-0118-4275-cd3e01000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 4bb196deabfe64c9-FRA
cf-bgj: imgq:85

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 265 B
943 B 191ms
38ms XHR
text/javascript 54.154.175.204
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.175.204 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-154-175-204.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 4929f9283756061c00d4ae2d0e081adf2b164b58753207ed926f42b4ecf6edaa

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 21 Mar 2019 17:19:11 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 265
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame 88E9
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

10ms
9ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4194) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 21 Mar 2019 17:19:11 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Thu, 07 Mar 2019 17:40:21 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4194)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Thu, 21 Mar 2019 17:19:11 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Thu, 21 Mar 2019 17:19:11 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_f
strict-transport-security: max-age=631138519
x-connection-hash: 863853e6db01a9b65bd2274be3760da2
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 106
x-transaction: 0038236d00eb0484
x-tsa-request-body-time: 0
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
1 KB 80ms
41ms XHR
application/json 52.213.58.51
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/id?d_visid_ver=2.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=10D31225525FF5790A490D4D%40AdobeOrg&d_nsid=0&ts=1553188751256
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201902042326
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.58.51 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-213-58-51.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 24204f4ac7a38aac10bb2501da90477b16ad72ab88f1e4351836a2aa9adcf172

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v021-0c4cd9be3.edge-irl1.demdex.com 5.49.0.20190304124312 6ms
Pragma: no-cache
Content-Encoding: gzip
X-TID: cfDTpm90T5U=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 747
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
125 B 46ms
9ms Script
text/javascript 68.232.35.180
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=cbsi/zdnetglobalsite/201902042326&cb=1553188751258
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.180 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40AE) /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:11 GMT
last-modified: Thu, 14 Apr 2016 16:59:33 GMT
server: ECS (fcn/40AE)
etag: "2243872957"
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Thu, 21 Mar 2019 17:29:11 GMT

GET
H/1.1 200
OK c.gif
dw.cbsi.com/clear/ 42 B
346 B 193ms
188ms Image
image/gif 64.30.230.22
CBS Interactive Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dw.cbsi.com/clear/c.gif?rsid=cnetzdnetglobalsite&sid=2&siteid=2&pagetype=article&assetguid=9653b78a-2689-46b0-9712-726d32db55cf&assettitle=pewdiepie%20fans%20keep%20making%20junk%20ransomware&assettype=content_article&pubdate=2019-03-21%2005%3A30%3A00&viewguid=01e230fc-a91b-4dd0-b93a-9315fd951bbd&devicetype=desktop&sitetype=responsive%20web&author=catalin%20cimpanu&authorid=85fd8691-f525-4ea2-a601-af296f629f7f&topicguid=113c25b6-ec91-11e3-95d2-02911863765e&topic=security&topicbrcrm=security&ts=1553188751261&ld=www.zdnet.com&ldc=6f21ee22-04f1-4e15-a8e5-55a72b9780f6&brwinsz=1600x1200&brscrsz=1600x1200&brlang=en-US&tcset=utf8&im=dsjs&clgf=b9BRUFyTx4%2BeGJFrZlk&srcurl=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fpewdiepie-fans-keep-making-junk-ransomware%2F&title=PewDiePie%20fans%20keep%20making%20junk%20ransomware%20%7C%20ZDNet
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.30.230.22 Fort Lauderdale, United States, ASN6623 (CBSI-1 - CBS Interactive Inc., US),
Reverse DNS: phx2-dw-cbsi-xw-ext-lb.cnet.com
Software: Apache/2.4.25 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Mar 2019 17:19:11 GMT
Server: Apache/2.4.25
Vary: *
Content-Type: image/gif
Cache-control: no-cache, must-revalidate, no-transform
Connection: Keep-Alive
Keep-Alive: timeout=80, max=421
Content-Length: 42
Expires: Mon, 05 Jan 1970 12:12:12 GMT

GET
H/1.1 200
OK Cookie set dest5.html
cbsi.demdex.net/ Frame D3FB 0
0 134ms
29ms Document
text/html 52.213.106.142
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cbsi.demdex.net/dest5.html?d_nsid=undefined
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201902042326
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.106.142 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-213-106-142.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: cbsi.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Accept-Encoding: gzip, deflate, br
Cookie: demdex=09881270671324153933305223948650950324
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Wed, 06 Mar 2019 12:39:14 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=09881270671324153933305223948650950324;Path=/;Domain=.demdex.net;Expires=Tue, 17-Sep-2019 17:19:11 GMT;Max-Age=15552000
Vary: Accept-Encoding, User-Agent
X-TID: n1BIBJTYSqc=
Content-Length: 2764
Connection: keep-alive

GET
H/1.1 200
OK id Show response
saa.cbsi.com/ 90 B
716 B 131ms
22ms XHR
application/x-javascript 63.140.43.37
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://saa.cbsi.com/id?d_visid_ver=2.3.0&d_fieldgroup=A&mcorgid=10D31225525FF5790A490D4D%40AdobeOrg&mid=10000834970483120253281164086680742860&ts=1553188751398

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201902042326

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.140.43.37 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

cbsi.com.ssl.sc.omtrdc.net

Software

Omniture DC/2.0.0 /

Resource Hash

4d33f2f87c614daa150f3867cc4488dce09e25113fa060a2e364222384fa3b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Thu, 21 Mar 2019 17:19:11 GMT
X-Content-Type-Options: nosniff
Server: Omniture DC/2.0.0
xserver: www93
Vary: Origin
X-C: ms-6.6.0
P3P: CP="This is not a P3P policy"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/x-javascript
Keep-Alive: timeout=15
Content-Length: 90
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 93 B
538 B 31ms
31ms XHR
text/javascript 54.154.175.204
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.175.204 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-154-175-204.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: c01cf2edc7af1a7a4d2c4415a9f93562e3d084a107f7ad095c870223415fc8c6

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 21 Mar 2019 17:19:11 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 93
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK z Show response
lightboxapi2.azurewebsites.net/z9p/40913/www.zdnet.com/jsonp/ 291 B
634 B 566ms
128ms Script
application/javascript 23.99.128.52
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi2.azurewebsites.net/z9p/40913/www.zdnet.com/jsonp/z?cb=1553188751459&callback=jQuery171038505254108119225_1553188750987&_=1553188751460
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=636885417988309970
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.128.52 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-dm1-001.cloudapp.net
Software: Kestrel / ASP.NET
Resource Hash: 0c006843dcf9940212e01f266e0a85e7de99faccbf2ad26a2d1669821d46974b

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Mar 2019 17:19:11 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: Kestrel
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
1 KB 49ms
48ms XHR
application/json 52.213.58.51
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/id?d_visid_ver=2.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=10D31225525FF5790A490D4D%40AdobeOrg&d_nsid=0&d_mid=10000834970483120253281164086680742860&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%012E49E3C78531379D-4000010BA000095B&ts=1553188751534
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201902042326
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.58.51 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-213-58-51.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8cf120868fea3ec6133445d9196bdfb84fce3d29a52a7c0a24b1503e971c9aa2

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v021-0357f0ce1.edge-irl1.demdex.com 5.49.0.20190304124312 8ms
Pragma: no-cache
Content-Encoding: gzip
X-TID: 3YDwI4ajSxA=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 748
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK s35728903227227 Show response
saa.cbsi.com/b/ss/cnetzdnetglobalsite/10/JS-2.3.0/ 2 KB
2 KB 69ms
57ms Script
application/x-javascript 63.140.43.37
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://saa.cbsi.com/b/ss/cnetzdnetglobalsite/10/JS-2.3.0/s35728903227227?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=21%2F2%2F2019%2017%3A19%3A11%204%200&d.&nsid=0&jsonv=1&.d&mid=10000834970483120253281164086680742860&aid=2E49E3C78531379D-4000010BA000095B&aamlh=6&ce=UTF-8&ns=cbsinteractive&pageName=zdnet%3A%2Farticle%2Fpewdiepie-fans-keep-making-junk-ransomware%2F&g=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fpewdiepie-fans-keep-making-junk-ransomware%2F&cc=USD&ch=editorial&server=www.zdnet.com&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=zdnet&v1=zdnet&h1=editorial%7Carticle&l1=youtube&c2=D%3Dv2&l2=113c25b6-ec91-11e3-95d2-02911863765e&c3=D%3Dv3&v3=responsive%20web%7Cdesktop&l3=85fd8691-f525-4ea2-a601-af296f629f7f&c4=D%3Dv4&c5=D%3Dv5&v5=cnetzdnetglobalsite&c6=D%3Dv6&v6=editorial%7Carticle&c7=D%3Dv7&v7=D%3Dg&c8=D%3Dv8&v8=PewDiePie%20fans%20keep%20making%20junk%20ransomware%20%7C%20ZDNet&c9=D%3DUser-Agent&c10=D%3Dv10&v10=article&c11=D%3Dv11&v11=D%3Dch%2B%22%3A%22%2Bv10&v15=not%20authenticated%7Canon&c20=D%3Dv20&v20=pewdiepie%20fans%20keep%20making%20junk%20ransomware&c22=D%3Dv22&v22=content_article&c23=D%3Dv23&v23=113c25b6-ec91-11e3-95d2-02911863765e&c24=D%3Dv24&v24=01e230fc-a91b-4dd0-b93a-9315fd951bbd&c25=D%3Dv25&c26=D%3Dv26&v26=bfccdd23-ed4a-11e3-95d2-02911863765e&c28=D%3Dv28&c30=D%3Dv30&v30=9653b78a-2689-46b0-9712-726d32db55cf&c31=D%3Dv31&c33=D%3Dv33&c34=D%3Dv34&c35=D%3Dv35&v35=b9BRUFyTx4%2BeGJFrZlk&v44=ad_stack%7C1%7Ca&c50=D%3Dv50&v50=1%3A00PM&c51=D%3Dv51&v51=Thursday&c52=D%3Dv52&v52=1&c53=D%3Dv53&v53=New&c54=D%3Dv54&v54=First%20Visit&c65=D%3Dv65&v65=discover&c69=D%3Dv69&v85=false&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=10D31225525FF5790A490D4D%40AdobeOrg&AQE=1

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201902042326

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.140.43.37 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

cbsi.com.ssl.sc.omtrdc.net

Software

Omniture DC/2.0.0 /

Resource Hash

c3e56eac526be996906bf2aef574f631f5a22dff7a56a5d42c49e72344f46114

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-AAM-TID: k8UR5G/fRxA=
Date: Thu, 21 Mar 2019 17:19:11 GMT
X-Content-Type-Options: nosniff
X-C: ms-6.6.0
P3P: CP="This is not a P3P policy"
Connection: Keep-Alive
Content-Length: 1828
X-XSS-Protection: 1; mode=block
DCS: dcs-prod-irl1-v021-0aaa28647.edge-irl1.demdex.com 5.49.0.20190304124312 10ms
Pragma: no-cache
Last-Modified: Fri, 22 Mar 2019 17:19:11 GMT
Server: Omniture DC/2.0.0
xserver: www31
ETag: "3335447445117140992-4718014307034467716"
Vary: *
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Keep-Alive: timeout=15
Expires: Wed, 20 Mar 2019 17:19:11 GMT

GET jsonp_geoip
lightboxgeoipjsonp-88248.onmodulus.net/ 0
0

GET
H2 200 settings.js Show response
www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/lightbox/f0433f51-4cb3-432b-b2cb-f0c5b71cbf39/ 43 KB
32 KB 17ms
16ms Script
application/javascript 2606:4700::6810:4ea5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/lightbox/f0433f51-4cb3-432b-b2cb-f0c5b71cbf39/settings.js?cb=636885417983100100
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=636885417988309970
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94eda68ef465fcff5393659fd95ec043d732f3a7254fa695e4edfed349a4c94c

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Mar 2019 17:19:12 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: gX0sae6W3d9/m4rYTtlnWA==
cf-polished: origSize=44150
status: 200
x-ms-lease-status: unlocked
last-modified: Mon, 18 Mar 2019 21:36:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: c73e1a66-501e-001c-5ed2-dd8dd6000000
expires: Fri, 20 Mar 2020 17:19:12 GMT
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 4bb196e47bb964c9-FRA
cf-bgj: minify

GET
H2 200 lightbox_builder.js Show response
www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/ Frame D1D3 199 KB
27 KB 34ms
18ms Script
application/javascript 2606:4700::6810:4ea5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/lightbox_builder.js?cb=636885417983100100
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=636885417988309970
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcf58131ecb05e295093138b95f5bb6d7e0a26b8a3bdf6243184baa26371cade

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Mar 2019 17:19:12 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: BndaaZzjyfF2Ccv8b7PgFw==
cf-polished: origSize=308526
status: 200
x-ms-lease-status: unlocked
last-modified: Mon, 18 Mar 2019 21:36:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: b6b34621-d01e-0024-49d2-ddcc8f000000
expires: Fri, 20 Mar 2020 17:19:12 GMT
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 4bb196e49bf964c9-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ Frame D1D3 783 B
439 B 23ms
14ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway

Requested by

Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/lightbox_builder.js?cb=636885417983100100

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

534f2f25f81301ecc9f48fb15f9e75088d334a1a9d3c0ea35757a9bc7519870f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 21 Mar 2019 17:19:12 GMT
server: ESF
access-control-allow-origin: *
date: Thu, 21 Mar 2019 17:19:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Thu, 21 Mar 2019 17:19:12 GMT

GET
H2 200 fancybox_sprite.png
cdn.jsdelivr.net/fancybox/2.1.5/ 1 KB
2 KB 86ms
12ms Image
image/png 2606:4700::6810:5514
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/fancybox/2.1.5/fancybox_sprite.png

Requested by

Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=636885417988309970

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 21 Mar 2019 17:19:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-ray: 4bb196e6cb7fbf11-FRA
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
content-length: 1362
x-served-by: cache-ams21050-AMS, cache-hhn1530-HHN
server: cloudflare
etag: W/"552-F98Z+XYo53vgnDUr8nQl+uokglE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v12/ Frame D1D3 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v12/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=636885417988309970

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1c21dd409e977f176ae963b5510fbdd57669e9861fff9f5d9a46b6fc73f430fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Raleway
Origin: https://www.zdnet.com

Response headers

date: Sat, 09 Mar 2019 03:30:30 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:25:45 GMT
server: sffe
age: 1086522
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13160
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 03:30:30 GMT

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
201 B 12ms
10ms Image
image/gif 2606:4700::6810:4ea5
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1553188752982&h=www.zdnet.com&e=i&u=40913&b=178719&v=empty&s=empty
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Mar 2019 17:19:12 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
status: 200
content-length: 35
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 7e3e704a-501e-0118-4275-cd3e01000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 4bb196ea2ac264c9-FRA
cf-bgj: imgq:85

GET
H/1.1 204
No Content z
lightboxapi3.azurewebsites.net/z9d/40913/178719/empty/empty/www.zdnet.com/img/ 0
104 B 546ms
133ms Image
text/plain 23.99.128.52
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lightboxapi3.azurewebsites.net/z9d/40913/178719/empty/empty/www.zdnet.com/img/z?cb=1553188752982
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.128.52 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-dm1-001.cloudapp.net
Software: Kestrel / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Mar 2019 17:19:12 GMT
X-Powered-By: ASP.NET
Server: Kestrel

GET
H/1.1 200
OK imsync.ashx Show response
ml314.com/ 17 B
427 B 35ms
31ms Script
text/html 54.171.224.12
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/imsync.ashx?pi=5978151465687257429&data=eyJwaCI6NDM0MSwid2giOjEyMDAsInRicyI6MCwiZHQiOjE1LCJwaWQiOiIxNTUzMTg4NzUwNjYwXzVneWd0c2JlMCIsInNkIjoxMjAwfQ%3D%3D
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?2122019
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.224.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-171-224-12.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 62ce950ad0d7f664b316b4253bbc993bf0bf8310970f64b150fda6f1fa59dfea

Request headers

Referer: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Mar 2019 17:19:25 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Connection: keep-alive
Content-Length: 135

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lightboxgeoipjsonp-88248.onmodulus.net
URL: https://lightboxgeoipjsonp-88248.onmodulus.net/jsonp_geoip?callback=_jqjsp&_1553188752053=

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

40 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 104) Message: Service pending (GDPR consent not granted): script_indexexchange
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 104) Message: Service pending (GDPR consent not granted): script_mpulse
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 104) Message: Service pending (GDPR consent not granted): script_sourcepoint
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 104) Message: Service pending (GDPR consent not granted): script_gpt
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 744) Message: ADS: queuing nav-ad-5c93c61c36744 for display
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 1214) Message: ADS: queuing intromercial-5c93c61c36744 for display
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 1281) Message: ADS: queuing leader-plus-top-5c93c61c36744 for display
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 104) Message: Service pending (GDPR consent not granted): script_twitterwidgets
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 1395) Message: ADS: queuing inpage-video-top-5c93c61c36744 for display
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 1405) Message: ADS: queuing sharethrough-top-5c93c61c36744 for display
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 104) Message: Service pending (GDPR consent not granted): iframe_youtube
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 104) Message: Service pending (GDPR consent not granted): script_twitterwidgets
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 1619) Message: ADS: queuing mpu-plus-top-5c93c61c36744 for display
console-api	log	URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js(Line 1) Message: dom not ready, setting event
console-api	log	URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js(Line 1) Message: dom not ready, setting event
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 1729) Message: ADS: queuing dynamic-showcase-top-5c93c61c36744 for display
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 1736) Message: ADS: queuing mpu-middle-5c93c61c36744 for display
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 1960) Message: ADS: queuing mpu-bottom-5c93c61c36744 for display
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 1977) Message: ADS: queuing leader-plus-bottom-5c93c61c36744 for display
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 104) Message: Service pending (GDPR consent not granted): script_sharethrough
console-api	log	URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js(Line 1) Message: dom ready, triggering load
console-api	log	URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js(Line 1) Message: dom ready, triggering load
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 104) Message: GDPR consent granted
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 104) Message: Service loading (GDPR consent finally granted): script_indexexchange
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 104) Message: Service loading (GDPR consent finally granted): script_mpulse
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 104) Message: Service loading (GDPR consent finally granted): script_sourcepoint
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 104) Message: Service loading (GDPR consent finally granted): script_gpt
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 104) Message: Service loading (GDPR consent finally granted): script_twitterwidgets
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 104) Message: Service loading (GDPR consent finally granted): iframe_youtube
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 104) Message: Service loading (GDPR consent finally granted): script_twitterwidgets
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 104) Message: Service loading (GDPR consent finally granted): script_sharethrough
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 104) Message: Service loading (GDPR consent already granted): script_mpulse
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 104) Message: Service loading (GDPR consent already granted): _injectQueryStringGCP
console-api	log	(Line 2) Message: ADS: queuing mpu-bottom-5c93c61c36744 for display
console-api	log	URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js(Line 9) Message: Missing adCookieData!
console-api	log	URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js(Line 92) Message: zdnet
console-api	log	URL: https://www.zdnet.com/article/pewdiepie-fans-keep-making-junk-ransomware/(Line 104) Message: Service loading (GDPR consent already granted): script_ad
console-api	log	URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201902042326(Line 177) Message: Service: sitecatalyst
console-api	error	URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E(Line 16) Message: ads::trackingCookie::init
console-api	log	URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=636885417988309970(Line 1401) Message: ERROR:::: custom_js_boxes() - Cannot read property 'topicTag_var' of undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval'; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

364bf6cc.akstat.io
abs.twimg.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
api.viglink.com
beacon.tru.am
c.evidon.com
c.go-mpulse.net
cbsi.demdex.net
cdn.jsdelivr.net
cdn.syndication.twimg.com
cdn.viglink.com
d.agkn.com
dpm.demdex.net
dw.cbsi.com
fonts.googleapis.com
fonts.gstatic.com
idsync.rlcdn.com
iicbsi-a.akamaihd.net
in.ml314.com
js-sec.indexww.com
js.agkn.com
l.betrad.com
lightboxapi2.azurewebsites.net
lightboxapi3.azurewebsites.net
lightboxgeoipjsonp-88248.onmodulus.net
match.adsrvr.org
ml314.com
native.sharethrough.com
pbs.twimg.com
pixel.mathtag.com
platform.twitter.com
ps.eyeota.net
saa.cbsi.com
securepubads.g.doubleclick.net
sync.crwdcntrl.net
syndication.twitter.com
tags.bluekai.com
tags.tiqcdn.com
ton.twimg.com
tru.am
vidtech.cbsinteractive.com
www.everestjs.net
www.googletagservices.com
www.lightboxcdn.com
www.youtube.com
www.zdnet.com
zdnet1.cbsistatic.com
zdnet2.cbsistatic.com
zdnet3.cbsistatic.com
zdnet4.cbsistatic.com
lightboxgeoipjsonp-88248.onmodulus.net
104.107.252.81
104.109.87.166
104.111.214.229
104.123.104.241
104.244.42.200
151.101.122.133
172.217.16.166
172.217.21.194
18.195.251.148
18.214.158.180
2.18.233.143
2.18.233.149
2.18.233.201
2.18.234.21
23.52.55.108
23.99.128.52
2600:9000:200c:3400:15:efbc:e300:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::6819:a222
2606:4700::6810:4ea5
2606:4700::6810:5514
2606:4700::6810:a20d
2a00:1450:4001:816::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:820::200a
2a00:1450:4001:820::200e
2a00:1450:4001:825::2002
2a00:1450:4001:825::2003
2a02:26f0:6c00::210:ba1b
34.192.38.147
34.235.206.33
34.246.247.78
34.251.85.190
52.213.106.142
52.213.58.51
52.5.125.127
52.51.38.48
54.154.175.204
54.171.224.12
54.230.95.142
63.140.43.37
64.30.230.22
68.232.35.180
0341a4478ce861ef85c819b913fa0a2501836a6a2ffda8643e95e39f4a2a7de0
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0730d62aad8991d4abe2f5b68d6d2207778e4bdf2142bbb4713bf0184151c113
08cb45b308f54b35aa41c2b1245f33631ed9a44390e6fb57145392d36a6e293e
0aff92d0424973e3d93027c79182b9bf06e55062fffcabf4ed0814d9abd070a1
0c006843dcf9940212e01f266e0a85e7de99faccbf2ad26a2d1669821d46974b
0db1739b6bec8463f52771aaccbd974dde17f5db7c9fe4bb0a8f2c00564d603d
0f91e664ba993207337dbd5b1ab9f156c5f579d99d9b2e1315706815deadd0ae
10113bad06fefd5698a45480ffaedd421c6e06f9dbd0d1c772b7128bbea0842d
1491a1594a4058a62ea4c08441cfcbbfe82a0916b4f26b55f3605af896766dd7
14936044ec368cc946cff8ad9bdd59e74d17dd3f1ffd4f783eefdf1a869d4c07
1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c
1916ac88ca53ca6fa357cd4eb661206e3c933c24385cc503aade6937ac631f39
1b91058b5969c2319ee3f3efb2b91ccf388c64fe22f806e59b0edb43694150d4
1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9
1c21dd409e977f176ae963b5510fbdd57669e9861fff9f5d9a46b6fc73f430fa
24204f4ac7a38aac10bb2501da90477b16ad72ab88f1e4351836a2aa9adcf172
27676ea482895bdddd3f3796f430a812e11364efc224227c86973a52398966c2
28e2960b8daa25db02de7244e062aa66f9134462ca6b62975a01667e42fb08ba
308a64084fd0c823eb8f8b1000feaf70b9cbc45f18fbbcecde55860b089e15c4
338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29
35733dd71de077b039d2bac6614c78eb3ab7d3879cb307cc10cc1907d2f61eb6
3ff065de0d90b0510727a72c173d05652c30967c5e6561dbf1d82fa077cabb22
4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0
4549db85e4e317e4a13e44ac97e4c0cc886a110d97ac02c0842148039d698484
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19
4929f9283756061c00d4ae2d0e081adf2b164b58753207ed926f42b4ecf6edaa
4b51cad50779921c134fe5f8a46df29da7bdedf5f643c331d192b6057af97992
4d33f2f87c614daa150f3867cc4488dce09e25113fa060a2e364222384fa3b65
5116f7d07677f06785887c0af23c189b541a306d6b792d605ffaf3ed9f0e912d
534f2f25f81301ecc9f48fb15f9e75088d334a1a9d3c0ea35757a9bc7519870f
54c21c3d0c39837212933126f79b25f98b7f92415299facf1cc1915f5525a90d
55c46587a33cd13531d08be1f1b2fa01eb72b54422834960ca652542161ee3ba
56110ff5555202342949a5203c0789bd23251c2b1eb6e0b1a4ff8cac6b11b4aa
57e1e8e64fe95a0acc0822d690633b9450b26919fcedc32958ebcf7d39393181
5bfdcddf96d401948b646d8fcf6162f5356898d4e435d1ce749d252adaeff664
5c0f79d0286f1fd3db48e1b689358017b302c0f4babde540329e8c644cf119c7
60ce6805dd57d4a59bac8584a189147d62afe7ca1ce56d8b7dff6dc964e4e9b1
62ce950ad0d7f664b316b4253bbc993bf0bf8310970f64b150fda6f1fa59dfea
66a54236fb1d1249adbd36dd6844730e9cb78c763d8f135f858132fce4aa2cb0
66ef1b7581d8ef7b82bfe2ca363a612a479d89b808e2241f68d3e8c75f4f06d4
69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c
6a108e0af8fe6848b275a2827822879e528159c28a6f189f18288ab169abad78
6b536d88c3df185fc95a5c3120148b75da6dbe0960d3108642c9ec87d239f727
6de73873dd441f953668e77030299f082e0f3e6335bf944d88d44978162e6609
712ccd370ade5278a0e57ac492debbf1a7bd97fcc81c7b9b0c8eea4abe0fa8cb
7564246758705b370a2573e1c1b6a50b63dc21ffb9da3109aa9b41bbc57ece2d
763fa0bd7eff816d0a5f8c3e4075f9173a5cebf51a1e2c0d1174f841de10b9dd
791b7ff5657f9c41e24adaa1f6f5a4dc51046d292b25b01a5a8d152ff4a951ac
7e8d9c376f9c2619e8812440b680d6b28c3ed51cb6e7e71ea877fe5441aa9215
7eae865fd7c820936603897a072b7ddd77b2c74e8022160fd19792291a63fac8
80e7b318c4c21d8f60a9e7228626723e71a03c53e6814b285fcbcae66d082ba7
8238f5f25e0f6c79352684181f41e1f8fb226fbbeefe07cb21aa9c074b5141b2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a27fab6c5a0b1db438219c7d24ce2fff95e0910378fe4bdeb64b4f970eebccc
8cbc6f6b56bd4267915a2dc3fb476ff37dc18f9abcaf7fe8768afad282d809b6
8cf120868fea3ec6133445d9196bdfb84fce3d29a52a7c0a24b1503e971c9aa2
8e494b61172dda630247a270e1061ce528f4cd286618a1b8cfef822a48e92943
927048ad11de8981ab14882b0cac610a1c194aa991d07247cdbf875032dec422
94eda68ef465fcff5393659fd95ec043d732f3a7254fa695e4edfed349a4c94c
98a91b898a824dd0cf24f33ff1e83eed96b8846b34906a04d148d679ec76328a
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9c6ea1ab4588c0be7dc9cb629aa641415dd91acaea7084de6921a7ffa2299bfb
9db8bd3e641dc88d54edf476a148e75e29b4e8ccd040cb340404d557578dcfbd
9e371436db613ae74ff8252f069bc64959d668caebf42dc14ffbb0366df9cc05
a0dd0d42e82bfcc16e96fb72d732787a0edf0bc99b0a34f6f6eaaf1d1b32a8f9
a0eeba57c50d301a64672a459abf71d3269bad55b8421637df831de2f39b908a
a2a804abed27cf1276fba69a26f3da96befe05f5661af72545fc97a508c82e5e
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3273dce4deb1a87d9c6b75ce1b9305872ee56ad6da2ab873858d9d20d1ff3a8
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a7e64f7ed3f8b228460dcc3f36512fd52f12ea6cbb764eeff6413d308eb81d01
aab73e6139dc400b2967f20845867129b3f7d2d73c84a5c4ae46cac580cd4028
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
accd63594714cd7dfcc3699c315125fb029d79b87c576682a5a680659f823fe0
af75f60ebe368904e8640eb0af9279f6dde3b6c35646475e20d88d10f11d1fa9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f
ba2fa15976662b87f31dccdd53d415b927f2118760fdafc4ac21dd2c1b234ff3
bae4514110b43a9a8417e48bb8a4e7e688de2abac4bfabffbf3859af31730f78
bcf58131ecb05e295093138b95f5bb6d7e0a26b8a3bdf6243184baa26371cade
bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8
c01cf2edc7af1a7a4d2c4415a9f93562e3d084a107f7ad095c870223415fc8c6
c139b8dd7b1ccda2813ae79d127d1c0256f91a71fce5581887a1d5fbbca81bde
c252a58367211c11d839155e50dc5e98551826c64b8d2e8d6267124c054ceae0
c2c432e808e795014171d087ba8abd58d8337f59ad387c08d8a6c6b3c32106fb
c3531ed2c934e5daee80955db42a0245d666131e6322c6ec6985992922520ab4
c3e56eac526be996906bf2aef574f631f5a22dff7a56a5d42c49e72344f46114
c480ce7d4d5f2fb023403c864eac3350b46fab68728482d625d4d4b45b049427
c755282022c2c52eddcf8d058df1c9de4d1e7fc42c771faff17c94ecaf858498
ca8f48b540d18416166b438dc0f7e497f642c9a3408e1b668ec70a20df1777be
cd1d44243c825f1c5b6fece79fb2f3605907af8e9948469e3be7fe265a74e6dc
cd5e6512fdbb698425174148dba05f72357a3b1944413f8812c55c4025d3d562
ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108
cf65e308f1c461e06038b45d5bfa27689e22241f6b673b7d540d35cdd0ca4c32
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41
d33559581528f2b623b94363b31092d87796baf6711eadebaf8635b30bc9d7c7
d4ccc0936dea09d1846d5bb1487dd533738e598752d8215cd883f77b3cd91d4b
d696da403b0169c2191d0ec0b0fcdaa85487b21b19fd58f4b1fb5b9edf40b153
dabf73474662398f4f686a1b3103542f53384dd6241e6ac13f8ba535c6372aff
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
deee21acc86b40fe0cb13584d9b68a15a21f471fcd0523822aa1f5b58b603604
dff46486a11e8e9c5785ce5d037c4e9e507511c5cb404a044602c68a777b0e7b
e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f
e26fdccb214e020f70cf2aede7b77d5dc51854e23b3acbb4bcff0018773a636f
e34a680ea26c1aeeb0163f836240d84892c4a889cd3fd92bd6b322eb575e3b45
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b3eb7f022396e969766ad5e908b21df0b646c943e149902c64de590e9549d9
ec94a2b08f0f5a02d84a67e0918794af1f8c451112f1f350b4c1fd6142d79c81
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04be93e144932a277b3b79253acc171ea7bbb59460c33d2f4f07dcf684a6b14
f05f427c0a3425f17ce1b199296557b22f8b385c963696f80d588f692364abca
f27c0c9f284c6959dd7db1e768c6e43a518ea650afc69d7a60383f3a963cde7b
f4b7aa9e3e4bd003c0dab54805b76e92b937cf843bfb6bee5dd336ac486b1717
f96f203f5605c9f56e7f6f97caf6ea84f122872ec3c5ac1f9037a1b508c706ee
f9784f57729f84391b084eed9e944e048f771129d65e9b58f34095fdfba86473
fb9007c254c493be4a067de535b19a30f5e5aef3d5b19f58b1c72d2c65a04f79
ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097
ff65ec45c2cccd9e9687651fb75a3abd337492ac0710d5a513be085cc2ff0a89

www.zdnet.com Open in urlscan Pro 2.18.233.143 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

132 Requests

99 %HTTPS

33 %IPv6

37 Domains

52 Subdomains

42 IPs

4 Countries

1969 kBTransfer

5907 kBSize

0 Cookies

35 Outgoing links

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.zdnet.com Open in urlscan Pro
2.18.233.143 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

99 %
HTTPS

33 %
IPv6

37
Domains

52
Subdomains

42
IPs

4
Countries

1969 kB
Transfer

5907 kB
Size

0
Cookies

132 HTTP transactions
10 data transactions