gizmodo.com Open in urlscan Pro
151.101.66.166 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Submission: On December 10 via api (December 10th 2021, 3:52:15 pm UTC) from US — Scanned from DE

Summary HTTP 291 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 69 IPs in 7 countries across 56 domains to perform 291 HTTP transactions. The main IP is 151.101.66.166, located in United States and belongs to FASTLY, US. The main domain is gizmodo.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2020 on July 21st 2021. Valid for: a year.

This is the only time gizmodo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
113	151.101.66.166 151.101.66.166	54113 (FASTLY) (FASTLY)
8	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
3	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
3	65.9.68.20 65.9.68.20	16509 (AMAZON-02) (AMAZON-02)
7	143.204.209.91 143.204.209.91	16509 (AMAZON-02) (AMAZON-02)
10	3.237.175.195 3.237.175.195	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	199.232.194.217 199.232.194.217	54113 (FASTLY) (FASTLY)
8	13.32.29.201 13.32.29.201	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:800:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:303... 2606:4700:3039::6815:c076	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.253.250 34.120.253.250	15169 (GOOGLE) (GOOGLE)
1 4	13.35.253.75 13.35.253.75	16509 (AMAZON-02) (AMAZON-02)
1	143.204.209.34 143.204.209.34	16509 (AMAZON-02) (AMAZON-02)
3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	13.32.22.58 13.32.22.58	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:9200:1d:8c8c:47c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
13	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	52.86.156.15 52.86.156.15	14618 (AMAZON-AES) (AMAZON-AES)
1	184.73.243.156 184.73.243.156	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
6	23.62.140.165 23.62.140.165	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.201.100.179 35.201.100.179	15169 (GOOGLE) (GOOGLE)
1	34.98.72.95 34.98.72.95	15169 (GOOGLE) (GOOGLE)
1	23.22.200.199 23.22.200.199	14618 (AMAZON-AES) (AMAZON-AES)
3	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
4	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
2	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.229.132.88 54.229.132.88	16509 (AMAZON-02) (AMAZON-02)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	52.28.103.21 52.28.103.21	16509 (AMAZON-02) (AMAZON-02)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	159.203.149.85 159.203.149.85	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	35.211.168.6 35.211.168.6	19527 (GOOGLE-2) (GOOGLE-2)
2	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
2	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	107.23.88.187 107.23.88.187	14618 (AMAZON-AES) (AMAZON-AES)
1	107.21.238.20 107.21.238.20	14618 (AMAZON-AES) (AMAZON-AES)
2	3.226.34.126 3.226.34.126	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	151.101.193.181 151.101.193.181	54113 (FASTLY) (FASTLY)
1	35.201.112.123 35.201.112.123	15169 (GOOGLE) (GOOGLE)
1	35.227.221.36 35.227.221.36	15169 (GOOGLE) (GOOGLE)
1	35.186.234.63 35.186.234.63	15169 (GOOGLE) (GOOGLE)
1	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
9	151.101.193.194 151.101.193.194	54113 (FASTLY) (FASTLY)
2	52.91.215.149 52.91.215.149	14618 (AMAZON-AES) (AMAZON-AES)
2	52.201.92.233 52.201.92.233	14618 (AMAZON-AES) (AMAZON-AES)
1	34.107.191.194 34.107.191.194	15169 (GOOGLE) (GOOGLE)
1	34.102.193.48 34.102.193.48	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	13.32.22.95 13.32.22.95	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 3	18.193.230.138 18.193.230.138	16509 (AMAZON-02) (AMAZON-02)
1 1	3.228.133.61 3.228.133.61	14618 (AMAZON-AES) (AMAZON-AES)
2 3	198.47.127.18 198.47.127.18	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.117.4.53 34.117.4.53	() ()
1	141.226.228.48 141.226.228.48	() ()
291	69

113 151.101.66.166 (United States)

ASN54113 (FASTLY, US)

gizmodo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f.kinja-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kinja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.kinja-img.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.kinja-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g-omedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pb-logs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.68.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-20.fra56.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.209.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-91.fra53.r.cloudfront.net

sourcepoint.gizmodo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.237.175.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-237-175-195.compute-1.amazonaws.com

script-api.kinja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
script-api.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
carbon-cdn.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.194.217 (United States)

ASN54113 (FASTLY, US)

static.scroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.32.29.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-201.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:800:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c076 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kinja-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.35.253.75 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-75.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.209.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-34.fra53.r.cloudfront.net

cdn.britepool.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.22.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-58.fra56.r.cloudfront.net

static.narrativ.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:9200:1d:8c8c:47c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-magiclinks.trackonomics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.156.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-156-15.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.73.243.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-243-156.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.62.140.165 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-140-165.deploy.static.akamaitechnologies.com

cdn-geuw1-xch.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.100.179 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 179.100.201.35.bc.googleusercontent.com

connect.scroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.72.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.22.200.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-200-199.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.132.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-132-88.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

fusion-media-group-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.103.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-103-21.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.203.149.85 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

hb.vhsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.168.6 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 6.168.211.35.bc.googleusercontent.com

sofia.trustx.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.88.187 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-88-187.compute-1.amazonaws.com

px.britepool.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.21.238.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-238-20.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.226.34.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-34-126.compute-1.amazonaws.com

api.bam-x.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.181 (United States)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.112.123 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 123.112.201.35.bc.googleusercontent.com

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.221.36 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 36.221.227.35.bc.googleusercontent.com

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.234.63 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 63.234.186.35.bc.googleusercontent.com

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.193.194 (United States)

ASN54113 (FASTLY, US)

kinja-otfp.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.91.215.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-91-215-149.compute-1.amazonaws.com

privacy-location-edge.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pogo.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.201.92.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-92-233.compute-1.amazonaws.com

events.release.narrativ.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.191.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.191.107.34.bc.googleusercontent.com

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.193.48 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 48.193.102.34.bc.googleusercontent.com

e.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.22.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-95.fra56.r.cloudfront.net

trx-hub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.193.230.138 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-230-138.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.133.61 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-133-61.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.18 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.4.53 (None, )

ASN- ()

events.bouncex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (None, )

ASN- ()

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	kinja-static.com f.kinja-static.com x.kinja-static.com	2 MB
34	kinja-img.com i.kinja-img.com	234 KB
32	gizmodo.com gizmodo.com sourcepoint.gizmodo.com	358 KB
17	media.net hbx.media.net contextual.media.net cdn-geuw1-xch.media.net prebid.media.net pb-logs.media.net cs.media.net	122 KB
14	taboola.com cdn.taboola.com trc.taboola.com 15.taboola.com am-trc-events.taboola.com images.taboola.com	206 KB
11	kinja.com kinja.com script-api.kinja.com	32 KB
9	fastly.net kinja-otfp.global.ssl.fastly.net	2 MB
9	doubleclick.net 2 redirects securepubads.g.doubleclick.net ad.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	146 KB
8	amazon-adsystem.com c.amazon-adsystem.com	80 KB
7	google-analytics.com www.google-analytics.com	20 KB
6	pubmatic.com 3 redirects hbopenbid.pubmatic.com image8.pubmatic.com image2.pubmatic.com	1 KB
6	criteo.com gum.criteo.com bidder.criteo.com	2 KB
5	ccgateway.net script-api.ccgateway.net privacy-location-edge.ccgateway.net carbon-cdn.ccgateway.net pogo.ccgateway.net	3 KB
4	3lift.com 2 redirects tlx.3lift.com eb2.3lift.com	1 KB
4	yahoo.com c2shb.ssp.yahoo.com	565 B
4	google.de ampcid.google.de www.google.de	1 KB
4	google.com ampcid.google.com www.google.com	1 KB
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
4	scroll.com static.scroll.com connect.scroll.com	23 KB
3	bidswitch.net 2 redirects x.bidswitch.net	1 KB
3	cdnbasket.net data.cdnbasket.net page.cdnbasket.net view.cdnbasket.net	1 KB
3	trustx.org sofia.trustx.org	885 B
3	openx.net fusion-media-group-d.openx.net u.openx.net	653 B
3	casalemedia.com htlb.casalemedia.com as-sec.casalemedia.com	1 KB
3	narrativ.com static.narrativ.com events.release.narrativ.com	42 KB
3	adsrvr.org insight.adsrvr.org match.adsrvr.org	911 B
3	adlightning.com tagan.adlightning.com	64 KB
2	criteo.net static.criteo.net	53 KB
2	cdnwidget.com ids.cdnwidget.com e.cdnwidget.com	297 B
2	perfectmarket.com widget.perfectmarket.com	33 KB
2	bam-x.com api.bam-x.com	3 KB
2	adnxs.com ib.adnxs.com	2 KB
2	rubiconproject.com fastlane.rubiconproject.com	3 KB
2	vhsrv.com hb.vhsrv.com	664 B
2	adsafeprotected.com pixel.adsafeprotected.com	922 B
2	britepool.com 1 redirects cdn.britepool.com px.britepool.com api.britepool.com Failed	43 KB
2	bounceexchange.com tag.bounceexchange.com assets.bounceexchange.com	161 KB
2	btloader.com btloader.com api.btloader.com	6 KB
1	bouncex.net events.bouncex.net	257 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	630 B
1	trx-hub.com trx-hub.com	444 B
1	googleapis.com imasdk.googleapis.com	124 KB
1	g-omedia.com g-omedia.com
1	ad-delivery.net ad-delivery.net	927 B
1	thrtle.com thrtle.com
1	chartbeat.net ping.chartbeat.net	201 B
1	rlcdn.com api.rlcdn.com	211 B
1	rkdms.com id.sv.rkdms.com	164 B
1	liadm.com idx.liadm.com	683 B
1	trackonomics.net cdn-magiclinks.trackonomics.net	21 KB
1	googleoptimize.com www.googleoptimize.com	37 KB
1	videoplayerhub.com 1 redirects kinja-com.videoplayerhub.com	532 B
1	chartbeat.com static.chartbeat.com	14 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
1	speedcurve.com cdn.speedcurve.com	6 KB
1	indexww.com js-sec.indexww.com	16 KB
291	56

	Domain	Requested by
40	x.kinja-static.com	gizmodo.com tagan.adlightning.com
34	i.kinja-img.com	gizmodo.com
25	gizmodo.com	gizmodo.com x.kinja-static.com tagan.adlightning.com
9	kinja-otfp.global.ssl.fastly.net	x.kinja-static.com
9	f.kinja-static.com	gizmodo.com x.kinja-static.com
8	c.amazon-adsystem.com	gizmodo.com x.kinja-static.com c.amazon-adsystem.com
7	cdn.taboola.com	tagan.adlightning.com cdn.taboola.com client
7	www.google-analytics.com	gizmodo.com x.kinja-static.com
7	script-api.kinja.com	gizmodo.com tagan.adlightning.com
7	sourcepoint.gizmodo.com	gizmodo.com sourcepoint.gizmodo.com tagan.adlightning.com
6	cdn-geuw1-xch.media.net	gizmodo.com
4	pb-logs.media.net	gizmodo.com
4	c2shb.ssp.yahoo.com	x.kinja-static.com
4	gum.criteo.com	hbx.media.net tagan.adlightning.com
4	sb.scorecardresearch.com	1 redirects tagan.adlightning.com gizmodo.com
4	kinja.com	gizmodo.com tagan.adlightning.com x.kinja-static.com
3	images.taboola.com
3	image8.pubmatic.com	2 redirects
3	x.bidswitch.net	2 redirects
3	www.google.de	gizmodo.com
3	www.google.com	gizmodo.com
3	stats.g.doubleclick.net	x.kinja-static.com
3	sofia.trustx.org	x.kinja-static.com
3	prebid.media.net	x.kinja-static.com
3	static.scroll.com	tagan.adlightning.com gizmodo.com static.scroll.com
3	tagan.adlightning.com	gizmodo.com tagan.adlightning.com
3	securepubads.g.doubleclick.net	gizmodo.com tagan.adlightning.com securepubads.g.doubleclick.net
2	trc.taboola.com	x.kinja-static.com
2	cm.g.doubleclick.net	2 redirects
2	eb2.3lift.com	2 redirects
2	static.criteo.net	x.kinja-static.com
2	events.release.narrativ.com	x.kinja-static.com
2	widget.perfectmarket.com	cdn.taboola.com tagan.adlightning.com
2	api.bam-x.com	tagan.adlightning.com gizmodo.com
2	script-api.ccgateway.net	tagan.adlightning.com
2	bidder.criteo.com	x.kinja-static.com
2	ib.adnxs.com	x.kinja-static.com
2	fastlane.rubiconproject.com	x.kinja-static.com
2	hb.vhsrv.com	x.kinja-static.com
2	hbopenbid.pubmatic.com	x.kinja-static.com
2	tlx.3lift.com	x.kinja-static.com
2	fusion-media-group-d.openx.net	x.kinja-static.com
2	pixel.adsafeprotected.com	x.kinja-static.com
2	htlb.casalemedia.com	x.kinja-static.com
2	match.adsrvr.org	x.kinja-static.com
2	hbx.media.net	gizmodo.com hbx.media.net
1	am-trc-events.taboola.com
1	15.taboola.com	x.kinja-static.com
1	events.bouncex.net
1	cs.media.net
1	u.openx.net
1	image2.pubmatic.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	trx-hub.com
1	e.cdnwidget.com	gizmodo.com
1	pogo.ccgateway.net	x.kinja-static.com
1	ids.cdnwidget.com	x.kinja-static.com
1	carbon-cdn.ccgateway.net	tagan.adlightning.com
1	privacy-location-edge.ccgateway.net	x.kinja-static.com
1	imasdk.googleapis.com	tagan.adlightning.com
1	g-omedia.com	gizmodo.com
1	api.btloader.com	x.kinja-static.com
1	as-sec.casalemedia.com	x.kinja-static.com
1	view.cdnbasket.net	x.kinja-static.com
1	page.cdnbasket.net	x.kinja-static.com
1	data.cdnbasket.net	x.kinja-static.com
1	ad-delivery.net	gizmodo.com
1	ad.doubleclick.net	gizmodo.com
1	thrtle.com	gizmodo.com
1	px.britepool.com	1 redirects
1	ping.chartbeat.net	gizmodo.com
1	assets.bounceexchange.com	tagan.adlightning.com
1	connect.scroll.com	x.kinja-static.com
1	ampcid.google.de	x.kinja-static.com
1	api.rlcdn.com	x.kinja-static.com
1	id.sv.rkdms.com	x.kinja-static.com
1	idx.liadm.com	x.kinja-static.com
1	contextual.media.net	hbx.media.net
1	cdn-magiclinks.trackonomics.net	tagan.adlightning.com
1	static.narrativ.com	gizmodo.com
1	www.googleoptimize.com	www.googletagmanager.com
1	ampcid.google.com	www.google-analytics.com
1	insight.adsrvr.org	gizmodo.com
1	cdn.britepool.com	tagan.adlightning.com
1	tag.bounceexchange.com	tagan.adlightning.com
1	btloader.com	gizmodo.com
1	kinja-com.videoplayerhub.com	1 redirects
1	static.chartbeat.com	tagan.adlightning.com
1	www.googletagmanager.com	gizmodo.com
1	cdn.speedcurve.com	gizmodo.com
1	js-sec.indexww.com	gizmodo.com
0	api.britepool.com Failed	x.kinja-static.com
291	92

This site contains links to these domains. Also see Links.

Domain
avclub.com
deadspin.com
jalopnik.com
jezebel.com
kotaku.com
lifehacker.com
theroot.com
thetakeout.com
theonion.com
theinventory.com
store.gizmodo.com
g-omedia.com
boards.greenhouse.io
facebook.com
twitter.com
instagram.com
www.youtube.com
therecord.media
www.wired.com
www.expressvpn.com
www.zdnet.com
nusenu.medium.com
2019.www.torproject.org
stacksocial.com
medium.com
lists.torproject.org
www.avclub.com

Subject Issuer	Validity	Valid
*.avclub.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-07-21` - `2022-08-22`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-12` - `2022-11-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.adlightning.com Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
sourcepoint.avclub.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
script-api.kinja.com R3	`2021-11-11` - `2022-02-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.scroll.com R3	`2021-10-29` - `2022-01-27`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
tag.bounceexchange.com R3	`2021-11-23` - `2022-02-21`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
cdn.britepool.com Amazon	`2021-04-15` - `2022-05-14`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
static.narrativ.com Amazon	`2021-04-30` - `2022-05-29`	a year	crt.sh
*.trackonomics.net Go Daddy Secure Certificate Authority - G2	`2020-12-22` - `2022-01-23`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.liadm.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
securedvisit.com Amazon	`2021-11-30` - `2022-12-27`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2021-10-25` - `2022-01-23`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
vhsrv.com R3	`2021-11-26` - `2022-02-24`	3 months	crt.sh
sofia.trustx.org Sectigo RSA Domain Validation Secure Server CA	`2020-12-15` - `2021-12-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
ccgateway.net R3	`2021-11-11` - `2022-02-09`	3 months	crt.sh
api.narrativ.com Amazon	`2021-04-30` - `2022-05-29`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-21` - `2022-04-20`	a year	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.cdnbasket.net Go Daddy Secure Certificate Authority - G2	`2021-09-27` - `2022-09-27`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2021-10-26` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
*.release.narrativ.com Amazon	`2021-08-05` - `2022-09-03`	a year	crt.sh
ids.cdnwidget.com R3	`2021-10-15` - `2022-01-13`	3 months	crt.sh
e.cdnwidget.com R3	`2021-11-15` - `2022-02-13`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
*.trx-hub.com Amazon	`2021-03-22` - `2022-04-20`	a year	crt.sh
*.wunderkind.co R3	`2021-10-15` - `2022-01-13`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Frame ID: 27A5D5A046A87CAE02295B32EBF8A467
Requests: 252 HTTP requests in this frame

Frame: https://sourcepoint.gizmodo.com/index.html?message_id=388523&consentUUID=6832426b-3564-4079-8a52-146935b3c409&requestUUID=5883e873-73eb-45d9-84c4-2cc80075d791&preload_message=true
Frame ID: 8B943A8B0293F3FBF1362F5FCF212C6C
Requests: 5 HTTP requests in this frame

Frame: https://api.bam-x.com/api/v0/session.html
Frame ID: 971E4F2FF8E456979FE3F30351717C48
Requests: 1 HTTP requests in this frame

Frame: https://gizmodo.com/embed/comments/magma/1848156630
Frame ID: F79A474A66ABC65189CDF2EA3782E1ED
Requests: 30 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?cid=8CUL2TG3D&cs=1&cv=37&hb=1&prvid=108%2C2030%2C175%2C59%2C3%2C201%2C2026%2C96%2C3012%2C203%2C29%2C2027%2C236%2C220%2C147%2C145%2C23%2C2034%2C172%2C3017%2C3016%2C77%2C222%2C106%2C159%2C117%2C97%2C246%2C226%2C251%2C132%2C229%2C141%2C126&vsSync=1&refUrl=&gdpr=1&gdprconsent=0&gdprstring=CPQ-t_-PQ-t_-AGABCENB5CgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&usp_status=0&usp_consent=1&coppa=0
Frame ID: 6F97009C2DAE09D55FF2E0AE21F2D6CF
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=gizmodo.com&gdpr=1&gdpr_consent=CPQ-t_-PQ-t_-AGABCENB5CgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA
Frame ID: 1641FB3A78999EBD0832341ED94F75A0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Someone Is Running Hundreds of Malicious Servers on Tor Network

Page Statistics

291
Requests

95 %
HTTPS

23 %
IPv6

56
Domains

92
Subdomains

69
IPs

7
Countries

5162 kB
Transfer

14175 kB
Size

63
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://avclub.com/
Title: The A.V. Club

Search URL Search Domain Scan URL

URL: https://deadspin.com/
Title: Deadspin

Search URL Search Domain Scan URL

URL: https://jalopnik.com/
Title: Jalopnik

Search URL Search Domain Scan URL

URL: https://jezebel.com/
Title: Jezebel

Search URL Search Domain Scan URL

URL: https://kotaku.com/
Title: Kotaku

Search URL Search Domain Scan URL

URL: https://lifehacker.com/
Title: Lifehacker

Search URL Search Domain Scan URL

URL: https://theroot.com/
Title: The Root

Search URL Search Domain Scan URL

URL: https://thetakeout.com/
Title: The Takeout

Search URL Search Domain Scan URL

URL: https://theonion.com/
Title: The Onion

Search URL Search Domain Scan URL

URL: https://theinventory.com/
Title: The Inventory

Search URL Search Domain Scan URL

URL: https://store.gizmodo.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://g-omedia.com/
Title: Advertising

Search URL Search Domain Scan URL

URL: https://g-omedia.com/privacy-policy/
Title: Privacy

Search URL Search Domain Scan URL

URL: https://boards.greenhouse.io/gomedia
Title: Jobs

Search URL Search Domain Scan URL

URL: https://g-omedia.com/terms-of-service/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://facebook.com/gizmodo

Search URL Search Domain Scan URL

URL: https://twitter.com/gizmodo

Search URL Search Domain Scan URL

URL: https://instagram.com/gizmodo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCxFmw3IUMDUC1Hh7qDjtjZQ

Search URL Search Domain Scan URL

URL: https://facebook.com/sharer.php?u=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630%3Futm_medium%3Dsharefromsite%26utm_source%3D_facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Someone%20Is%20Running%20Hundreds%20of%20Malicious%20Servers%20on%20the%20Tor%20Network%20and%20Might%20Be%20De-Anonymizing%20Users&url=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630%3Futm_medium%3Dsharefromsite%26utm_source%3D_twitter

Search URL Search Domain Scan URL

URL: https://therecord.media/a-mysterious-threat-actor-is-running-hundreds-of-malicious-tor-relays/
Title: by The Record

Search URL Search Domain Scan URL

URL: https://www.wired.com/story/tor-anonymity-easier-than-ever/
Title: best known

Search URL Search Domain Scan URL

URL: https://www.expressvpn.com/blog/tor-network-outage/
Title: attacks

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/a-mysterious-group-has-hijacked-tor-exit-nodes-to-perform-ssl-stripping-attacks/
Title: malicious activity

Search URL Search Domain Scan URL

URL: https://nusenu.medium.com/
Title: their Medium

Search URL Search Domain Scan URL

URL: https://2019.www.torproject.org/about/overview.html.en#overview
Title: how Tor works

Search URL Search Domain Scan URL

URL: https://stacksocial.com/sales/the-unlimited-lifetime-learning-subscription-bundle-ft-rosetta-stone?aid=a-efnv1nsd
Title: save 90%The Unlimited Lifetime Learning Subscription Bundle

Search URL Search Domain Scan URL

URL: https://medium.com/@kee_94942/how-i-ran-the-second-best-tor-exit-node-f3c20de086e2
Title: volunteer-run

Search URL Search Domain Scan URL

URL: https://therecord.media/thousands-of-tor-exit-nodes-attacked-cryptocurrency-users-over-the-past-year/#:~:text=May%209%2C%202021-,Thousands%20of%20Tor%20exit%20nodes%20attacked%20cryptocurrency%20users%20over%20the,users%20accessing%20cryptocurrency%2Drelated%20sites.
Title: of attacking users

Search URL Search Domain Scan URL

URL: https://nusenu.medium.com/is-kax17-performing-de-anonymization-attacks-against-tor-users-42e566defce8
Title: researcher shows

Search URL Search Domain Scan URL

URL: https://lists.torproject.org/pipermail/tor-relays/2021-November/019980.html
Title: a large number of relays

Search URL Search Domain Scan URL

URL: https://kotaku.com/the-japanese-internet-reacts-to-netflixs-cowboy-bebop-c-1848191680

Search URL Search Domain Scan URL

URL: https://thetakeout.com/worst-michelin-star-restaurant-bros-lecce-1848185817

Search URL Search Domain Scan URL

URL: https://deadspin.com/allen-iverson-s-all-time-starting-lineup-may-be-the-mos-1848185195

Search URL Search Domain Scan URL

URL: https://www.avclub.com/2021-gotham-awards-the-a-v-club-s-exclusive-portrait-1848138035
Title: 2021 Gotham Awards: The A.V. Club’s exclusive portrait studio from the big night

Search URL Search Domain Scan URL

URL: https://jalopnik.com/the-ten-dumbest-car-names-out-there-1848138561
Title: The Ten Dumbest Car Names Out There

Search URL Search Domain Scan URL

URL: https://lifehacker.com/16-of-the-best-cozy-christmas-movies-that-aren-t-all-wh-1848103267
Title: 16 of the Best Cozy Christmas Movies That Aren’t All White People in Sweaters

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://kinja-com.videoplayerhub.com/gallery.js HTTP 301
https://btloader.com/tag?h=kinja-com&upapi=true

Request Chain 109

https://sb.scorecardresearch.com/b?c1=2&c2=6770184&ns__t=1639151529623&ns_c=UTF-8&cv=3.5&c8=Someone%20Is%20Running%20Hundreds%20of%20Malicious%20Servers%20on%20Tor%20Network&c7=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&ns__t=1639151529623&ns_c=UTF-8&cv=3.5&c8=Someone%20Is%20Running%20Hundreds%20of%20Malicious%20Servers%20on%20Tor%20Network&c7=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&c9=

Request Chain 139

https://px.britepool.com/new?partner_id=t HTTP 302
https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=897eb367-56be-47cb-92a2-724a5f3db2ff

Request Chain 264

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=

Request Chain 266

https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid HTTP 302
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=themediagrid HTTP 302
https://x.bidswitch.net/sync?dsp_id=188&user_id=t12gtO7VRY5FQr5T6Ld6eMIkbBU&user_group=1&ssp=themediagrid

Request Chain 267

https://image8.pubmatic.com/AdServer/ImgSync?p=161204 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=161204&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0Y0MjJDMkItNUQ5MS00RDc2LTk3QzUtNjUwNzg4RTc2QzYz&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0Y0MjJDMkItNUQ5MS00RDc2LTk3QzUtNjUwNzg4RTc2QzYz&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

291 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request someone-is-running-hundreds-of-malicious-servers-on-the-1848156630 Show response
gizmodo.com/ 243 KB
50 KB 240ms
196ms Document
text/html 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

fdc13a1899049d328f22b0ff1e1fb1027344cc73bb28b96198421444283e5b5c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-powered-by: Express
x-kinja: kinja-magma-kube01-7b69f97496-85wz2 #3039
x-kinja-revision: ce7354101d524aace14dcccbdcffe239448b6836
x-kinja-server: kinja-magma-kube01-7b69f97496-85wz2
x-kinja-build: 3039
cache-control: stale-if-error=86400, stale-while-revalidate=300
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-googlenews-bot: false
x-frame-options: deny
content-type: text/html; charset=utf-8
etag: W/"3cdf1-OlQYYgejdD4l3cq8RdpgdUsh97Y"
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-cdn-fetch: mantle-default
accept-ranges: bytes
date: Fri, 10 Dec 2021 15:52:08 GMT
age: 0
x-served-by: cache-bwi5128-BWI, cache-cdg20737-CDG
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1639151529.701953,VS0,VE178
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-WelcomeAdLoadedV1, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-Kinja-GDPR, X-Kinja-CCPA, Authorization
x-ua-device: desktop
content-length: 48916

GET
H2 200 proxima_nova_cond_reg-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ 27 KB
28 KB 43ms
15ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_reg-webfont.woff2?08252015

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8fe5f0c4bdaf3e031a6172679193e88d3a24c7deb6e3c7e2b2a477061cc1ad81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gizmodo.com/
Origin: https://gizmodo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:08 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 38
x-cache: HIT
content-length: 28044
x-amz-id-2: nzV+Sw0GzQL2bWkH4P+jVdu+aDNlQjboRsOB18cPCf0iv+gkiJKvJf9+F0BxlNeeopAJiFBkrRg=
x-served-by: cache-hhn4072-HHN
last-modified: Tue, 23 Nov 2021 22:02:48 GMT
server: AmazonS3
x-timer: S1639151529.946685,VS0,VE1
etag: "94cbaf403b2922fd6858c812dae091fb"
x-amz-request-id: G2MH1FC7QMPBYW1Z
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: binary/octet-stream
x-cache-hits: 1

GET
H2 200 proxima_nova_cond_reg_it-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ 30 KB
30 KB 35ms
8ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_reg_it-webfont.woff2?08252015

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3d764be1388f0488c90be29ca58c3ad082f9d954ece8448448779bb79e3ca7a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gizmodo.com/
Origin: https://gizmodo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:08 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 118
x-cache: HIT
content-length: 30416
x-amz-id-2: j6uSa3ub7hZioYFW0G5MCkEEjJsavIwkWLoqcoHiFn68NSw1og4IZzQTHHRUWD4hSa1YWBfceRM=
x-served-by: cache-hhn4072-HHN
last-modified: Tue, 30 Nov 2021 21:55:29 GMT
server: AmazonS3
x-timer: S1639151529.946888,VS0,VE0
etag: "bea38ea36d2aba1d5da6e8f842425e40"
x-amz-request-id: 44JNZF3RSZ1BHQC5
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: binary/octet-stream
x-cache-hits: 2

GET
H2 200 proxima_nova_cond_sbold-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ 27 KB
28 KB 46ms
19ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_sbold-webfont.woff2?08252015

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

63125723c148b0c5391dea8c827d96958a6706a542f8b45822904aaefe10c4ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gizmodo.com/
Origin: https://gizmodo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:08 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 87
x-cache: HIT
content-length: 28136
x-amz-id-2: nJXlRnT4eA5amGHrGqbHJ72VdpQvwOtaovVSGwjeeSVy2Yynkv+O4m4rziF8z2npyTLx+xkTlos=
x-served-by: cache-hhn4072-HHN
last-modified: Mon, 06 Dec 2021 21:59:10 GMT
server: AmazonS3
x-timer: S1639151529.947162,VS0,VE1
etag: "7ac1e4b7ab03f256e831e00e3b5618a6"
x-amz-request-id: KT4K0GNSBSWRM1HD
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: binary/octet-stream
x-cache-hits: 1

GET
H2 200 proxima_nova_cond_sbold_it-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ 30 KB
30 KB 49ms
22ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_sbold_it-webfont.woff2?08252015

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8e8d2c867ae480b6b318900eb4168d5645f635420bdb1626976c9c0af71c45eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gizmodo.com/
Origin: https://gizmodo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:08 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 36
x-cache: HIT
content-length: 30232
x-amz-id-2: agUcTRKg8HyUwB+GIkKC86N+d84rU5ayq80FlaE9MUIdH//gE0osSYOzio4R52iCsUTl2FqoL9Q=
x-served-by: cache-hhn4072-HHN
last-modified: Wed, 01 Dec 2021 00:37:36 GMT
server: AmazonS3
x-timer: S1639151529.947039,VS0,VE1
etag: "6d0ce198b25710fd5d0a2c0fb863b22c"
x-amz-request-id: RZ4HJSA6F47RJ13H
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: binary/octet-stream
x-cache-hits: 1

GET
H2 200 bidexchange.js Show response
hbx.media.net/ 370 KB
96 KB 114ms
66ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/bidexchange.js?cid=8CUL2TG3D&version=5.1&dn=gizmodo.com

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a3038297a72e5cce50eba9bd4b86355a18dadfe2f49c7cf528ba29dc95e9b793

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Fri, 10 Dec 2021 15:52:09 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
timing-allow-origin: *
expires: Fri, 10 Dec 2021 16:22:09 GMT

GET
H/1.1 200
OK 183957-47751755686051.js Show response
js-sec.indexww.com/ht/p/ 47 KB
16 KB 73ms
20ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 568068711d00d07ac001e1937acdb4621d0d7ea602ff8beb225c1b9f22701d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 15:52:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Dec 2021 15:05:21 GMT
Server: Apache
ETag: "905648-bde7-5d2cc0d4a60eb"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=871
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 15802
Expires: Fri, 10 Dec 2021 16:06:39 GMT

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 17 KB
6 KB 40ms
12ms Script
application/javascript 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedcurve.com/js/lux.js?id=527761496
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 09dbcef950643ff0e4ff9e44c0eda619a95d9b430ea166c3fbc72a567e143398

Request headers

Referer: https://gizmodo.com/
Origin: https://gizmodo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:08 GMT
via: 1.1 vegur, 1.1 varnish
age: 87
x-cache: HIT
x-cache-hits: 3
content-encoding: gzip
content-length: 6250
x-served-by: cache-hhn4075-HHN
last-modified: Fri, 10 Dec 2021 15:50:41 GMT
server: Apache
x-timer: S1639151529.962530,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Dec 2021 15:50:41 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 41ms
17ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

f45530ee93fe1451632f4c4da09ff7b9dcbbe6a64f2ae824c058c78fababd34c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1066 / 185 of 1000 / last-modified: 1639137928"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27033
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Dec 2021 15:52:08 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/gomedia/ 44 KB
18 KB 42ms
8ms Script
application/javascript 65.9.68.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/op.js
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-20.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18384c12a02d09f936dc34fb2696399bedf5b734d3f264106fbe696846cd71ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: Begjc1tGnL.MTIMgEWustkhXAGTzo_9L
content-encoding: gzip
etag: "9bd9361124fc9b26215d78d57a99341e"
age: 1108
x-cache: Hit from cloudfront
content-length: 18459
x-amz-meta-git_commit: 7b120a5
last-modified: Thu, 09 Dec 2021 22:54:37 GMT
server: AmazonS3
date: Fri, 10 Dec 2021 15:33:42 GMT
content-type: application/javascript
via: 1.1 9570c3a1725c20e6faed117bbb74223b.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: sN8fHTDt4rt6QVxhqsZbvJgjq4wIakkWZCgj4mecKfiLgWBRDxQ-8A==

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
sourcepoint.gizmodo.com/ 153 KB
44 KB 65ms
12ms Script
application/javascript 143.204.209.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepoint.gizmodo.com/wrapperMessagingWithoutDetection.js
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-91.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d858a3dbb03600e19a60079cb0aefd2d3ade061f28bc40d457bb46a3cf0ff84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 02:05:02 GMT
server: AmazonS3
age: 3242
etag: W/"128d707f6a1d93162de889b18d32e792"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Fri, 10 Dec 2021 14:58:27 GMT
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: _ivwf1AR_RHMfnLDSGN2lhrM0Md9NDaW0prN6UYmm99txX3aKtvcUA==

GET
H2 200 runtime~adManager.0921ad5e56ace56e181d.js Show response
gizmodo.com/x-kinja-static/assets/new-client/ 4 KB
2 KB 0ms
0ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/x-kinja-static/assets/new-client/runtime~adManager.0921ad5e56ace56e181d.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ea21a5d0020cf93672dbac4da25542796f3e2fa2ec95327f4b3a88f9959b24ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Origin: https://gizmodo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 859702
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 1469
x-amz-id-2: pWaBUWLK+tjxWg68UgD1g06lcqgnOdVW6oj3zuKWRscOXdL9Ss1MVA0/yb9L8F8YV4ER2bhfxJk=
x-served-by: cache-cdg20751-CDG, cache-cdg20737-CDG
last-modified: Tue, 30 Nov 2021 17:00:30 GMT
server: AmazonS3
x-timer: S1639151529.879960,VS0,VE0
etag: "2053b9dbe02cf049a27d158327b3e484"
vary: Accept-Encoding, Authorization
x-amz-request-id: BAE798W467ZEQFSG
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-http2-push: pushed
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 312

GET
H2 200 0.cf77a5f278a807777e08.js Show response
gizmodo.com/x-kinja-static/assets/new-client/ 167 KB
47 KB 1ms
0ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/x-kinja-static/assets/new-client/0.cf77a5f278a807777e08.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b327274be0506470e5547c067fec6cd0b01bbbf003268c492c48aa9170d30b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Origin: https://gizmodo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 743083
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 47683
x-amz-id-2: 3w5DzE1xd0tuRkn5I0xqoaaZ4culdAzJrjziaH/soBKmEM+JDb4g0+LY7foszQ5WzpEaHwgwjKY=
x-served-by: cache-cdg20744-CDG, cache-cdg20737-CDG
last-modified: Wed, 01 Dec 2021 22:37:02 GMT
server: AmazonS3
x-timer: S1639151529.880367,VS0,VE0
etag: "2c70e6fb53bf1a25801a6d466ae87ca2"
vary: Accept-Encoding, Authorization
x-amz-request-id: H23D2H7NPRSJJZ71
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-http2-push: pushed
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 364

GET
H2 200 vendors~adEditor~adManager~alertsUnsubscribePage~biztoolsPage~channelSectionPage~commerceDashboard~c~980c800a.919ea929fcb029a9a72e.js Show response
gizmodo.com/x-kinja-static/assets/new-client/ 10 KB
3 KB 4ms
0ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/x-kinja-static/assets/new-client/vendors~adEditor~adManager~alertsUnsubscribePage~biztoolsPage~channelSectionPage~commerceDashboard~c~980c800a.919ea929fcb029a9a72e.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1bbee1696340edd7c6bd495f1f4689bc36279dd5669c4c9937e84dbcedb96e88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Origin: https://gizmodo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 859702
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 3152
x-amz-id-2: hAHaep0HkhsN6KRR0ZuDygzm3mEQW2lzhjEtyDkwd8rAuN6S7TLYWwjDJEg5G6m+exC0PA5yxKQ=
x-served-by: cache-cdg20779-CDG, cache-cdg20737-CDG
last-modified: Tue, 30 Nov 2021 17:00:31 GMT
server: AmazonS3
x-timer: S1639151529.880424,VS0,VE0
etag: "c4967ba72da7be9cc45ba5f229aa3a38"
vary: Accept-Encoding, Authorization
x-amz-request-id: BAE0A1BGM0F13YKR
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-http2-push: pushed
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 2, 327

GET
H2 200 1.3bdeddaf9019285d22db.js Show response
gizmodo.com/x-kinja-static/assets/new-client/ 7 KB
2 KB 4ms
0ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/x-kinja-static/assets/new-client/1.3bdeddaf9019285d22db.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

194662b5e721e1296b1248044fbd905c8ce6d6670b0a72783ca2522925981786

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Origin: https://gizmodo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9159253
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 2238
x-amz-id-2: l+kpq2kEviid4CYw7MPR344IDDNIe0gssItMmQpElIK9fs20Tqh+OLuFklj8bk3aoi6FeYytiMw=
x-served-by: cache-cdg20730-CDG, cache-cdg20737-CDG
last-modified: Thu, 26 Aug 2021 15:35:27 GMT
server: AmazonS3
x-timer: S1639151529.880690,VS0,VE0
etag: "26106da7e88b3af9848c02980df9c6ac"
vary: Accept-Encoding, Authorization
x-amz-request-id: VGFK35XMB6N4BXK3
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-http2-push: pushed
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 323

GET
H2 200 vendors~adManager.ca74869be23da02fb809.js Show response
gizmodo.com/x-kinja-static/assets/new-client/ 12 KB
4 KB 3ms
0ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/x-kinja-static/assets/new-client/vendors~adManager.ca74869be23da02fb809.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

94309a08caaa85e6316c3393e940b80a016c059fdb30fe4d5af95bfb68f789e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Origin: https://gizmodo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8604758
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 3535
x-amz-id-2: eBGhDNo+aXzfYGJg2Yh0NczrKc8FAHQ1R+yaqpe/sM99qBvU7OuoY3yMuoLC8d9yAwpAhr8rLM4=
x-served-by: cache-cdg20746-CDG, cache-cdg20737-CDG
last-modified: Wed, 01 Sep 2021 22:56:36 GMT
server: AmazonS3
x-timer: S1639151529.881030,VS0,VE0
etag: "ad140db9edc635afa6c993b9a7f5011e"
vary: Accept-Encoding, Authorization
x-amz-request-id: FS90S2M6DNNKN0Y0
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-http2-push: pushed
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 0, 325

GET
H2 200 2.a3beb751c4486fe3bc04.js Show response
gizmodo.com/x-kinja-static/assets/new-client/ 104 KB
20 KB 4ms
0ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/x-kinja-static/assets/new-client/2.a3beb751c4486fe3bc04.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c44d54cb4b2811123ded679809a9e9841feb71eb90166991f11169ee95699269

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Origin: https://gizmodo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 166167
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 19696
x-amz-id-2: Y8cPx8z8XtmJ0wa/dOXoWm0KPh4DuuKBcIyGa/mUCt/5nXiNv5mOBJo25EPJ3pjohDvmGucwjbg=
x-served-by: cache-cdg20754-CDG, cache-cdg20737-CDG
last-modified: Wed, 08 Dec 2021 17:40:19 GMT
server: AmazonS3
x-timer: S1639151529.881201,VS0,VE0
etag: "e9a7555dc4bf55d65f255b42dbaec174"
vary: Accept-Encoding, Authorization
x-amz-request-id: ZQB36BF7W9GW7FH9
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-http2-push: pushed
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 361

GET
H2 200 adManager~trackers.bb2282ec22b10fda912e.js Show response
gizmodo.com/x-kinja-static/assets/new-client/ 11 KB
4 KB 4ms
0ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/x-kinja-static/assets/new-client/adManager~trackers.bb2282ec22b10fda912e.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

67aef848ffd07fcca6c638b57a792f11a48bb87ab93685c13ce333b83efec4c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Origin: https://gizmodo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 166168
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 3422
x-amz-id-2: gLSRR+h/rhWsmqB1voKOAxsezq0MAsVdn1Qagrv+7rmuuYnCAdgLYJTypWjd6yrmKIQEM7077R4=
x-served-by: cache-cdg20721-CDG, cache-cdg20737-CDG
last-modified: Wed, 08 Dec 2021 17:40:20 GMT
server: AmazonS3
x-timer: S1639151529.881432,VS0,VE0
etag: "9e1f7c444f53fce4578efd8aeadb7c2d"
vary: Accept-Encoding, Authorization
x-amz-request-id: ZQB1GXYF9A3WNDJY
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-http2-push: pushed
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 326

GET
H2 200 adManager.44f5fab632c18c774cb1.js Show response
gizmodo.com/x-kinja-static/assets/new-client/ 60 KB
16 KB 4ms
0ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/x-kinja-static/assets/new-client/adManager.44f5fab632c18c774cb1.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3aea8e727cf57c7e65ca90a77ba45f30c9bf39b614a9a20d7f4332ccbff74370

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Origin: https://gizmodo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79791
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 15572
x-amz-id-2: G/k6MT746sXx7IgshbBuSiahSZ7T4laAgUNDnajR/8HU7a0UnksaGJn8wa+tED9R
x-served-by: cache-cdg20769-CDG, cache-cdg20737-CDG
last-modified: Thu, 09 Dec 2021 17:39:58 GMT
server: AmazonS3
x-timer: S1639151529.881646,VS0,VE0
etag: "c0a3ccb9693e775ba7836b9d16b7d080"
vary: Accept-Encoding, Authorization
x-amz-request-id: N8H10CEDHZHE24J9
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-http2-push: pushed
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 353

GET
H2 200 accountwithtoken Show response
kinja.com/api/profile/ 197 B
1 KB 114ms
107ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja.com/api/profile/accountwithtoken?jsonp=_fasttoken&newFollows=true

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34d4007b4a9032fabc81e230cd2f45483a43b703e587227b96af0326693beca5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cache: MISS, MISS
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-ua-device: desktop
x-cdn-fetch: mantle-setcookie
content-length: 195
x-xss-protection: 1; mode=block
x-served-by: cache-bwi5146-BWI, cache-cdg20737-CDG
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1639151529.945135,VS0,VE85
x-frame-options: DENY
date: Fri, 10 Dec 2021 15:52:09 GMT
vary: Accept-Encoding,Origin
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache, no-store, private
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0

GET
H2 200 script Show response
script-api.kinja.com/ 32 KB
9 KB 343ms
103ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.kinja.com/script?id=gizmodo.com&parentId=968ce6abb2
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: db4b7fab912feae4c5c6d6d6f9fbd1546c6a9ba08e3a553436257849e984c186

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
cache-control: private,max-age=900
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 90 KB
35 KB 41ms
15ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TH42LHK

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e16456425cf7f027e33160c6a93f775858561bbb7d2e0fd32d426a6921f831b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35198
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Dec 2021 15:52:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3061
date: Fri, 10 Dec 2021 15:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 10 Dec 2021 17:01:07 GMT

GET
H2 200 no63bw902mddhwxtjtxh.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 2 KB
2 KB 29ms
18ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/no63bw902mddhwxtjtxh.png
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5fa1b90217bb9ee7ec9bc013916964ddb9e2605d81c01c75242a05083a9ce78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: multipartBody6855767851325188419asTemporaryFile
via: 1.1 varnish, 1.1 varnish
etag: "VYPtQHZ21kthFozg0XzD6acYx23adVuS+kTR5e3Ma9s"
x-amz-meta-cld-interesting: {"eyedea":[]}
age: 7370785
accept-ranges: bytes
x-amz-meta-cld-version: 1503075550
x-cache: HIT, HIT
fastly-io-info: ifsz=6288 idim=224x224 ifmt=png ofsz=1700 odim=80x80 ofmt=webp
x-amz-meta-cld-surrogate-key: 480706910386508392927032937926435373969
fastly-stats: io=1
x-amz-request-id: H1JXRKRGF79YJ6WD
x-amz-id-2: scNP+M+VsfHNWvD0vH31vOjcnnV1ANfgF5lZzZ0H9EStf+jw14jczW3vet225c57Q/LkSuRgRRY=
x-served-by: cache-bwi5125-BWI, cache-cdg20737-CDG
x-amz-meta-cld-transformation-id: 10000011314925
server: AmazonS3
x-timer: S1639151529.950348,VS0,VE0
date: Fri, 10 Dec 2021 15:52:08 GMT
vary: Accept
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length: 1700
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1087

GET
H2 200 rnxqtvv6advgidzfs6am.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 1 KB
1 KB 18ms
16ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/rnxqtvv6advgidzfs6am.png
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 695d18fc0d3253ff18ee97cfc66179c16f4aa1e823820bcee093e9295ca947df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: multipartBody3013833540755996328asTemporaryFile
via: 1.1 varnish, 1.1 varnish
etag: "ML/okACXgHDAAAZMddxnIAac6HCCSFFhJjiXgDSEkWk"
x-amz-meta-cld-interesting: {"eyedea":[]}
age: 7377485
accept-ranges: bytes
x-amz-meta-cld-version: 1429558706
x-cache: HIT, HIT
fastly-io-info: ifsz=7032 idim=500x500 ifmt=png ofsz=1110 odim=80x80 ofmt=webp
fastly-stats: io=1
x-amz-request-id: ZPQPSH2972MSZNCH
x-amz-id-2: rbl0HEPcW8iXl6PbIsz47RF3FjrkB+Zsz6/FdMfy5Bz3k1wxDYHqE1AKirIGV2/zUokE4ZScFGc=
x-served-by: cache-bwi5147-BWI, cache-cdg20737-CDG
x-amz-meta-cld-transformation-id: 10000011314925
server: AmazonS3
x-timer: S1639151529.970965,VS0,VE0
date: Fri, 10 Dec 2021 15:52:08 GMT
vary: Accept
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length: 1110
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 233

GET
H2 200 52a29fe0001de9a08e76ea6d559528e9.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 888 B
1 KB 16ms
16ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/52a29fe0001de9a08e76ea6d559528e9.png
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 794988cdd4276662be72313c3fe92c673a2d64dad47a7b3030423a4feab406d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: sh_6brm4QTuY6IG8MUH9BKryMuYqgH68
via: 1.1 varnish, 1.1 varnish
etag: "cA/yrCgVxIfgSmIQi3V2k1rXjktIHyFHxPxVH/AQDoM"
age: 4269288
x-cache: HIT, HIT
fastly-io-info: ifsz=597 idim=64x64 ifmt=png ofsz=888 odim=80x80 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 888
x-amz-id-2: 8GA5LHkWKx6V6xXvZmimYbs2pZFJGYtcVZpR0z3ih3DbMvJDyWkxZBD2/jQCzAqWMKhNPe+xzhE=
x-served-by: cache-bwi5169-BWI, cache-cdg20737-CDG
server: AmazonS3
x-timer: S1639151529.975705,VS0,VE0
date: Fri, 10 Dec 2021 15:52:08 GMT
vary: Accept
x-amz-request-id: VMZ817GX40PRAGVR
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
accept-ranges: bytes
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 231

GET
H2 200 aqhdzcldymb9mkltfhxh.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 1022 B
2 KB 16ms
16ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/aqhdzcldymb9mkltfhxh.png
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6865fdaa619738961b7a2b2ce90803745a2327084d611f55145b09750505f5a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: multipartBody222051404886864292asTemporaryFile
via: 1.1 varnish, 1.1 varnish
etag: "nsDztHNj4GIxLtfgblyZRw1/FXCb5xUznWZFK2Df9eU"
x-amz-meta-cld-interesting: {"eyedea":[]}
age: 1935542
accept-ranges: bytes
x-amz-meta-cld-version: 1429730049
x-cache: HIT, HIT
fastly-io-info: ifsz=3681 idim=500x500 ifmt=png ofsz=1022 odim=80x80 ofmt=webp
fastly-stats: io=1
x-amz-request-id: TKPVBP1W5X9PRWHK
x-amz-id-2: 2kjW3eXqnXeUgsDh2lTNK1NWjTLAW+yZy2197V2/uu1oQAul/GCtit8K/K8kvjNZfb9aNHvtx84=
x-served-by: cache-bwi5150-BWI, cache-cdg20737-CDG
x-amz-meta-cld-transformation-id: 10000011314925
server: AmazonS3
x-timer: S1639151529.976834,VS0,VE0
date: Fri, 10 Dec 2021 15:52:08 GMT
vary: Accept
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length: 1022
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 232

GET
H2 200 muaaluj2wznfomol9ero.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 484 B
907 B 16ms
16ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/muaaluj2wznfomol9ero.png
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5338cf28185a0f0aee716e5ea8592b898b678b6e67925633a13925e4dab253a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: multipartBody3677078627959104967asTemporaryFile
via: 1.1 varnish, 1.1 varnish
etag: "vtSmZRVEcBUfvO7ZAqx46XF4EXc1v/0XODZh9iOuDcg"
age: 276496
accept-ranges: bytes
x-amz-meta-cld-version: 1602603556
x-cache: HIT, HIT
fastly-io-info: ifsz=8991 idim=512x512 ifmt=png ofsz=484 odim=80x80 ofmt=webp
x-amz-meta-cld-surrogate-key: 483978020382689015626380439451237866648
fastly-stats: io=1
x-amz-request-id: EAQWYTRBQWPWFTHP
x-amz-id-2: RJfEkGXvZdbmnbr76Og4Fnd2j8l/kXqUle1x+WjxVOimJLkGlJ9eqY/lONhaJEHrRX0ztgWoHiY=
x-served-by: cache-bwi5137-BWI, cache-cdg20737-CDG
x-amz-meta-cld-transformation-id: 10000011314925
server: AmazonS3
x-timer: S1639151529.979682,VS0,VE0
date: Fri, 10 Dec 2021 15:52:08 GMT
vary: Accept
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length: 484
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 3, 229

GET
H2 200 v4sckews2f3bzf0ztbkf.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 2 KB
2 KB 16ms
16ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/v4sckews2f3bzf0ztbkf.png
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d840f0d6fa9d269bbb3ba942393b71e93c77092408a5cb15d7017bce287174b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: multipartBody1373544057627936484asTemporaryFile
via: 1.1 varnish, 1.1 varnish
etag: "guIJo0O57rbmafTXAoEwbE+mpyfjSre0bXYj7lJkt/4"
age: 6759180
accept-ranges: bytes
x-amz-meta-cld-version: 1561985979
x-cache: HIT, HIT
fastly-io-info: ifsz=5431 idim=200x200 ifmt=png ofsz=1766 odim=80x80 ofmt=webp
x-amz-meta-cld-surrogate-key: 468094834964017519943413805555445884312
fastly-stats: io=1
x-amz-request-id: P0FFM0GP1VKXY4VP
x-amz-id-2: ypcDt0C7lhfIfFpZhgfGs/d8w69+ws5LYwqIUDgT3S2FR4qL+aHBHPxwVR/JElmn7Ft4JzgLjPw=
x-served-by: cache-bwi5178-BWI, cache-cdg20737-CDG
x-amz-meta-cld-transformation-id: 10000011314925
server: AmazonS3
x-timer: S1639151529.984829,VS0,VE0
date: Fri, 10 Dec 2021 15:52:08 GMT
vary: Accept
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length: 1766
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1123

GET
H2 200 u0939doeuioaqhspkjyc.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 652 B
1 KB 17ms
16ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/u0939doeuioaqhspkjyc.png
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8adbca7c94a147c083f537865f279f6be4a4fd50bb39e5c4e961f2c76a28292d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: multipartBody830235350765191724asTemporaryFile
via: 1.1 varnish, 1.1 varnish
etag: "2fDdZJUddEHtV3hfCHqH0z5efk43ZObTZ28CZl52xqY"
x-amz-meta-cld-interesting: {"eyedea":[]}
age: 2615472
accept-ranges: bytes
x-amz-meta-cld-version: 1429733475
x-cache: HIT, HIT
fastly-io-info: ifsz=2682 idim=500x500 ifmt=png ofsz=652 odim=80x80 ofmt=webp
fastly-stats: io=1
x-amz-request-id: QTJ5FSAWHG337YQ8
x-amz-id-2: 6Y8XzYc12L3h7slkY3DmTOkRr33IjgWZCAuCIk4uVo8tGQeqjRIvNY+mzKr5j5MpyEhddVfndkw=
x-served-by: cache-bwi5135-BWI, cache-cdg20737-CDG
x-amz-meta-cld-transformation-id: 10000011314925
server: AmazonS3
x-timer: S1639151529.987923,VS0,VE0
date: Fri, 10 Dec 2021 15:52:08 GMT
vary: Accept
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length: 652
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1060

GET
H2 200 f5zr3vuc90hrpnmx0nme.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 2 KB
2 KB 17ms
16ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/f5zr3vuc90hrpnmx0nme.png
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e14be9e8f91d3649c96f7c89191f211bfd2943687755a6bd5177203c5adb57af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: multipartBody5089823256283285827asTemporaryFile
via: 1.1 varnish, 1.1 varnish
etag: "IFnRqtHuab/D9WewDkH/AkEmOuR0xXmEDeP+0/rfuaQ"
x-amz-meta-cld-interesting: {"eyedea":[]}
age: 5566416
accept-ranges: bytes
x-amz-meta-cld-version: 1484240451
x-cache: HIT, HIT
fastly-io-info: ifsz=5337 idim=200x200 ifmt=png ofsz=1708 odim=80x80 ofmt=webp
x-amz-meta-cld-surrogate-key: 322300280938454116175192213674274011072
fastly-stats: io=1
x-amz-request-id: GVQ298WTCJBMY8DK
x-amz-id-2: XgSlASqf3tLGH9Rgxz1JAD0HMPy2CVNgCYhvP7Wdd9vZWXLXnijrOQzqKZtb7pFrHa1UlDCL9Lw=
x-served-by: cache-bwi5150-BWI, cache-cdg20737-CDG
x-amz-meta-cld-transformation-id: 10000011314925
server: AmazonS3
x-timer: S1639151529.988193,VS0,VE0
date: Fri, 10 Dec 2021 15:52:08 GMT
vary: Accept
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length: 1708
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 550

GET
H2 200 j59upeyynundqjvbmcwj.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 942 B
1 KB 19ms
14ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/j59upeyynundqjvbmcwj.png
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a9155f50ff45150c98d3e5e9800022fcf7610f6c348d99e2f988051b9799aaf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: multipartBody5647568388075833577asTemporaryFile
via: 1.1 varnish, 1.1 varnish
etag: "g4OUMDqvQ78AwMsFMg11KMdpYejgiVtJWx7bLWcejAw"
x-amz-meta-cld-interesting: {"eyedea":[]}
age: 2954123
accept-ranges: bytes
x-amz-meta-cld-version: 1510760963
x-cache: HIT, HIT
fastly-io-info: ifsz=2431 idim=200x200 ifmt=png ofsz=942 odim=80x80 ofmt=webp
x-amz-meta-cld-surrogate-key: 545737664738484407205887734951684369634
fastly-stats: io=1
x-amz-request-id: C8V89KE2G21Y7CPD
x-amz-id-2: 81ISK4lEj00eBfOA5RQWGZsR7D0IRW/nEnf1sk390f6lHvtQ4J06i9AmkdXGHe0NHvAFYdyLk+M=
x-served-by: cache-bwi5157-BWI, cache-cdg20737-CDG
x-amz-meta-cld-transformation-id: 10000011314925
server: AmazonS3
x-timer: S1639151529.994818,VS0,VE1
date: Fri, 10 Dec 2021 15:52:08 GMT
vary: Accept
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length: 942
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 542

GET
H2 200 eti2h1r4wg0bqxctxenl.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 3 KB
4 KB 21ms
16ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/eti2h1r4wg0bqxctxenl.png
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 571bf2874f0d17d36e34dd86a44c881aebd2a741703b7685335d024b10b313b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: multipartBody9216025664334835932asTemporaryFile
via: 1.1 varnish, 1.1 varnish
etag: "g3qBe8yyh7UE/UEH/cpB2h83Z5HxlWs4w+le2UALplU"
x-amz-meta-cld-interesting: {"eyedea":[]}
age: 3744006
accept-ranges: bytes
x-amz-meta-cld-version: 1507152724
x-cache: HIT, HIT
fastly-io-info: ifsz=9635 idim=200x200 ifmt=png ofsz=3320 odim=80x80 ofmt=webp
x-amz-meta-cld-surrogate-key: 242639741913270226995454111658787352621
fastly-stats: io=1
x-amz-request-id: QRR8746155NGCPMQ
x-amz-id-2: i4hQavF3OyxhH6GlDi08wxBIvFpo+RXQftCYAAYhArcsaG2LMTymjw9BdEHUPGbexw73/JWSLpY=
x-served-by: cache-bwi5181-BWI, cache-cdg20737-CDG
x-amz-meta-cld-transformation-id: 10000011314925
server: AmazonS3
x-timer: S1639151529.998531,VS0,VE0
date: Fri, 10 Dec 2021 15:52:08 GMT
vary: Accept
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length: 3320
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 554

GET
H2 200 kqnkjlylkf7tymsqmoqr.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 3 KB
3 KB 18ms
17ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/kqnkjlylkf7tymsqmoqr.png
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd2b62f8b97109b3c256b6907602a2fe4de7999c88050402b0d5efcd94009eb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: multipartBody2898060715416624274asTemporaryFile
via: 1.1 varnish, 1.1 varnish
etag: "capslbw8Mfspc5aYfErSeqmKb4mAWu7ItKqSjAgxNUE"
age: 4871455
accept-ranges: bytes
x-amz-meta-cld-version: 1526574123
x-cache: HIT, HIT
fastly-io-info: ifsz=7369 idim=200x200 ifmt=png ofsz=2754 odim=80x80 ofmt=webp
x-amz-meta-cld-surrogate-key: 308520473166932787693719626034387016602
fastly-stats: io=1
x-amz-request-id: 4253T5YJR78M798Q
x-amz-id-2: uBrBvcShQL1ttjOlry/lndlVyxFWqL6WVteh66x9l2qhxmQ9KtW8xeLjM7JsMX/+BSGqR1yx4+A=
x-served-by: cache-bwi5162-BWI, cache-cdg20737-CDG
x-amz-meta-cld-transformation-id: 10000011314925
server: AmazonS3
x-timer: S1639151529.998945,VS0,VE0
date: Fri, 10 Dec 2021 15:52:08 GMT
vary: Accept
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length: 2754
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 543

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 runtime~trackers.e66e7b5547f9a890fa3d.js Show response
gizmodo.com/x-kinja-static/assets/new-client/ 3 KB
1 KB 1ms
0ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/x-kinja-static/assets/new-client/runtime~trackers.e66e7b5547f9a890fa3d.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6850e98440a49430e1f021383fa47ba895af88c46b5f9d72a6982bedc7c079f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4368786
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 1128
x-amz-id-2: MXX4Q4TWRfLnlDQMMlwNCjtS5Y/DFwvJX0zieUwq1X6Hf6FVmZ9gL21YGApi5nh53EXovcicVpM=
x-served-by: cache-cdg20739-CDG, cache-cdg20737-CDG
last-modified: Wed, 20 Oct 2021 22:04:53 GMT
server: AmazonS3
x-timer: S1639151529.881773,VS0,VE0
etag: "ec9a1e6a3bd263ef34981a6042ba5d20"
vary: Accept-Encoding, Authorization
x-amz-request-id: ZNCV2RMXFRZ6HWQS
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-http2-push: pushed
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 313

GET
H2 200 vendors~trackers.fba523b4da629e2545f0.js Show response
gizmodo.com/x-kinja-static/assets/new-client/ 20 KB
7 KB 3ms
0ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/x-kinja-static/assets/new-client/vendors~trackers.fba523b4da629e2545f0.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

66c931a6f6e9b2cf6c3a42a79aca893f847c7a1fe11ac4ecf194efe11d17e112

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74592
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 6641
x-amz-id-2: A47UA9ifhMD+FByqeyU2lJ9YO0XfL4LzneiURR4mmfkFNS3X1fiu2/m0bafAIlqNoFvR9fSQ8d8=
x-served-by: cache-cdg20730-CDG, cache-cdg20737-CDG
last-modified: Thu, 09 Dec 2021 19:05:29 GMT
server: AmazonS3
x-timer: S1639151529.881843,VS0,VE0
etag: "90c89c2cd5d6d047c57fa1b0d53a9e86"
vary: Accept-Encoding, Authorization
x-amz-request-id: QSJNWREB2Y8HY7MN
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-http2-push: pushed
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 333

GET
H2 200 second-scroll~trackers.94b05574fcc9bd3df327.js Show response
gizmodo.com/x-kinja-static/assets/new-client/ 9 KB
3 KB 4ms
0ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/x-kinja-static/assets/new-client/second-scroll~trackers.94b05574fcc9bd3df327.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50ee0dcaf262f35534df4e89772941e35bd4da8433f90c3b339d9e859588ad5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3192155
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 2911
x-amz-id-2: 4bFhtegANGS2M1Lxfdsk8ivnQb071E3oCCMcaz3z430eXCicm8Iz7XYncgf2rJfiHD4RXtGc69E=
x-served-by: cache-cdg20758-CDG, cache-cdg20737-CDG
last-modified: Wed, 03 Nov 2021 17:05:19 GMT
server: AmazonS3
x-timer: S1639151529.882017,VS0,VE0
etag: "efb9a2906faf99a73c2f0a037d259e6d"
vary: Accept-Encoding, Authorization
x-amz-request-id: Z2VKR3AAGZ9S5CDC
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-http2-push: pushed
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 323

GET
H2 200 trackers.e83099c45d9bbdc69dde.js Show response
gizmodo.com/x-kinja-static/assets/new-client/ 27 KB
8 KB 5ms
0ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/x-kinja-static/assets/new-client/trackers.e83099c45d9bbdc69dde.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

27e98f40761c493c424145161909ab5ccc2fd233bde82853d6e8a80829865eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74592
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 7716
x-amz-id-2: XRdJgAzNsMgEydyTTF3vGUSGVL5Jmh8akfj1ZNr4N5gOMqoSEJzu3UEkOsBtjuJztxXfdFabook=
x-served-by: cache-cdg20726-CDG, cache-cdg20737-CDG
last-modified: Thu, 09 Dec 2021 19:05:28 GMT
server: AmazonS3
x-timer: S1639151529.882123,VS0,VE0
etag: "7c967920fc5e00af36777c64ed3e80a0"
vary: Accept-Encoding, Authorization
x-amz-request-id: QSJSJ7Y8AGG8MVE1
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-http2-push: pushed
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 340

GET
H2 200 runtime~permalinkPage.a34284802e0d3dc2bb19.js Show response
x.kinja-static.com/assets/new-client/ 14 KB
4 KB 17ms
16ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.a34284802e0d3dc2bb19.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7b5d708c5ddd994fb4357a7d4d5f5751cde06b5d6ef5dd66c6ad3a4423ec01da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105
via: 1.1 varnish
x-cache: HIT
content-length: 3345
x-amz-id-2: vP9cWPZZN7KVaJiELRt+fZm7Wgi/0zZ3gpFrjit/1FFRumdy5Ne58llmikdbJC2zUjyGYZNvUJs=
x-served-by: cache-cdg20737-CDG
last-modified: Wed, 08 Dec 2021 19:30:10 GMT
server: AmazonS3
x-timer: S1639151529.002293,VS0,VE1
etag: "5ed85d2788712850f9951138e83a42cc"
vary: Accept-Encoding
x-amz-request-id: 5PTZ3AT0W59421DM
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~adEditor~alertsUnsubscribePage~biztoolsPage~channelSectionPage~commerceDashboard~curatedHome~586e6482.4b9d3f72dcb2c7539ae4.js Show response
x.kinja-static.com/assets/new-client/ 115 KB
32 KB 20ms
19ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~biztoolsPage~channelSectionPage~commerceDashboard~curatedHome~586e6482.4b9d3f72dcb2c7539ae4.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

875bd363305b38d8841cb4d16303ced3964dd6be3d09de9f436669ba2547a987

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31
via: 1.1 varnish
x-cache: HIT
content-length: 32802
x-amz-id-2: mwaayVEaztaUZJJWijX2AD1pqv8Fs9M5bwMZIBAIDOGj5N29g7emJzDZaYwfVtXlPE4z/8raX/s=
x-served-by: cache-cdg20737-CDG
last-modified: Mon, 22 Nov 2021 20:54:27 GMT
server: AmazonS3
x-timer: S1639151529.006533,VS0,VE1
etag: "e58212cbc91029aa4acf0cc73f46dbfe"
vary: Accept-Encoding
x-amz-request-id: XSGSNYSSEAWXD4GR
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~adEditor~alertsUnsubscribePage~biztoolsPage~channelSectionPage~commerceDashboard~curatedHome~3d0b73bb.fbe44b72e8c337552335.js Show response
x.kinja-static.com/assets/new-client/ 6 KB
2 KB 19ms
18ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~biztoolsPage~channelSectionPage~commerceDashboard~curatedHome~3d0b73bb.fbe44b72e8c337552335.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f6a31a00fc661a550d15ffa6be4c1bb76faca73b98e97bed8534d56d3c85a20d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61
via: 1.1 varnish
x-cache: HIT
content-length: 2100
x-amz-id-2: dm/wV85yMAdf9TKO3D9k73K4eDn33UylPFY04SryOmXWu4fvzMI+J9YL+Bsc1a0bDGNr088cc9s=
x-served-by: cache-cdg20737-CDG
last-modified: Mon, 06 Dec 2021 22:00:25 GMT
server: AmazonS3
x-timer: S1639151529.006845,VS0,VE1
etag: "6f3362a493570b51835652f2a7b356c5"
vary: Accept-Encoding
x-amz-request-id: CXED8XPFD4FVV5H6
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~adEditor~alertsUnsubscribePage~biztoolsPage~channelSectionPage~commerceDashboard~curatedHome~7bad6d6e.c831fd8b2f2ec5a3d919.js Show response
x.kinja-static.com/assets/new-client/ 4 KB
2 KB 20ms
20ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~biztoolsPage~channelSectionPage~commerceDashboard~curatedHome~7bad6d6e.c831fd8b2f2ec5a3d919.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7de345118716980f490d0db13e907019b7cff3c4e306349215ffff844e509f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61
via: 1.1 varnish
x-cache: HIT
content-length: 1606
x-amz-id-2: 03Jd1O21REr3+tJqtPaPHRXOdZXjX9awlRNBA8eMmwH9F2OwoHbBlFHb2UmkkM3nBYM4jy+rBU4=
x-served-by: cache-cdg20737-CDG
last-modified: Mon, 06 Dec 2021 22:00:25 GMT
server: AmazonS3
x-timer: S1639151529.007105,VS0,VE1
etag: "3c9e682d987bebd8c7c72580af877c94"
vary: Accept-Encoding
x-amz-request-id: 55ZQC8D0DV9A1NXD
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~adEditor~alertsUnsubscribePage~biztoolsPage~channelSectionPage~commerceDashboard~curatedHome~467ee154.3c91f0c5792f4d62aaa9.js Show response
x.kinja-static.com/assets/new-client/ 7 KB
3 KB 16ms
16ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~biztoolsPage~channelSectionPage~commerceDashboard~curatedHome~467ee154.3c91f0c5792f4d62aaa9.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0131733a1dcf92378d7e567baa326140c50d95bb6cae590c0a07a2692e07866a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63
via: 1.1 varnish
x-cache: HIT
content-length: 2577
x-amz-id-2: B+MiJnpeeamzEfKi5JGDX0PcWRd7/biDR0e2xEm7UoyfoQzAG548x+azcLAQP8icoL8HEpMCPMY=
x-served-by: cache-cdg20737-CDG
last-modified: Thu, 09 Dec 2021 22:04:50 GMT
server: AmazonS3
x-timer: S1639151529.010685,VS0,VE1
etag: "f5f01250c8f5e23b51f9aaa1b517dcf3"
vary: Accept-Encoding
x-amz-request-id: 1TMSXHDX844269AG
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~adEditor~alertsUnsubscribePage~biztoolsPage~channelSectionPage~commerceDashboard~curatedHome~4ce81ff1.f9a27894ecec13295156.js Show response
x.kinja-static.com/assets/new-client/ 3 KB
1 KB 16ms
16ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~biztoolsPage~channelSectionPage~commerceDashboard~curatedHome~4ce81ff1.f9a27894ecec13295156.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3fe2a048a1cac466c0a9ef6603d95d1cb9eeddf18208eb2b9d50836f96fb80ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102
via: 1.1 varnish
x-cache: HIT
content-length: 1289
x-amz-id-2: Vnj0NV2cyz4kq8QE0Nef3woTnRXai54lyWzVkV1fCgIgwRC/kYV8q1pQXPtBofPT7TpbUx0e5xk=
x-served-by: cache-cdg20737-CDG
last-modified: Wed, 03 Nov 2021 19:35:12 GMT
server: AmazonS3
x-timer: S1639151529.011407,VS0,VE1
etag: "cb4ddd5569bacaaf2f9e312ad66ffa58"
vary: Accept-Encoding
x-amz-request-id: WA92TS8MG88869AZ
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~adEditor~alertsUnsubscribePage~biztoolsPage~channelSectionPage~commerceDashboard~curatedHome~924cc295.e122fdd5189c17fa9449.js Show response
x.kinja-static.com/assets/new-client/ 29 KB
8 KB 18ms
17ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~biztoolsPage~channelSectionPage~commerceDashboard~curatedHome~924cc295.e122fdd5189c17fa9449.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8a4a9d8475ca11dca0dc8e3aee776432d6de9989b08519d2d6669278f635a0d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103
via: 1.1 varnish
x-cache: HIT
content-length: 8511
x-amz-id-2: xmD41PPEg1SWvFo5CULm18G+iDAB246gCyjGkMQ3bWBLMij3QqJzB35vosRkZi368tEgKdD+rkM=
x-served-by: cache-cdg20737-CDG
last-modified: Thu, 09 Dec 2021 22:04:50 GMT
server: AmazonS3
x-timer: S1639151529.020050,VS0,VE1
etag: "b6e4340aa8d9c23ad0c1fefccd43ac26"
vary: Accept-Encoding
x-amz-request-id: XP5PHE13KCWHPS5T
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~9e39cb90.728776f5ecf73382a003.js Show response
x.kinja-static.com/assets/new-client/ 4 KB
2 KB 18ms
16ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~9e39cb90.728776f5ecf73382a003.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fb6eb180a7807cf8503f57e2cf237138ac3746d20c1ce171d749ed98dcf34ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102
via: 1.1 varnish
x-cache: HIT
content-length: 1562
x-amz-id-2: 4PBAzTsZkrAdKDcRZZfkm8PfKxr2Z444+z1b8yI4W1rU/cNW/PCkQ4G7z6AT2UkZr5OkS+A3V/A=
x-served-by: cache-cdg20737-CDG
last-modified: Wed, 17 Nov 2021 10:52:28 GMT
server: AmazonS3
x-timer: S1639151529.027852,VS0,VE1
etag: "46dbd0c40b4a1a987fe3d77edfb4184e"
vary: Accept-Encoding
x-amz-request-id: 00DR19X0E8NDETB4
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~adEditor~biztoolsPage~browser-logs~channelSectionPage~commerceDashboard~curatedHomepage~erro~c33966dd.82eaf167060e7fba8850.js Show response
x.kinja-static.com/assets/new-client/ 18 KB
6 KB 18ms
17ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~browser-logs~channelSectionPage~commerceDashboard~curatedHomepage~erro~c33966dd.82eaf167060e7fba8850.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bea46f3f1c19557bf886c4006b0af4730c0d14d28a1cec1ac743c890f66359d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111
via: 1.1 varnish
x-cache: HIT
content-length: 5355
x-amz-id-2: dwSgpUNJNYSpzhgSxTMoClMHoplnxF5pinbizWs2iTkOd9ML3+77qfBsyl89K45K5wHVlIORhJY=
x-served-by: cache-cdg20737-CDG
last-modified: Thu, 09 Dec 2021 22:04:50 GMT
server: AmazonS3
x-timer: S1639151529.028201,VS0,VE1
etag: "e1c79d89fd887c7d33e50e979ea0846c"
vary: Accept-Encoding
x-amz-request-id: 1KESV1EG5M8J6VJH
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js Show response
x.kinja-static.com/assets/new-client/ 31 KB
10 KB 18ms
17ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

444c745dbb80f80a2b84c32645676ad61bae55acdb30f34ee3ec015046b667c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69
via: 1.1 varnish
x-cache: HIT
content-length: 9750
x-amz-id-2: mWfi0C8LXC2h3XBmR40HLSC/xCJv0Bf6n4NiohTCjbe7XoIkO+eBt0+vl4pUI/PRuB0+4Nxixcg=
x-served-by: cache-cdg20737-CDG
last-modified: Mon, 06 Dec 2021 22:00:25 GMT
server: AmazonS3
x-timer: S1639151529.028404,VS0,VE1
etag: "9012867799f23d6f9a14dffdf7a949be"
vary: Accept-Encoding
x-amz-request-id: 1XE4QM2KYJA85P96
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 3.d4cc11a4c063683e4a30.js Show response
x.kinja-static.com/assets/new-client/ 460 KB
103 KB 19ms
19ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/3.d4cc11a4c063683e4a30.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a02e97b5142073943544a11660eea34c7220a46a64eed8945496327e1808a503

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100
via: 1.1 varnish
x-cache: HIT
content-length: 104839
x-amz-id-2: Pje00+94C/Urytm7kqrnpx8MK1pgk0t6bjDIHqAz+WybMxxGazxOV6nuOIkG2MDO0GHgNpzwyMk=
x-served-by: cache-cdg20737-CDG
last-modified: Wed, 01 Dec 2021 00:40:05 GMT
server: AmazonS3
x-timer: S1639151529.028535,VS0,VE1
etag: "5d80ffaa90198995c93d6cae90fef072"
vary: Accept-Encoding
x-amz-request-id: CWMG1W3R1P8NW929
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~YMALModule~ad-welcome-ad.mobile~alertsUnsubscribePage~channelSectionPage~curatedHomepage~fea~c3658497.2be37df2ed8b32b74ddd.js Show response
x.kinja-static.com/assets/new-client/ 5 KB
2 KB 18ms
18ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~YMALModule~ad-welcome-ad.mobile~alertsUnsubscribePage~channelSectionPage~curatedHomepage~fea~c3658497.2be37df2ed8b32b74ddd.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d1d3bc772ecd6d97ca9f34613a31aa77c4fba442357e0ad6ac59422a4320ec02

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60
via: 1.1 varnish
x-cache: HIT
content-length: 1861
x-amz-id-2: bMXn6ExGm/PsunIlV+sQua8m/mc9KHZ4T0BeNWwJql7cmVm8jN1QQP2jfCgh0M9+2TepgemSFGM=
x-served-by: cache-cdg20737-CDG
last-modified: Thu, 09 Dec 2021 22:04:50 GMT
server: AmazonS3
x-timer: S1639151529.028682,VS0,VE1
etag: "934574bfaf75de2d9d9b7aa46cfc8333"
vary: Accept-Encoding
x-amz-request-id: NS6B6AYHQ69SQ11B
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~YMALModule~ad-welcome-ad.mobile~alertsUnsubscribePage~channelSectionPage~curatedHomepage~fea~0717c194.5b1b5ddae9cf1aa1f4ef.js Show response
x.kinja-static.com/assets/new-client/ 3 KB
2 KB 17ms
16ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~YMALModule~ad-welcome-ad.mobile~alertsUnsubscribePage~channelSectionPage~curatedHomepage~fea~0717c194.5b1b5ddae9cf1aa1f4ef.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

051ab97ebcc57e48c1c0197cec9721cf92a316f36f50ad1ac4785d82b4c87f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60
via: 1.1 varnish
x-cache: HIT
content-length: 1281
x-amz-id-2: 9NW8jUw1MEVBQzh6MQPWcQ0w2J20lIRBs38ji0WktWzn7eQoum12htfwsh5DxWTEIMHmyWzjieE=
x-served-by: cache-cdg20737-CDG
last-modified: Wed, 17 Nov 2021 10:52:28 GMT
server: AmazonS3
x-timer: S1639151529.038491,VS0,VE1
etag: "a72688224817ebbe25366b020cac0fb7"
vary: Accept-Encoding
x-amz-request-id: JN934EX369WPPZH5
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~YMALModule~channelSectionPage~curatedHomepage~featureSwitchPageClient~featuredPermalinkPage~~efecd4d0.4595863738c52e1f071f.js Show response
x.kinja-static.com/assets/new-client/ 22 KB
6 KB 18ms
17ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~YMALModule~channelSectionPage~curatedHomepage~featureSwitchPageClient~featuredPermalinkPage~~efecd4d0.4595863738c52e1f071f.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

aead809f400977a75421c91e1e82100e88cbdd841d335536017b9ea23e6ec529

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73
via: 1.1 varnish
x-cache: HIT
content-length: 6280
x-amz-id-2: f9KToEmbjWL9JfCzdJeHIjqmrFGCzUutUhEZutOrYhlkyS7OVwQaaStao/VlVdnxy220tCidQF8=
x-served-by: cache-cdg20737-CDG
last-modified: Wed, 01 Dec 2021 00:40:08 GMT
server: AmazonS3
x-timer: S1639151529.048035,VS0,VE1
etag: "d2e48588b0b6f99514a9bebf0310a8ef"
vary: Accept-Encoding
x-amz-request-id: XD29JH6070RWVA6F
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~channelSectionPage~curatedHomepage~frontPage~in-article-selector~permalinkPage~second-scroll~232d3549.a5d14db00c230eb4fe5e.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
1 KB 17ms
16ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~channelSectionPage~curatedHomepage~frontPage~in-article-selector~permalinkPage~second-scroll~232d3549.a5d14db00c230eb4fe5e.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3eb737400ae32634cff88be84fea7a990181fb8007f8196e018f92ddf291ac26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27
via: 1.1 varnish
x-cache: HIT
content-length: 1056
x-amz-id-2: qBskZns+bO8C58H2CNMH/s7RTIkOtSgCuipKwD+x+pqtemyIg37qf7RoCncmNhDuu71F/pVrwVM=
x-served-by: cache-cdg20737-CDG
last-modified: Tue, 07 Dec 2021 19:54:33 GMT
server: AmazonS3
x-timer: S1639151529.048280,VS0,VE1
etag: "7fc2c3add94670fca9ccc58647be44ac"
vary: Accept-Encoding
x-amz-request-id: 2CP8SEMT0ZNA4HEZ
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~featuredPermalinkPage~frontPage~permalinkPage~searchPage~slideshowPermalinkPage~tagPage~vide~92fef241.81474a370bbd29f343fa.js Show response
x.kinja-static.com/assets/new-client/ 19 KB
6 KB 18ms
18ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~featuredPermalinkPage~frontPage~permalinkPage~searchPage~slideshowPermalinkPage~tagPage~vide~92fef241.81474a370bbd29f343fa.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

eee06c3cf62915b9e6c5f3ac310e5494ca71ce47d7a3c45b202c0054d6fa8781

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3
via: 1.1 varnish
x-cache: HIT
content-length: 6345
x-amz-id-2: HueDUlkJzDni7wSeR80SQ2lhWi1IukPIdjbjtVmH/ZznTgzGpAm6obXl0ymELQec0eDjyHkUEPU=
x-served-by: cache-cdg20737-CDG
last-modified: Wed, 01 Dec 2021 00:40:08 GMT
server: AmazonS3
x-timer: S1639151529.048496,VS0,VE1
etag: "f4b54bf0d4b7a354d34b1fd2ad7ccf71"
vary: Accept-Encoding
x-amz-request-id: 3WDRXH57KH7BTVDZ
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~permalinkPage.08fe50b74519ea4e489f.js Show response
x.kinja-static.com/assets/new-client/ 30 KB
8 KB 19ms
18ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~permalinkPage.08fe50b74519ea4e489f.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

654618d3af2d319ce964144b9740d3865c14a1c24f4ca15b44d26252b53c19db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117
via: 1.1 varnish
x-cache: HIT
content-length: 7589
x-amz-id-2: lAsUFKwPFatQ0LhXkbwz2BgIg5oVanYoCWLsB2AXHf+h1MTtg8eW/fIDcwRDmkSfTlgLKHC8t+M=
x-served-by: cache-cdg20737-CDG
last-modified: Mon, 06 Dec 2021 22:00:25 GMT
server: AmazonS3
x-timer: S1639151529.048684,VS0,VE1
etag: "5b3195bc706d430008c3a584cfc676a4"
vary: Accept-Encoding
x-amz-request-id: HKWGXJ8NVB7QAVGJ
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 permalinkPage.7cfcdad2c507f2758504.js Show response
x.kinja-static.com/assets/new-client/ 1 MB
184 KB 19ms
18ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/permalinkPage.7cfcdad2c507f2758504.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ee69a945ace16363ebea3645fc6b1d80401c6466aeec03a0bff83d22543755e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32
via: 1.1 varnish
x-cache: HIT
content-length: 188353
x-amz-id-2: 6RkhG9ac3MOoTmovjEDO/vfwkXkWcTrBpXm5alUqStcb/cN2zWK8R8UZrzw7mR5/GjDynMNKMOA=
x-served-by: cache-cdg20737-CDG
last-modified: Thu, 09 Dec 2021 16:50:36 GMT
server: AmazonS3
x-timer: S1639151529.054596,VS0,VE1
etag: "38f984f911127ad737c870048b74ff96"
vary: Accept-Encoding
x-amz-request-id: 32270Y4EYAMMK531
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 b-7b120a5-5cc3bd78.js Show response
tagan.adlightning.com/gomedia/ 73 KB
28 KB 8ms
8ms Script
application/javascript 65.9.68.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/b-7b120a5-5cc3bd78.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-20.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbfc2b42647f6516c8eec0e77080c859e071d453a500715f827629164e27bdaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 03:28:08 GMT
content-encoding: gzip
age: 8511842
x-cache: Hit from cloudfront
content-length: 28136
x-amz-meta-git_commit: 7b120a5
last-modified: Mon, 09 Aug 2021 19:39:59 GMT
server: AmazonS3
etag: "a1ca4a8c20dcc29ad9d8bfbabb76203d"
x-amz-version-id: gzpshRJPmol8DFHHAcWpVCq09TrC5pdT
via: 1.1 9570c3a1725c20e6faed117bbb74223b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 0oqGKozDm6R2CBV3iWLBp0aMsYlJkn-pf-ycEesYX7kRrZRZ-k90rA==

GET
H2 200 bl-0af0356-e41ba271.js Show response
tagan.adlightning.com/gomedia/ 41 KB
18 KB 13ms
13ms Script
application/javascript 65.9.68.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/bl-0af0356-e41ba271.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-20.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 48c79fbb76d0593333b01923064ee25bb1b5eab3ca48470a54743ebe856e8580

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 23:34:56 GMT
content-encoding: gzip
age: 58633
x-cache: Hit from cloudfront
content-length: 17879
x-amz-meta-git_commit: 0af0356
last-modified: Thu, 09 Dec 2021 22:53:44 GMT
server: AmazonS3
etag: "ef0fbff40b070bafe7034233323b6f4b"
x-amz-version-id: OCFacNQriye6WTfYaqSrxnv85HKKfVQe
via: 1.1 9570c3a1725c20e6faed117bbb74223b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: SYUOs_UvUBAIaXcOAkHgsUocel3P2P5i-NNjos_cOCbIhYQfa21fqQ==

GET
H2 200 gizmodo-json-config.585d10094aa0bfed673f.js Show response
x.kinja-static.com/assets/new-client/ 21 KB
2 KB 18ms
17ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/gizmodo-json-config.585d10094aa0bfed673f.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ce07894ef3fe92a4b8c09fef821f9fe7c93885bf17ebba244021a4cc94cc64c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44
via: 1.1 varnish
x-cache: HIT
content-length: 1690
x-amz-id-2: YmTjzDgp67odyJNa/2m1V7kYTwV5VutmM8PzWp63Wk8RO5j0LQbY4RMe7Xvp7PcRxSZpYV5TuMc=
x-served-by: cache-cdg20737-CDG
last-modified: Fri, 10 Dec 2021 13:41:36 GMT
server: AmazonS3
x-timer: S1639151529.161974,VS0,VE1
etag: "65d236f2b15dc9d8c327e67121aade80"
vary: Accept-Encoding
x-amz-request-id: GCEQAT74A3AYPFP3
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 prebid-js-prod.648c9f1b18132a1dccd7.js Show response
x.kinja-static.com/assets/new-client/ 365 KB
91 KB 18ms
18ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/prebid-js-prod.648c9f1b18132a1dccd7.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

10ee136aea127b01c75bf0a2783f28537c1cdc4c8d34a82000e3bfd9c03a4336

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33
via: 1.1 varnish
x-cache: HIT
content-length: 93040
x-amz-id-2: TYSAycv7W/5M4tegZlJa7tPcaUMOtog3N827NkiOpgf2gyqdJQISPlpcHMRKGfIrp8mmhLMpvb8=
x-served-by: cache-cdg20737-CDG
last-modified: Tue, 30 Nov 2021 17:00:30 GMT
server: AmazonS3
x-timer: S1639151529.162259,VS0,VE1
etag: "103f4a4405fce68864dd5c4c993bf788"
vary: Accept-Encoding
x-amz-request-id: KH2S8V5GA4FC2DWV
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 scroll.js Show response
static.scroll.com/js/ 17 KB
7 KB 42ms
7ms Script
application/javascript 199.232.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scroll.com/js/scroll.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8f1657223a1fef42e52e40a420a5597ba44cf2e4088a90b97969230cb7d2a760

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
age: 57911
x-guploader-uploadid: ADPycdvVAPpsgKV13SPK-fX1CNQ4fy1VNAjj0RpG0bupFyqVYFniPY13u-kRFmoSTqhQ-SgAdLoYmJuCYsFbQooM3-Vpo-VGpQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 6448
x-served-by: cache-hhn4069-HHN
last-modified: Thu, 04 Nov 2021 23:05:53 GMT
server: UploadServer
x-timer: S1639151529.229944,VS0,VE0
etag: "1a3ebebabf09bbd4a49ef06cdafcdcb2"
vary: Origin
x-goog-hash: crc32c=klABqg==, md5=Gj6+ur8Ju9SknvBs2vzcsg==
x-goog-generation: 1636067153734265
via: 1.1 varnish
expires: Fri, 10 Dec 2021 23:46:57 GMT
cache-control: public, max-age=0, s-maxage=86400
access-control-allow-credentials: true
x-goog-stored-content-length: 6448
accept-ranges: bytes
content-type: application/javascript
x-scrolljs: 3
x-cache-hits: 13612

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 40ms
11ms Script
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/x-kinja-static/assets/new-client/trackers.e83099c45d9bbdc69dde.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding: gzip
etag: 1e39d25f07f5619925357b752ab10d04
age: 496
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 008CAP3246CJAD6G9411
date: Fri, 10 Dec 2021 15:43:55 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: YZ6dFkgUVrxJqKuFAq_fhxh8hUVx9wvDmenaqX5244wFRaNBU-lYJg==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 43ms
9ms Script
application/x-javascript 2600:9000:2057:800:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:800:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 14:52:56 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:27:20 GMT
server: nginx
age: 3553
etag: W/"6179ee68-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: QJC4UkH9bUWL_Hinmcm-qukRhyENcNLrcDZlSSXovxYxS7HDIe3zNA==
expires: Fri, 10 Dec 2021 16:52:56 GMT

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://kinja-com.videoplayerhub.com/gallery.js
https://btloader.com/tag?h=kinja-com&upapi=true

11 KB
5 KB

95ms
45ms

Script
application/javascript

2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=kinja-com&upapi=true
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcf8e50405f3ddbccfe8bf32b5d6ea035086b0b31117a0fa9428176fe72b855f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray: 6bb7a3838d463750-MXP
date: Fri, 10 Dec 2021 15:52:09 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 517
etag: W/"16b3852ba1670c314c5ea4368c1484b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sVsPJQ3OqTamwGemVqRsSfxDTihK8axLtk9QiDfoZxP%2F5XBCSRjpuOaG3xPvNjorzcZ%2F%2BLabLiJpRtRzhBkKvw78xEu%2B6FSwA42QW20nS2ekOYDMkQNkFCpgesCjGHIBjC3UgTAFVe07A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800, must-revalidate
content-encoding: br

Redirect headers

date: Fri, 10 Dec 2021 15:52:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSUNIv6iR9Ig5aNtm7B4S9EXBkgzgsdNBiynrZq6iTgMizRshAFA%2F04yJ6RBIx0Gvt%2Ffz%2BCxsMqqXGDBs5w73be5nCR6XmYXcXXkGovfjyAckPFsyZFgTIBNYc%2BVmrEUw7FfgwgTQmXoMrQJuJrCDCDgwvQyr2iMC7s%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=kinja-com&upapi=true
cache-control: max-age=3600
cf-ray: 6bb7a381cb7b59f5-MXP
expires: Fri, 10 Dec 2021 16:52:09 GMT

GET
H2 200 i.js Show response
tag.bounceexchange.com/3589/ 20 KB
10 KB 49ms
10ms Script
text/plain 34.120.253.250
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.bounceexchange.com/3589/i.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: 0b27e7babe4a89efc77bf398e23504abf4e4c1141aeb1895f87ffdfbda2f4604

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:51:50 GMT
content-encoding: gzip
server: fasthttp
age: 19
etag: 83d3abee5ba69a
content-type: text/plain; charset=utf-8
via: 1.1 google
cache-control: public,max-age=60
x-region: us-central1
timing-allow-origin: *
alt-svc: clear
content-length: 9442
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 26ms
8ms Script
application/javascript 13.35.253.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 08:07:35 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 113012
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: NOBCm7GjM60JjcvmitdKbzqd0G3vYOHrEz6d4MPOrbjE0tEJ16ttzg==

GET
H2 200 publisher_kit.js Show response
cdn.britepool.com/ 133 KB
43 KB 41ms
10ms Script
text/javascript 143.204.209.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.britepool.com/publisher_kit.js?api_key=6e9e2b90-3709-4afb-a9f8-3586da6c7fb3
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-34.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 61ccb8c3252e27a327becaf9318517719a131160e0bc05659b0d2493dc6e9245

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:24:08 GMT
content-encoding: gzip
last-modified: Wed, 06 Jan 2021 10:34:46 GMT
server: AmazonS3
age: 1682
etag: W/"84e9f71335e9b47a7fe8e0e75dd289da"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 61adf71a363fe0f836dc69dbb43de824.cloudfront.net (CloudFront)
cache-control: max-age=14400, public, immutable
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: QoAT3fsoHr3qGPSuR9LiL5Ac8hVe1DXm7Y1dR3SfLPlbP7hAYQVs9g==

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
261 B 108ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=5zq9nmk&ct=0:ngtk7da&fmt=3
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

OPTIONS
H2 200 native-message
sourcepoint.gizmodo.com/wrapper/tcfv2/v1/gdpr/ Frame 0
0 31ms
13ms Preflight
text/plain 143.204.209.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.gizmodo.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=5883e873-73eb-45d9-84c4-2cc80075d791&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1195%2C%22requestUUID%22%3A%225883e873-73eb-45d9-84c4-2cc80075d791%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsourcepoint.gizmodo.com%22%2C%22targetingParams%22%3A%22%7B%5C%22type%5C%22%3A%5C%22GDPR%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.209.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-209-91.fra53.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://gizmodo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/plain; charset=utf-8
content-length: 2
date: Fri, 10 Dec 2021 15:52:09 GMT
x-powered-by: Express
access-control-allow-origin: https://gizmodo.com
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
cache-control: no-cache, no-store
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: gkoxztAP1I3CTGd_Me-P2MzcAa9CxAqs1EZ9W6pvtkbL8383eGaRaA==

GET
H2 200 native-message Show response
sourcepoint.gizmodo.com/wrapper/tcfv2/v1/gdpr/ 31 KB
7 KB 22ms
21ms XHR
application/json 143.204.209.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sourcepoint.gizmodo.com
URL: https://sourcepoint.gizmodo.com/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.209.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-209-91.fra53.r.cloudfront.net

Software

/ Express

Resource Hash

f790443e2488ff49c5759ce699ff0c307c4bfa3aa50e0e4407d7555b89662f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gizmodo.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-cache: Miss from cloudfront
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: LriTWKzDVXpCNsKJfnpTSqpWaTGYUUYUETLHqgdibOlDeAIr30ZN5g==
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
529 B 53ms
15ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://gizmodo.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 22ms
20ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Dec 2021 15:52:09 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 256 B
154 B 30ms
16ms XHR
application/json 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gizmodo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

8e5561695a575ccc21b2a32a74de81cadf861ea91df101aa196a064bb9373904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129
x-xss-protection: 0
expires: Fri, 10 Dec 2021 15:52:09 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 96 KB
37 KB 69ms
19ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-W523ND3

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TH42LHK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6f1a0a066d6fc6486b1f8dfa736395561b5418ae2722332bd7169a9d9f19a7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37574
x-xss-protection: 0
expires: Fri, 10 Dec 2021 15:52:09 GMT

GET
H/1.1 200
OK gizmodo.js Show response
static.narrativ.com/tags/ 151 KB
42 KB 37ms
10ms Script
application/javascript 13.32.22.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.narrativ.com/tags/gizmodo.js
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-58.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 920f81ce63ed8dbfecd40a07c308a94494c3f5cf9e80f4ce3a70c11a964c9ce8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 15:47:29 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 15 Nov 2021 21:34:47 GMT
Server: AmazonS3
Age: 332
ETag: W/"95a6b5fd07cfb2a7c61dacd1655b124b"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Cf-Id: jj6BfKSy7RpbBv_VjFb9EB_YwlQGzAxl6OkYDTm3iVjzeLpSEWmrig==

GET
H2 200 gomedia_015a5_gizmodo.js Show response
cdn-magiclinks.trackonomics.net/client/static/v2/ 71 KB
21 KB 45ms
8ms Script
text/javascript 2600:9000:211e:9200:1d:8c8c:47c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/gomedia_015a5_gizmodo.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9200:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash: 906e77ee494b3ef981722f67dc7dac022fd5091c9ec57464442ca25eba168de6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 03:00:49 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 11:24:34 GMT
server: Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
age: 46280
etag: W/"11c53-5cb016d67a45c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: O225RM8BULFdRukYEaTCPM4AjeRppuziw-pvawpyAIHCet3P0xNKYg==
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)

GET
H2 200 sync Show response
gum.criteo.com/ 53 B
366 B 54ms
17ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?r=2&c=321&j=window.advBidxc.crt&gdpr=1&gdpr_consent=&us_privacy=&gdpr_pd=0

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUL2TG3D&version=5.1&dn=gizmodo.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d236e1af7b71e2ccd2d2fab9d9ba66893d95c884663688306742f8934aec7594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 10 Dec 2021 15:52:08 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1719
content-length: 169
expires: 60

GET
H2 200 tcb.js Show response
contextual.media.net/ 13 KB
7 KB 48ms
39ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/tcb.js?&cb=window.advBidxc.nativetemplatefetch&req=T31K017_300x250&v=1

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUL2TG3D&version=5.1&dn=gizmodo.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7670a805f802d0ec1186acf112f3cf5614dd1d7b0616f1339a0376c711b91296

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Fri, 10 Dec 2021 15:52:09 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=76834
content-length: 7107
expires: Sat, 11 Dec 2021 13:12:43 GMT

GET
H2 200 4 Show response
gizmodo.com/api/profile/blog/ 4 KB
2 KB 97ms
96ms Fetch
application/json 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/api/profile/blog/4

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/permalinkPage.7cfcdad2c507f2758504.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

81584efa9b869e9b6e809755463cbc348c6df3c202ceb7a2c95fb94102ca0d23

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 11
x-cache: HIT, MISS
x-ua-device: desktop
x-kinja: kinja-profile-kube02-7555d676cf-qffr7 #183
x-cdn-fetch: mantle-origin-cache
content-length: 1623
x-xss-protection: 1; mode=block
x-served-by: cache-bwi5160-BWI, cache-cdg20737-CDG
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1639151529.434595,VS0,VE77
x-frame-options: DENY
date: Fri, 10 Dec 2021 15:52:09 GMT
vary: Accept-Encoding,Origin, Authorization, X-Valid-Scroll-User
content-type: application/json
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 playlist Show response
gizmodo.com/api/videoupload/ 43 KB
6 KB 17ms
17ms Fetch
application/json 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/api/videoupload/playlist

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/permalinkPage.7cfcdad2c507f2758504.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3b955a6a6cb618cdffceb35e899aa3315cbbbc653c078da04c6c8ff307eed07f

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' https://i.kinja-img.com https://v.kinja-static.com; default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: img-src 'self' https://i.kinja-img.com https://v.kinja-static.com; default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 37
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja: kinja-videoupload-kube03-54bddccbd9-p8wwm #202
x-cdn-fetch: mantle-default
content-length: 6012
x-xss-protection: 1; mode=block
x-served-by: cache-bwi5131-BWI, cache-cdg20737-CDG
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1639151529.453990,VS0,VE1
x-frame-options: DENY
date: Fri, 10 Dec 2021 15:52:09 GMT
vary: Accept-Encoding,Origin, Authorization, X-Valid-Scroll-User
content-type: application/json
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 1

GET
H2 200 vendors~channelSectionPage~commerceDashboardClient~curatedHomepage~customHeader~login~lunchbox-read-~d9102632.051f84b55cf6d204a79d.js Show response
x.kinja-static.com/assets/new-client/ 16 KB
4 KB 18ms
17ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~channelSectionPage~commerceDashboardClient~curatedHomepage~customHeader~login~lunchbox-read-~d9102632.051f84b55cf6d204a79d.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0e4a68c3e4e1420435a34e864b38059d479f0240cfc39e68d37cf06ba4b6fda7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40
via: 1.1 varnish
x-cache: HIT
content-length: 4112
x-amz-id-2: lZgazFxUknC3mBa7/Goh3KLZXjIChRppQNQTOM9izVleeJBP1KMrhALmhtGywjvyyLK7ceSFGkE=
x-served-by: cache-cdg20737-CDG
last-modified: Wed, 01 Dec 2021 00:40:08 GMT
server: AmazonS3
x-timer: S1639151529.454504,VS0,VE1
etag: "a3806bd771a99bcc758357eb5f123917"
vary: Accept-Encoding
x-amz-request-id: JQWXR9VVXWWJQM4G
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 homepage-edit~lunchbox-read-only-component~recent-video.2e01b0c700b64f5a4ce5.js Show response
x.kinja-static.com/assets/new-client/ 9 KB
3 KB 17ms
17ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/homepage-edit~lunchbox-read-only-component~recent-video.2e01b0c700b64f5a4ce5.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

316f1c1fa4ffe57bdec1dd009527992bbde3776fd78e6589f5f0c4bfbd67f90d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117
via: 1.1 varnish
x-cache: HIT
content-length: 2433
x-amz-id-2: cY4qLFqP4v1ivYM11zPIROsjw1DCjvJ4dZ7/cqsRlKrxeQl206WT7Fr8MKzws0DyzPQDV3Z2vhI=
x-served-by: cache-cdg20737-CDG
last-modified: Thu, 09 Dec 2021 22:04:48 GMT
server: AmazonS3
x-timer: S1639151529.454710,VS0,VE1
etag: "9134aca57f1664e989481cf3e87bbc0a"
vary: Accept-Encoding
x-amz-request-id: 4KT2TEDA9PZ3KK99
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 recent-video.8aa2e76e2b94e89c9909.js Show response
x.kinja-static.com/assets/new-client/ 28 KB
7 KB 17ms
17ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/recent-video.8aa2e76e2b94e89c9909.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fd70914ddca40de1a059d7c7d80255aaa82345f8ce2b9c20c41dc801591b0d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49
via: 1.1 varnish
x-cache: HIT
content-length: 6809
x-amz-id-2: sba7sw/VwPYgylE78rQfNo6psmlOSruUzfmw+hapmRzf4gBXIhdh+eeCEd/kdDBXjSxCVWhqclQ=
x-served-by: cache-cdg20737-CDG
last-modified: Mon, 06 Dec 2021 22:00:24 GMT
server: AmazonS3
x-timer: S1639151529.454859,VS0,VE1
etag: "d9b8a851370f29a1ef8ead081b3b50e3"
vary: Accept-Encoding
x-amz-request-id: 9TF58JV4HWV54EMD
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

POST
H2 200 event.js
gizmodo.com/api/kala/t/ 159 B
564 B 95ms
95ms Ping
application/json 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/api/kala/t/event.js?e=eyJibG9nSWQiOiI0IiwiY29udGV4dElkIjoiMTg0ODE1NjYzMCIsInRhcmdldElkIjoiMTg0ODE1NjYzMCIsImNvbnRleHRUeXBlIjoiUEVSTUFMSU5LIiwiZXZlbnRUeXBlIjoiUEVSTUFMSU5LX1ZJRVciLCJ0YXJnZXRUeXBlIjoiUE9TVCIsImV2ZW50QXR0cmlidXRlcyI6eyJibG9nTmFtZSI6Imdpem1vZG8uY29tIiwiaXNMb2dnZWRJbiI6MCwiYXV0aG9ySWQiOiI1ODc2MjM3MjQ5MjM5ODYzMDEyIiwidW5pcXVlIjp0cnVlfSwiZXZlbnRBdHRyaWJ1dGVzRXh0ZW5kZWQiOnsicmVzcG9uc2l2ZVZlcnNpb24iOiIxMzY0KyIsImRldmljZUNhdGVnb3J5IjoiZGVza3RvcCIsImFkQmxvY2siOiJhZGJsb2NrIG9mZiIsInNjcm9sbFBvc2l0aW9uIjowLCJ0YWdzIjpbInRvciIsImVudGVydGFpbm1lbnRjdWx0dXJlIiwibnVzZW51IiwiY3J5cHRvZ3JhcGh5IiwiZGFya3dlYiIsInRoZXRvcnByb2plY3QiLCJjcm9zc3BsYXRmb3Jtc29mdHdhcmUiLCJuZXR3b3JrYXJjaGl0ZWN0dXJlIiwiY29tcHV0aW5nIiwiaW50ZXJuZXRwcml2YWN5IiwidGVjaG5vbG9neWludGVybmV0Iiwib25pb25yb3V0aW5nIiwiY29tcHV0ZXJuZXR3b3JraW5nIl0sInJlY2lyY0dyb3VwIjoiZm1nTm9uU2F0aXJlIn19&cb=537

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/permalinkPage.7cfcdad2c507f2758504.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4fe5e3d1ad166ce8333a12c05a3fa4c2aed581527fab7688ecb54961a4e37388

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-ua-device: desktop
x-kinja: kinja-kala-kube02-85bbbc84c4-5kggw #68
x-cdn-fetch: mantle-setcookie
content-length: 152
x-xss-protection: 1; mode=block
x-served-by: cache-bwi5175-BWI, cache-cdg20737-CDG
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1639151529.467401,VS0,VE79
x-frame-options: DENY
date: Fri, 10 Dec 2021 15:52:09 GMT
vary: Accept-Encoding,Origin
content-type: application/json
access-control-allow-origin: https://gizmodo.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/gomedianetwork/ 267 KB
29 KB 33ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/gomedianetwork/loader.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5625ad95d548433e103b033f5868927f1e752dff3145f34e1f3458da17f320d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 8yRUh5di9zjDMFbDat1v.EcOEzi3PBhP
content-encoding: gzip
etag: "ea8980d2852f148e98eb41e6f502229f"
age: 7195
x-cache: HIT
content-length: 28790
x-amz-id-2: aOoELdTlJM2W6n3ZiYXk5BwwiHllylwD22IEKJWzGCS0AffT+poR45IYHPwS9YOnWaf30i+qwY4=
x-served-by: cache-hhn4032-HHN
last-modified: Thu, 09 Dec 2021 10:30:25 GMT
server: AmazonS3
x-timer: S1639151529.465475,VS0,VE0
date: Fri, 10 Dec 2021 15:52:09 GMT
vary: Accept-Encoding
x-amz-request-id: FFCBDFJKWGWCVG7J
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 60
x-cache-hits: 9

GET
H2 200 vendors~commentsIframe~lunchbox-read-only-component~related-stories~search~second-scroll-container~s~d5a84952.e4c09ade024b6880e66b.js Show response
x.kinja-static.com/assets/new-client/ 8 KB
3 KB 16ms
16ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~commentsIframe~lunchbox-read-only-component~related-stories~search~second-scroll-container~s~d5a84952.e4c09ade024b6880e66b.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

56ee6baa44de05f18ccfca8879f1f2da2fa33b83833ab967b64a6ce68d951551

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69
via: 1.1 varnish
x-cache: HIT
content-length: 2690
x-amz-id-2: 1+c+pq1qv7KaoV4scBrHpjnWjz7I8cwDgUSfEaWjTu0ARPmYS6Ru8FWkOclZLu9MyrojCcLoKrw=
x-served-by: cache-cdg20737-CDG
last-modified: Mon, 06 Dec 2021 22:00:25 GMT
server: AmazonS3
x-timer: S1639151529.469733,VS0,VE1
etag: "6d501de3a02ba11684c9e9971788fc6e"
vary: Accept-Encoding
x-amz-request-id: 8HETN1CX5HT9ZYG3
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~commentsIframe.e1a405c2474eb3bd589e.js Show response
x.kinja-static.com/assets/new-client/ 26 KB
5 KB 17ms
16ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~commentsIframe.e1a405c2474eb3bd589e.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d5b6396ac66c7ae1dc534e3735b6c1e2fad134bd8011a99bc97313ea1c31b103

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14
via: 1.1 varnish
x-cache: HIT
content-length: 5076
x-amz-id-2: KCFkm3K5QNlZv3Vp5PKHlQHNY9h3RPy1kLAc4hQQjCu5T7xEBVFOg65VZL5he8PzmoAKV8SZbKw=
x-served-by: cache-cdg20737-CDG
last-modified: Tue, 07 Dec 2021 12:46:09 GMT
server: AmazonS3
x-timer: S1639151529.469979,VS0,VE1
etag: "5fc12da276a291e5bea05bca0646ec2a"
vary: Accept-Encoding
x-amz-request-id: 710PKK64VJY6RE29
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 YMALModule~commentsIframe~homepage-edit~lunchbox-read-only-component~related-stories~search~second-s~73bba67a.c7104271fb3def798bbf.js Show response
x.kinja-static.com/assets/new-client/ 10 KB
3 KB 17ms
17ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/YMALModule~commentsIframe~homepage-edit~lunchbox-read-only-component~related-stories~search~second-s~73bba67a.c7104271fb3def798bbf.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3def86f9af701a63363e5f2ca4da3f7d5f26383b84de45bc99d381ed2a5eb7f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14
via: 1.1 varnish
x-cache: HIT
content-length: 2763
x-amz-id-2: +3xc8JRu1Wew42mq++4wY2bdh1//H7Jd8enQ3FdIX11V2KcWTSECqTAXYV+0QJj0C1fuA4gbGio=
x-served-by: cache-cdg20737-CDG
last-modified: Wed, 17 Nov 2021 10:52:25 GMT
server: AmazonS3
x-timer: S1639151529.470328,VS0,VE1
etag: "533212db8a965d29190cd1c798fd9dad"
vary: Accept-Encoding
x-amz-request-id: XXQAMY42R8CYVVVD
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 slideshow.296e576c2f4c39fa1b86.js Show response
x.kinja-static.com/assets/new-client/ 45 KB
9 KB 18ms
17ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/slideshow.296e576c2f4c39fa1b86.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e794e365894861fb8507752149f71f21e6651ebb57af15df39612b2c453da316

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32
via: 1.1 varnish
x-cache: HIT
content-length: 9096
x-amz-id-2: bQ8ha6NyAO6zo2iuRZCM+GhjYJxJy4SY7pZtIYApSRIiD6p1q6n8w66esnXo3ayyBwL/PCWX2wI=
x-served-by: cache-cdg20737-CDG
last-modified: Thu, 09 Dec 2021 22:04:49 GMT
server: AmazonS3
x-timer: S1639151529.473676,VS0,VE1
etag: "b6f445d68dcc1b6be4bc6679d665d6f1"
vary: Accept-Encoding
x-amz-request-id: KHE9KHKA3Y73TA0Q
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 commentsIframe~lunchbox-read-only-component~related-stories~search~second-scroll-container~special-s~261de0c4.a5a8a5724c304c287a07.js Show response
x.kinja-static.com/assets/new-client/ 198 KB
40 KB 18ms
18ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/commentsIframe~lunchbox-read-only-component~related-stories~search~second-scroll-container~special-s~261de0c4.a5a8a5724c304c287a07.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

04fb64f756936decdca4d9f6b3f524a0add612070c057904b6d48542a7751fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3
via: 1.1 varnish
x-cache: HIT
content-length: 40423
x-amz-id-2: 42xJ8BjIoib1sidGQkHR8U0H0W89g6Lbk3DnVHGH8jErvaaej9lM0doFJaDMqjIog7SSKp8L+B0=
x-served-by: cache-cdg20737-CDG
last-modified: Thu, 09 Dec 2021 22:04:47 GMT
server: AmazonS3
x-timer: S1639151529.473811,VS0,VE1
etag: "55d6fb99294226c492c8c9f9662345f9"
vary: Accept-Encoding
x-amz-request-id: 9RZB8D28GVD6BQ02
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 commentsIframe~related-stories~search~second-scroll-container~splice-editor.bee4f9bb3a3abf04a740.js Show response
x.kinja-static.com/assets/new-client/ 6 KB
2 KB 20ms
19ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/commentsIframe~related-stories~search~second-scroll-container~splice-editor.bee4f9bb3a3abf04a740.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

acb7edb8909b961fdcd5aa5202a5d85fe2abf36b4cc501651c2c07533cde99ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69
via: 1.1 varnish
x-cache: HIT
content-length: 1658
x-amz-id-2: esuEDgDqkp0DYh+aaC0skFQwO4D7LnVuocbJMks/gOH0SU/hLd7icUAFZTtiCKtpfsABd4W/+XA=
x-served-by: cache-cdg20737-CDG
last-modified: Thu, 09 Dec 2021 22:04:48 GMT
server: AmazonS3
x-timer: S1639151529.474070,VS0,VE1
etag: "4be19f549b8d467ecc099af2759e8cc7"
vary: Accept-Encoding
x-amz-request-id: KHE1CMSJ9TR0PTBA
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 commentsIframe.1a3e3960ea6df0a552bb.js Show response
x.kinja-static.com/assets/new-client/ 16 KB
4 KB 18ms
18ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/commentsIframe.1a3e3960ea6df0a552bb.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

29ba0a849861f7782447f23e2e40791c3be2992cd5e0a4320187b7fb3af4e41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97
via: 1.1 varnish
x-cache: HIT
content-length: 4345
x-amz-id-2: isezH+JpHSbtwC7aZ2OMov64y59/pcVdkVHclS7aayYj2YYkl9WMfrtX9YhUdVSGMugLsOrsVss=
x-served-by: cache-cdg20737-CDG
last-modified: Wed, 08 Dec 2021 19:30:08 GMT
server: AmazonS3
x-timer: S1639151529.489599,VS0,VE1
etag: "033c0366d3e5e6b733009b1e90f16f52"
vary: Accept-Encoding
x-amz-request-id: SYXGXG6FWG7AV6MA
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H/1.1 200
OK any Show response
idx.liadm.com/idex/ie/ 206 B
683 B 412ms
99ms XHR
application/json 52.86.156.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/ie/any

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.86.156.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-156-15.compute-1.amazonaws.com

Software

Resource Hash

7bb1875751a9969744ec9117961a5aed810cf817126b104f800d8034af9e0020

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 10 Dec 2021 15:52:09 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/json
Access-Control-Allow-Origin: https://gizmodo.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
trace-id: 632d924b56480516
Content-Length: 206

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 2 B
164 B 347ms
126ms XHR
application/json 184.73.243.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=GOMEDIA&sv_domain=gizmodo.com
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.243.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-243-156.compute-1.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://gizmodo.com
date: Fri, 10 Dec 2021 15:52:09 GMT
access-control-allow-credentials: true
server: nginx/1.20.1
content-length: 2
vary: Origin
content-type: application/json

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
386 B 31ms
31ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183957&gdpr=1&gdpr_consent=CPQ-t_-PQ-t_-AGABCENB5CgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: aecf95e8a2999fb041d5553b1fc8c17ca8328bbd6d89ad5ce4124f996be462fc

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gizmodo.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 09 Jan 2022 15:52:09 GMT

GET
H2 204 identity Show response
api.rlcdn.com/api/ 0
211 B 42ms
15ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope&cv=CPQ-t_-PQ-t_-AGABCENB5CgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&ct=4
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://gizmodo.com
date: Fri, 10 Dec 2021 15:52:09 GMT
via: 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc: clear
access-control-allow-methods: GET, OPTIONS

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
458 B 51ms
14ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://gizmodo.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 rtbsspub
cdn-geuw1-xch.media.net/AdExchange/ 23 KB
2 KB 86ms
34ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-geuw1-xch.media.net/AdExchange/rtbsspub?&prvReqId=24422762679422611639151529304&gdpr=1&gdprconsent=0&cid=8CUL2TG3D&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=283886783*23%7C728x90~970x250~970x90%7C1722916%7C18816271~18816271~18816271%7C%7C%7C1%40283886783*29%7C728x90~970x250~970x90%7C12156%7C317126_1626162_2~317126_1626162_45~317126_1626162_57%7C%7C%7C1%40283886783*106%7C728x90~970x250~970x90%7C541006788%7C541006797~541006797~541006797%7C%7C%7C1%40283886783*145%7C728x90~970x250~970x90%7C100600%7C499199~499199~499199%7C0.4%7C%7C1%40283886783*172%7C728x90~970x250~970x90%7C8CUL2TG3D%7C18685548~18685548~18685548%7C0.33%7C%7C1%40283886783*175%7C728x90~970x250~970x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C0.43%7C%7C1%40283886783*201%7C728x90~970x250~970x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C0.37%7C%7C1%40283886783*203%7C728x90~970x250~970x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C0.27%7C%7C1%40283886783*222%7C728x90~970x250~970x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C0.37%7C%7C1%40283886783*236%7C728x90~970x250~970x90%7C159463%7C2927740_715385~2927740_715385~2927740_715385%7C0.33%7C%7C1%40283886783*246%7C728x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D%7C%7C%7C1%40283886783*251%7C970x250~970x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.9514596750038125&tscode=1&crid=283886783&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fgizmodo.com&https=1&requrl=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=7656&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9ffc65524e6f92146a89b60c6b9ea2f439cb5358834f848702e5f979dd63ded3

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://gizmodo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Fri, 10 Dec 2021 15:52:09 GMT

GET
H2 200 rtbsspub
cdn-geuw1-xch.media.net/AdExchange/ 14 KB
2 KB 83ms
32ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-geuw1-xch.media.net/AdExchange/rtbsspub?&prvReqId=74474100863425641639151529308&gdpr=1&gdprconsent=0&cid=8CUL2TG3D&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=283886783*23%7C728x90~970x250~970x90%7C1722916%7C18816271~18816271~18816271%7C%7C%7C1%40283886783*29%7C728x90~970x250~970x90%7C12156%7C317126_1626162_2~317126_1626162_45~317126_1626162_57%7C%7C%7C1%40283886783*106%7C728x90~970x250~970x90%7C541006788%7C541006797~541006797~541006797%7C%7C%7C1%40283886783*172%7C728x90~970x250~970x90%7C8CUL2TG3D%7C18685548~18685548~18685548%7C0.33%7C%7C1%40283886783*222%7C728x90~970x250~970x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C0.37%7C%7C1%40283886783*236%7C728x90~970x250~970x90%7C159463%7C2927740_715385~2927740_715385~2927740_715385%7C0.33%7C%7C1%40283886783*251%7C970x250~970x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.024979089028414725&tscode=1&crid=283886783&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fgizmodo.com&https=1&requrl=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=7656&act=cache&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dc9a4e24a1ca0c02f08209e8021c6547a3a2a4c0b9d545e9cf66e96bf3b683a8

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://gizmodo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Fri, 10 Dec 2021 15:52:09 GMT

POST
H2 200 check Show response
connect.scroll.com/embed/ 0
1 KB 138ms
115ms XHR
application/json 35.201.100.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.scroll.com/embed/check

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.100.179 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

179.100.201.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

default-src https: 'unsafe-eval' 'unsafe-inline'; child-src blob:;frame-ancestors https: http:; object-src 'none'; img-src 'self' https://*.scroll.com https://logo-scroll.imgix.net https://u-scroll.imgix.net https://pub-scroll.imgix.net https://scroll-static.imgix.net https://scroll.imgix.net https://logo-scratch-scroll.imgix.net https://www.google-analytics.com https://www.googletagmanager.com https://*.stripe.com data: https://static.scroll.com https://assets.scroll.com https://scroll.com; connect-src 'self' https://api.stripe.com https://checkout.stripe.com https://sentry.io https://o74190.ingest.sentry.io https://www.google-analytics.com https://fonts.googleapis.com https://*.scroll.com https://static.scroll.com https://api.scroll.com/v1/; frame-src 'self' https://js.stripe.com https://hooks.stripe.com https://checkout.stripe.com https://accounts.google.com https://static.scroll.com https://assets.scroll.com https://scroll.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com/ https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com https://scroll.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com; script-src 'self' 'unsafe-inline' https://js.stripe.com/v3/ https://checkout.stripe.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://browser.sentry-cdn.com https://static.scroll.com https://assets.scroll.com 'nonce-null' 'strict-dynamic';

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://gizmodo.com
access-control-allow-credentials: true
content-security-policy: default-src https: 'unsafe-eval' 'unsafe-inline'; child-src blob:;frame-ancestors https: http:; object-src 'none'; img-src 'self' https://*.scroll.com https://logo-scroll.imgix.net https://u-scroll.imgix.net https://pub-scroll.imgix.net https://scroll-static.imgix.net https://scroll.imgix.net https://logo-scratch-scroll.imgix.net https://www.google-analytics.com https://www.googletagmanager.com https://*.stripe.com data: https://static.scroll.com https://assets.scroll.com https://scroll.com; connect-src 'self' https://api.stripe.com https://checkout.stripe.com https://sentry.io https://o74190.ingest.sentry.io https://www.google-analytics.com https://fonts.googleapis.com https://*.scroll.com https://static.scroll.com https://api.scroll.com/v1/; frame-src 'self' https://js.stripe.com https://hooks.stripe.com https://checkout.stripe.com https://accounts.google.com https://static.scroll.com https://assets.scroll.com https://scroll.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com/ https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com https://scroll.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com; script-src 'self' 'unsafe-inline' https://js.stripe.com/v3/ https://checkout.stripe.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://browser.sentry-cdn.com https://static.scroll.com https://assets.scroll.com 'nonce-null' 'strict-dynamic';
alt-svc: clear
content-length: 0

GET
BLOB 200
OK bd43f8a2-0393-461d-b094-e7fa5de6cb2d
https://gizmodo.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gizmodo.com/bd43f8a2-0393-461d-b094-e7fa5de6cb2d
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 792a936cb47c77f21212f115ff53ca5d.png
i.kinja-img.com/gawker-media/image/upload/c_fit,f_auto,g_center,pg_1,q_60,w_965/ 38 KB
39 KB 18ms
18ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fit,f_auto,g_center,pg_1,q_60,w_965/792a936cb47c77f21212f115ff53ca5d.png
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ecdbaa267d84e1443f8fc7ac62f0450871f8c5c6b89511c2081b0a60993f705c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: xk4Si5QfT6TtzXrYYnWA0zeISDlbvCYU
via: 1.1 varnish, 1.1 varnish
etag: "4WMCbkuQdpngZy4FJcm1IczvsXOlOdUzuF3aQonxrQU"
age: 1754229
x-cache: HIT, HIT
fastly-io-info: ifsz=169711 idim=3291x1852 ifmt=png ofsz=38970 odim=965x543 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 38970
x-amz-id-2: houqxYOn5p5IU+BFyTh1+Z/kYeVMM65eBppTiG9guK6glfZ5aSmb+auFJ+8MpLcZc1td13raYHE=
x-served-by: cache-bwi5128-BWI, cache-cdg20737-CDG
server: AmazonS3
x-timer: S1639151530.571689,VS0,VE1
date: Fri, 10 Dec 2021 15:52:09 GMT
vary: Accept
x-amz-request-id: A0HANKYJC89M7D1W
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&format=png&frame=1&quality=60&width=965
accept-ranges: bytes
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 ijs_all_modules_cjs_min_bd765e9186bd0185382e4cdd178742b3.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 616 KB
151 KB 39ms
10ms Script
text/javascript 34.98.72.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_bd765e9186bd0185382e4cdd178742b3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: fcbee465c96419ed115adfaf5eec6f3c1ed2abead430e6e2ff64496a9abaf27c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 15:39:17 GMT
content-encoding: gzip
age: 173572
x-guploader-uploadid: ADPycds3jFvgn-1tGBrE14zgu3zggyErrE2hgXH96zS3dkWBOnu8qfncANOtuWfbtdoA6oCX_tzUi9Gvek6ChxX3RIqIlXRqxg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 154307
last-modified: Wed, 08 Dec 2021 15:39:08 GMT
server: UploadServer
etag: "ad9689776aca0364462e74c47b275e1b"
vary: Accept-Encoding
x-goog-hash: crc32c=1DG9rw==, md5=rZaJd2rKA2RGLnTEeydeGw==
x-goog-generation: 1638977948378399
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 154307
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 08 Dec 2022 15:39:17 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 303ms
98ms Image
image/gif 23.22.200.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=gizmodo.com&p=%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&u=D2gVqNBozqXNzA27h&d=gizmodo.com&g=3012&g0=gizmodo.com&g1=Lucas%20Ropek&n=1&f=00001&c=0&x=0&m=0&y=13238&o=1776&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=929&t=DjzfgX9k6AWB-EV0hBbCHwF6HAFm&V=129&i=Someone%20Is%20Running%20Hundreds%20of%20Malicious%20Servers%20on%20the%20Tor%20Network%20and%20Might%20Be%20De-Anonymizing%20User&tz=0&sn=1&sv=Cdoy7RBWbSaVBXbVxe1mutyDdsqzT&sd=1&im=067b0ff3&_
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.200.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-200-199.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:09 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
310 B 8ms
8ms XHR
text/plain 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3076&u=https%3A%2F%2Fgizmodo.com
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 10:54:12 GMT
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
server: Server
age: 17876
x-cache: Hit from cloudfront
access-control-allow-origin: https://gizmodo.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: Z8k7HheTjvQo3uZb9kpdelA0WtgTFt9Ug2kKP-jHCnBC1REUWqvZBw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 22ms
7ms XHR
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 44373
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
date: Fri, 10 Dec 2021 03:32:37 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: Mejb-2hmOCnTloqEDKqViVUu8SCPpWMvKo095d5acB76xCy6vUdXUw==

GET
H2 200 index.html Show response
sourcepoint.gizmodo.com/ Frame 8B94 4 KB
2 KB 8ms
8ms Document
text/html 143.204.209.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepoint.gizmodo.com/index.html?message_id=388523&consentUUID=6832426b-3564-4079-8a52-146935b3c409&requestUUID=5883e873-73eb-45d9-84c4-2cc80075d791&preload_message=true
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-91.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b16e4fdd3534e5df810787df45c2b8441ef95029ca125ab45d99f0bc68da9bc0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/

Response headers

content-type: text/html
last-modified: Thu, 18 Nov 2021 02:51:09 GMT
server: AmazonS3
content-encoding: gzip
date: Fri, 10 Dec 2021 14:54:55 GMT
etag: W/"89b8a4c9183b2e83d76d4204d34d51f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: QeNa1FN2TlCtnFgNvpC_FE1RQ1KwuO12BTRsthqNUfrSk7VvXBgR6Q==
age: 4863

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 30ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=658739742&t=pageview&_s=1&dl=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&ul=en-us&de=UTF-8&dt=Someone%20Is%20Running%20Hundreds%20of%20Malicious%20Servers%20on%20Tor%20Network&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAQCAC~&jid=1946493393&gjid=1930799168&cid=274705393.1639151530&tid=UA-142218-3&_gid=972793312.1639151530&_r=1&_slc=1&cd34=Tech&cd35=Privacy%20and%20Security&cd36=none&cd38=computer&cd39=none&cd40=-2&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=1848156630&cd75=Logged%20out&cd76=none&cd78=standard&cd80=2021-12-03&cd82=Someone%20Is%20Running%20Hundreds%20of%20Malicious%20Servers%20on%20the%20Tor%20Network%20and%20Might%20Be%20De-Anonymizing%20Users&cd83=article&cd94=tor&cd97=686&cd99=Lucas%20Ropek&cd101=gizmodo&cd103=tor%2Centertainmentculture%2Cnusenu%2Ccryptography%2Cdarkweb%2Cthetorproject%2Ccrossplatformsoftware%2Cnetworkarchitecture%2Ccomputing%2Cinternetprivacy%2Ctechnologyinternet%2Conionrouting%2Ccomputernetworking&cd105=Gizmodo&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=600%20-%20800&cd117=none&cd123=scroll&cd124=none&cd126=adblock%20off&cd130=allstatequarantine&cd131=article&z=238218342

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gizmodo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 26ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=658739742&t=pageview&_s=1&dl=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&ul=en-us&de=UTF-8&dt=Someone%20Is%20Running%20Hundreds%20of%20Malicious%20Servers%20on%20Tor%20Network&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAQCAC~&jid=688042501&gjid=299791143&cid=274705393.1639151530&tid=UA-142218-33&_gid=972793312.1639151530&_r=1&_slc=1&cd34=Tech&cd35=Privacy%20and%20Security&cd36=none&cd38=computer&cd39=none&cd40=-2&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=1848156630&cd75=Logged%20out&cd76=none&cd78=standard&cd80=2021-12-03&cd82=Someone%20Is%20Running%20Hundreds%20of%20Malicious%20Servers%20on%20the%20Tor%20Network%20and%20Might%20Be%20De-Anonymizing%20Users&cd83=article&cd94=tor&cd97=686&cd99=Lucas%20Ropek&cd101=gizmodo&cd103=tor%2Centertainmentculture%2Cnusenu%2Ccryptography%2Cdarkweb%2Cthetorproject%2Ccrossplatformsoftware%2Cnetworkarchitecture%2Ccomputing%2Cinternetprivacy%2Ctechnologyinternet%2Conionrouting%2Ccomputernetworking&cd105=Gizmodo&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=600%20-%20800&cd117=none&cd123=scroll&cd124=none&cd126=adblock%20off&cd130=allstatequarantine&cd131=article&z=1134526075

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gizmodo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6770184&ns__t=1639151529623&ns_c=UTF-8&cv=3.5&c8=Someone%20Is%20Running%20Hundreds%20of%20Malicious%20Servers%20on%20Tor%20Network&c7=https%3A%2F%2Fgizmod...
https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&ns__t=1639151529623&ns_c=UTF-8&cv=3.5&c8=Someone%20Is%20Running%20Hundreds%20of%20Malicious%20Servers%20on%20Tor%20Network&c7=https%3A%2F%2Fgizmo...

0
222 B

9ms
8ms

Image
text/plain

13.35.253.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&ns__t=1639151529623&ns_c=UTF-8&cv=3.5&c8=Someone%20Is%20Running%20Hundreds%20of%20Malicious%20Servers%20on%20Tor%20Network&c7=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&c9=
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Server: 13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: u0oWpvD-79wUuT1qCj_nkHQwD9NM9241o087uape2W2wDd0rT4Up0w==
x-cache: Miss from cloudfront

Redirect headers

date: Fri, 10 Dec 2021 15:52:09 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&ns__t=1639151529623&ns_c=UTF-8&cv=3.5&c8=Someone%20Is%20Running%20Hundreds%20of%20Malicious%20Servers%20on%20Tor%20Network&c7=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&c9=
content-length: 298
x-amz-cf-id: bRWVl63CZZNJnAD6fKAKDdYf637xh698n-1JKJEBiHe3vS-HjTXUVw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
490 B 40ms
40ms XHR
text/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&pid=F3lziltYJXkX9&cb=0&ws=1600x1200&v=7.71.1&t=1000&slots=%5B%7B%22sd%22%3A%22dfp-ad-1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x251%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Fgm.gizmodo%2F_top-banner%22%7D%5D&gdpre=1&gdprc=CPQ-t_-PQ-t_-AGABCENB5CgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.29.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-29-201.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: KGWWAFY986GR88AEYMG3
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://gizmodo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: xofsqzirbHoNvwCdK_UJ4SUyWJUrjhefBn0JYpguOoK7CVZuD_y-OQ==

GET
H2 200 config Show response
prebid.media.net/rtb/prebid/analytics/ 72 B
283 B 39ms
16ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid/analytics/config?cid=8CU74RYRS&dn=gizmodo.com
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: becaecc6663d091f14a00c80317ebc9fa3beeab411becf786f6df9f266192a6a

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://gizmodo.com
cache-control: max-age=900, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google
expires: Fri, 10 Dec 2021 16:07:09 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 330 B
450 B 33ms
17ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU74RYRS
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d0029cf36c9826a5fe5c4e2170133240b5451e63f497083034a666bbd611f213

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://gizmodo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 114ms
77ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96945a017373a17480a710f9dc0337&pos=top_banner_728x90&cmd=bid&secure=1
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 10d7b76f7e0f35f79b58037808e778a7b7dceee21d803dc91baf22c02b6e5681

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://gizmodo.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 117ms
80ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96945a017373a17480a710f9dc0337&pos=4-top-desktop79&cmd=bid&secure=1
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: b872b6a51e90554dad90c6b71ff30a9a74d55733643dbdc1887acc783f94047f

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://gizmodo.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 155ms
118ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96945a017373a17480a710f9dc0337&pos=4-top-desktop78&cmd=bid&secure=1
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 082688a5110752fd691628d88cf69ef8dbd561b8922944204406b1a71df0bac8

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://gizmodo.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
289 B 75ms
39ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96945a017373a17480a710f9dc0337&pos=gizmodo_top_banner_atf_970x90&cmd=bid&secure=1
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 9a0ca6f463a8210c6619561e05f9115395e97927ae3a464b6dac0ce6c791bcb7

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://gizmodo.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
327 B 184ms
154ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=726983&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2284ee2b4b89dc92%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A3%2C%22msi%22%3A3%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%229b8d11f8c2a3e5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22726983%22%2C%22sid%22%3A%22728%2C90x970%2C90%22%7D%2C%22banner%22%3A%7B%22w%22%3A%5B728%2C90%5D%2C%22h%22%3A%5B970%2C90%5D%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%229b8d11f8c2a3e5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22726983%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%229b8d11f8c2a3e5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22726983%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%229b8d11f8c2a3e5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22726983%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b78d601966c586196b0784ee0becb43269f8310dc90f3973f3897b0549b34b26

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:09 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.21], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://gizmodo.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 12
expires: Fri, 10 Dec 2021 15:52:09 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 231 B
461 B 114ms
38ms XHR
application/json 54.229.132.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-1,ss:%5B728.90,970.90,970.250%5D,p:/4246/gm.gizmodo/%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fgizmodo.com%252Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.132.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-132-88.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b5d76ce8413b4ed7998ad373788cd6bb1c137d4f35489031ecaefb26182ecf72

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
x-server-name: app13.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://gizmodo.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 arj Show response
fusion-media-group-d.openx.net/w/1.0/ 73 B
377 B 50ms
18ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fusion-media-group-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e6cf996f-e016-480c-8c62-cdf04ee302b0&nocache=1639151529785&aus=728x90%2C970x90%2C970x250&divids=dfp-ad-1&aucs=&auid=545727514
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 7191d479ed7098fddafe5a50fa92c52c6f52cdd3b0c1419f79c5baacb90f9634

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://gizmodo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
260 B 166ms
137ms XHR
application/json 52.28.103.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&tmax=1000

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.103.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-103-21.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:09 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gizmodo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 109ms
58ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gizmodo.com
date: Fri, 10 Dec 2021 15:52:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 204
No Content / Show response
hb.vhsrv.com/ 0
332 B 327ms
99ms XHR
text/html 159.203.149.85
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vhsrv.com/
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.149.85 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gizmodo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-methods: GET, POST
content-type: text/html

GET
H/1.1 200
OK hb Show response
sofia.trustx.org/ 2 B
305 B 707ms
126ms XHR
application/json 35.211.168.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://sofia.trustx.org/hb?pt=net&auids=238807&sizes=728x90%2C970x90%2C970x250&r=205f1b68c83eab2&wrapperType=Prebid_js&wrapperVersion=4.43.4&u=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&wtimeout=1000
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.211.168.6 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.168.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 10 Dec 2021 15:52:10 GMT
Server: nginx
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: https://gizmodo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 2

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
1 KB 221ms
146ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=392222&zone_id=2189040&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&tk_flint=pbjs_lite_v4.43.4&x_source.tid=e6cf996f-e016-480c-8c62-cdf04ee302b0&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7272724529463377
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 142f3bf1bca0c37e1182af44afe00c9b67c9f9d5bcffd263952521327156e568

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 15:52:09 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://gizmodo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 263
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
814 B 29ms
8ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

efd93be9d1e4c46c2ba4399060c7c6a069f74a80dff4382678dd1a866ca0f05b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 15:52:09 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 87dc1f85-9054-4dca-8696-2efb23335c10
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://gizmodo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
280 B 97ms
50ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=16960726613
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gizmodo.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
490 B 40ms
39ms XHR
text/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&pid=F3lziltYJXkX9&cb=1&ws=1600x1200&v=7.71.1&t=1000&slots=%5B%7B%22sd%22%3A%22dfp-ad-8%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F4246%2Fgm.gizmodo%2F_left_top%22%7D%5D&gdpre=1&gdprc=CPQ-t_-PQ-t_-AGABCENB5CgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.29.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-29-201.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: DFB3AKEF28K2T8RD2Z2K
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://gizmodo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: i4ULtncINS7F0bHTb9n9Vm6zFWtXFA6KkGvIus7nZS-N9_8rlkNWkw==

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
280 B 101ms
62ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=83692861170
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gizmodo.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 231 B
461 B 97ms
37ms XHR
application/json 54.229.132.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-8,ss:%5B300.250%5D,p:/4246/gm.gizmodo/%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fgizmodo.com%252Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.132.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-132-88.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3b8f91935bca9051d908c09faeb696058626846b9eb76a9baf3c9b6270247e07

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
x-server-name: app12.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://gizmodo.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H/1.1 200
OK hb Show response
sofia.trustx.org/ 2 B
305 B 682ms
113ms XHR
application/json 35.211.168.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://sofia.trustx.org/hb?pt=net&auids=238826&sizes=300x250&r=322ed9e382cf236&wrapperType=Prebid_js&wrapperVersion=4.43.4&u=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&wtimeout=1000
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.211.168.6 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.168.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 10 Dec 2021 15:52:10 GMT
Server: nginx
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: https://gizmodo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 2

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 95ms
58ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gizmodo.com
date: Fri, 10 Dec 2021 15:52:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 330 B
315 B 18ms
17ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU74RYRS
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 27cb1b3e0f95a82fe94c75859a6ca784ab63c7835b98134ffcfa8e3966ab562d

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://gizmodo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 154ms
85ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=392222&zone_id=2189028&size_id=15&p_pos=atf&rf=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&tk_flint=pbjs_lite_v4.43.4&x_source.tid=d0c4aab8-8109-4b04-aa3c-21b55da6dc96&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3714383022653256
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b1b93d55703d886dc21e38577c2f5d477a6eea948b2cdfd54384a200905db335

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 15:52:09 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://gizmodo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
261 B 53ms
42ms XHR
application/json 52.28.103.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&tmax=1000

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.103.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-103-21.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:09 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gizmodo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 arj Show response
fusion-media-group-d.openx.net/w/1.0/ 73 B
145 B 35ms
22ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fusion-media-group-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d0c4aab8-8109-4b04-aa3c-21b55da6dc96&nocache=1639151529804&aus=300x250&divids=dfp-ad-8&aucs=&auid=545727496
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 2fbbde414b78b924daeb68dde9a1af5e1c7f7ca0c4a17643482068d1725dbadc

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://gizmodo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
328 B 163ms
154ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=726977&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2244d3d1837f2ece9%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A1%2C%22msi%22%3A1%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224574c5c07697453%22%2C%22ext%22%3A%7B%22siteID%22%3A%22726977%22%2C%22sid%22%3A%22300%2C250xundefined%22%7D%2C%22banner%22%3A%7B%22w%22%3A%5B300%2C250%5D%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224574c5c07697453%22%2C%22ext%22%3A%7B%22siteID%22%3A%22726977%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fee348a732f1fac5a2594b06c069297d93be8524ee1f247d7cab4de83e6a6997

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:09 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.21], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://gizmodo.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Fri, 10 Dec 2021 15:52:09 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 177ms
161ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

ba19a457a3e4176f028464659e179a5c2e46a8addb3634184c5c6a972393d66f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 15:52:09 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 95a67966-d6bc-4989-b774-9316a6e3df64
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://gizmodo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content / Show response
hb.vhsrv.com/ 0
332 B 305ms
97ms XHR
text/html 159.203.149.85
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vhsrv.com/
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.149.85 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gizmodo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-methods: GET, POST
content-type: text/html

GET
H2

404

insync
thrtle.com/
Redirect Chain

https://px.britepool.com/new?partner_id=t
https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=897eb367-56be-47cb-92a2-724a5f3db2ff

0
0

313ms
102ms

Image
text/html

107.21.238.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=897eb367-56be-47cb-92a2-724a5f3db2ff
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Server: 107.21.238.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-238-20.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Date: Fri, 10 Dec 2021 15:52:10 GMT
Server: nginx
Vary: negotiate,Accept-Encoding
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=897eb367-56be-47cb-92a2-724a5f3db2ff
Cache-Control: no-cache, no-store, private
Tcn: Choice
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 0
X-Request-Id: 2fa2132c0626b75eed5cfd24f686bae0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 53 B
366 B 17ms
17ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?r=2&c=321&j=window.advBidxc.crt&gdpr=1&gdpr_consent=CPQ-t_-PQ-t_-AGABCENB5CgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&us_privacy=&gdpr_pd=0

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUL2TG3D&version=5.1&dn=gizmodo.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d236e1af7b71e2ccd2d2fab9d9ba66893d95c884663688306742f8934aec7594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 10 Dec 2021 15:52:09 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1843
content-length: 169
expires: 60

GET
H2 200 status Show response
script-api.ccgateway.net/ 105 B
215 B 301ms
98ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.ccgateway.net/status
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: d9f23619ed881ec26f0a846e9b5b9e8ac0bf60a26139462a83413d02c1de08d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: gzip
cache-control: no-cache
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 user.js Show response
script-api.kinja.com/script/launcher/1/ 1 KB
642 B 102ms
101ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.kinja.com/script/launcher/1/user.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: 6c02f985f5f5b415611b0c1317611b428066dab3a4106b616ffcee9ecf00c163

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
cache-control: private,max-age=604800
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 userId Show response
script-api.ccgateway.net/ 225 B
345 B 307ms
106ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.ccgateway.net/userId
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: 8c90d0fa49315d682079d71194327c764f1695cd9c8818dda414f29911507c98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: gzip
cache-control: private,max-age=3156000
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 realtime.js Show response
script-api.kinja.com/script/launcher/1/ 4 KB
2 KB 102ms
102ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.kinja.com/script/launcher/1/realtime.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: 7c44874e212bb59909bbc1963a75d2c326cae854268a8f9b57a222de325d7b5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
cache-control: private,max-age=604800
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 tap_rp.js Show response
script-api.kinja.com/script/launcher/9/ 13 KB
4 KB 102ms
102ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.kinja.com/script/launcher/9/tap_rp.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: 20809a7928d25e26d8f009ebe5f825839e9d2a5fd325555e7f961b38c89c88e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
cache-control: private,max-age=604800
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 api.js Show response
script-api.kinja.com/script/launcher/3/ 4 KB
2 KB 102ms
102ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.kinja.com/script/launcher/3/api.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: 31274f730a367bcd3b8c3a37bcd766e87b55ef404dbc1b53b80972ca22a6cadf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
cache-control: private,max-age=604800
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 getList Show response
gizmodo.com/api/core/corepost/ 44 KB
10 KB 18ms
17ms Fetch
application/json 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/api/core/corepost/getList?id=1848191680&id=1848185817&id=1848185195

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/permalinkPage.7cfcdad2c507f2758504.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7adb539b83bf4023701556c288a357dc733bfd7b8663f9d47b94209787e8cdcb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 52
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja: kinja-core-kube01-6b4c758dd8-94kcd #425
x-cdn-fetch: mantle-default
content-length: 9560
x-xss-protection: 1; mode=block
x-served-by: cache-bwi5143-BWI, cache-cdg20737-CDG
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1639151530.890066,VS0,VE1
x-frame-options: DENY
date: Fri, 10 Dec 2021 15:52:09 GMT
vary: Accept-Encoding,Origin, Authorization, X-Valid-Scroll-User
content-type: application/json
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 2, 1

GET
H/1.1 200
OK session.html Show response
api.bam-x.com/api/v0/ Frame 971E 637 B
2 KB 450ms
103ms Document
text/html 3.226.34.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bam-x.com/api/v0/session.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.226.34.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-34-126.compute-1.amazonaws.com

Software

nginx/1.20.1 /

Resource Hash

358ee04f36eee2066e319ec9c2dfcee16e32e656e8993b88c69fc26b6210928c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/

Response headers

Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-None-Match,If-Modified-Since,X-BAM-Params
Access-Control-Allow-Methods: DELETE,GET,POST,PUT,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Allow: DELETE,GET,POST,PUT,OPTIONS
Cache-Control: private, max-age=999999999, must-revalidate, proxy-revalidate
Content-Type: text/html; charset=utf-8
Date: Fri, 10 Dec 2021 15:52:10 GMT
ETag: 1760025554207691639
P3P: CP="NON DSP COR ADMo DEVo TAIo PSA PSDo OUR BUS CNT"
Server: nginx/1.20.1
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Robots-Tag: noindex, follow
Content-Length: 637
Connection: keep-alive

GET
H2 200 rtbsspub
cdn-geuw1-xch.media.net/AdExchange/ 2 KB
1 KB 28ms
28ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-geuw1-xch.media.net/AdExchange/rtbsspub?&prvReqId=88551317516756811639151529846&gdpr=1&gdprconsent=0&gdprstring=CPQ-t_-PQ-t_-AGABCENB5CgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&cid=8CUL2TG3D&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=283886783*97%7C728x90~970x250~970x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C0.54%7C%7C1&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.9672357287543762&tscode=1&crid=283886783&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fgizmodo.com&https=1&requrl=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=7656&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1ccce1aaef3253c3bad0952be1ae20c0c06e940522ec3b776d5565ce61c90ad5

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://gizmodo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Fri, 10 Dec 2021 15:52:09 GMT

GET
H2 200 rtbsspub
cdn-geuw1-xch.media.net/AdExchange/ 2 KB
1 KB 29ms
29ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-geuw1-xch.media.net/AdExchange/rtbsspub?&prvReqId=16335712758120001639151529847&gdpr=1&gdprconsent=0&gdprstring=CPQ-t_-PQ-t_-AGABCENB5CgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&cid=8CUL2TG3D&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=283886783*97%7C728x90~970x250~970x90%7C8CUL2TG3D%7C283886783_8CUL2TG3D~283886783_8CUL2TG3D~283886783_8CUL2TG3D%7C0.54%7C%7C1&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.9478666211314914&tscode=1&crid=283886783&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fgizmodo.com&https=1&requrl=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=7656&act=cache&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 08c1f2deb3b836fdb3ac4f8e4496b8c0b8fb6dc517f8820dd1cccbfb44a36be2

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:09 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://gizmodo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
content-length: 896
expires: Fri, 10 Dec 2021 15:52:09 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 46ms
8ms Image
image/x-icon 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 10:57:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17698
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Dec 2021 10:57:11 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
927 B 79ms
26ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.5805784192256
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Fri, 10 Dec 2021 15:52:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2560
x-guploader-uploadid: ADPycdsh8GYxEsgK5z5qzA4JGMsog7O-yGD2LI2hbU_f91x5eoUCT4GMmUwbhCfVgrJx8LU0CQ9sNf_tS6nikYPvsmc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7Hj7fOjcgPMMkSXuq2N0sMGYwnEDDenv3M11WLLbKTERnFhnftIpNKazzKSp%2BUFnOdoe8smxKOiVdy2nP44nzmNipZYIXyEokDYVPwXKH2192YlThca3k9ncuDCj1l0IPL1U6gLb48a7qTI7g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 6bb7a3868af25a31-MXP
expires: Fri, 10 Dec 2021 16:09:30 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 65ms
23ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-142218-3&cid=274705393.1639151530&jid=1946493393&gjid=1930799168&_gid=972793312.1639151530&_u=YGDACEAABAQCAC~&z=6606351

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 10 Dec 2021 15:52:09 GMT
content-type: text/plain
access-control-allow-origin: https://gizmodo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 65ms
23ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-142218-33&cid=274705393.1639151530&jid=688042501&gjid=299791143&_gid=972793312.1639151530&_u=YGDACEABBAQCAC~&z=1325164780

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 10 Dec 2021 15:52:09 GMT
content-type: text/plain
access-control-allow-origin: https://gizmodo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10002 Show response
gizmodo.com/api/core/videoPlaylist/ 40 KB
10 KB 22ms
22ms Fetch
application/json 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/api/core/videoPlaylist/10002?blogId=4

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/permalinkPage.7cfcdad2c507f2758504.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e699ff22ed399a8ba0b590d94e166c8892e7fb8c9ebc4d13bffaf99a2809fcfd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 58
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja: kinja-core-kube02-7db88f8447-9vmzs #425
x-cdn-fetch: mantle-default
content-length: 9943
x-xss-protection: 1; mode=block
x-served-by: cache-bwi5143-BWI, cache-cdg20737-CDG
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1639151530.964263,VS0,VE1
x-frame-options: DENY
date: Fri, 10 Dec 2021 15:52:09 GMT
vary: Accept-Encoding,Origin, Authorization, X-Valid-Scroll-User
content-type: application/json
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 1

GET
H2 200 load.js Show response
widget.perfectmarket.com/gomedianetwork/ 4 KB
2 KB 39ms
12ms Script
application/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/gomedianetwork/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedianetwork/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8f597be9012b70e4d53b62cdd9ffcb58ded2f9b15b9ad82b7de81a70657f3ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 7HJBrICKNYGAeu_NYw9kQ1GAUK0ZbU4W
content-encoding: gzip
etag: "d811ca543336ea824a0b4673683740d9"
age: 232
x-cache: HIT, HIT
content-length: 1291
x-amz-id-2: 6aFQ44C6VmJcg4yRbK0GsKcF4JtjdXHs8dXs9AFrix0slirILXZxbtKDEFsnjivvi7k3Ex3gjZM=
x-served-by: cache-lax10677-LGB, cache-hhn4047-HHN
last-modified: Thu, 09 Apr 2020 13:22:35 GMT
server: AmazonS3
x-timer: S1639151530.002297,VS0,VE1
date: Fri, 10 Dec 2021 15:52:10 GMT
vary: Accept-Encoding,,
x-amz-request-id: 59G574AM0B0HMHMJ
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 impl.20211209-5-RELEASE.js Show response
cdn.taboola.com/libtrc/ 610 KB
126 KB 10ms
10ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedianetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 26bb50500bfdfa32376bca2911e642ee1c3f01a917646ab6cb3bc6df4d25d097

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: o4mcJhqhRf2JYWWA1KQbF.mrhMoIT3Z7
content-encoding: br
etag: "8bc47a0f6c2e1ea57114b0cb6f8f0944"
age: 21414
x-cache: HIT
content-length: 128479
x-amz-id-2: PVmM+tQHMUJQ3dIX2FFA+WML5niHiPbGLubyCEsd3EjQRJmH2h3gHTsDejG+KX5bHzlOxgUscVo=
x-served-by: cache-hhn4032-HHN
last-modified: Thu, 09 Dec 2021 09:47:07 GMT
server: AmazonS3-br
x-timer: S1639151530.952879,VS0,VE0
date: Fri, 10 Dec 2021 15:52:09 GMT
vary: Accept-Encoding
x-amz-request-id: 5ZC4P308F476KCQ5
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 87
x-cache-hits: 4273

GET
H2 200 Notice.03819.css
sourcepoint.gizmodo.com/ Frame 8B94 32 KB
6 KB 15ms
13ms Stylesheet
text/css 143.204.209.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepoint.gizmodo.com/Notice.03819.css
Requested by: Host: sourcepoint.gizmodo.com
URL: https://sourcepoint.gizmodo.com/index.html?message_id=388523&consentUUID=6832426b-3564-4079-8a52-146935b3c409&requestUUID=5883e873-73eb-45d9-84c4-2cc80075d791&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-91.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51eb44a48f2ec3bf5ee39395698b49d23ad55ed26f05bcbbccbeb1e128f477ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sourcepoint.gizmodo.com/index.html?message_id=388523&consentUUID=6832426b-3564-4079-8a52-146935b3c409&requestUUID=5883e873-73eb-45d9-84c4-2cc80075d791&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 14:58:29 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 02:51:09 GMT
server: AmazonS3
age: 6339
etag: W/"894f01a34ee58f1147257366e6a6bde7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 7iqIPDPcKUzwHHVU4iFSGUndbruM15TNAy1CvPj2cZcqj-azr9vplw==

GET
H2 200 polyfills.d36c5.js Show response
sourcepoint.gizmodo.com/ Frame 8B94 5 KB
2 KB 16ms
14ms Script
application/javascript 143.204.209.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepoint.gizmodo.com/polyfills.d36c5.js
Requested by: Host: sourcepoint.gizmodo.com
URL: https://sourcepoint.gizmodo.com/index.html?message_id=388523&consentUUID=6832426b-3564-4079-8a52-146935b3c409&requestUUID=5883e873-73eb-45d9-84c4-2cc80075d791&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-91.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sourcepoint.gizmodo.com/index.html?message_id=388523&consentUUID=6832426b-3564-4079-8a52-146935b3c409&requestUUID=5883e873-73eb-45d9-84c4-2cc80075d791&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 14:59:39 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 02:51:09 GMT
server: AmazonS3
age: 4126
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 1ldzyJy0YEobANeNuCvtudfo5d-PKYTsKmWwy_Sd48uxd8gAd75tQQ==

GET
H2 200 Notice.70828.js Show response
sourcepoint.gizmodo.com/ Frame 8B94 209 KB
52 KB 16ms
15ms Script
application/javascript 143.204.209.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepoint.gizmodo.com/Notice.70828.js
Requested by: Host: sourcepoint.gizmodo.com
URL: https://sourcepoint.gizmodo.com/index.html?message_id=388523&consentUUID=6832426b-3564-4079-8a52-146935b3c409&requestUUID=5883e873-73eb-45d9-84c4-2cc80075d791&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-91.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 498d017c7df4ed4e2a5945e5502cbd57fd431fa898b4fd3209fdc045c3c34d7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sourcepoint.gizmodo.com/index.html?message_id=388523&consentUUID=6832426b-3564-4079-8a52-146935b3c409&requestUUID=5883e873-73eb-45d9-84c4-2cc80075d791&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 14:58:29 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 02:51:09 GMT
server: AmazonS3
age: 4406
etag: W/"3f789fabb7890dc26d3914692795ffb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: zmQ0L3SkZe7E967Xo-n7F3ZWeGvbSHw59WJU5RQ5beL6w0v4b-ilrA==

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 100 B
449 B 581ms
105ms XHR
application/json 35.201.112.123
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.201.112.123 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 123.112.201.35.bc.googleusercontent.com
Software: /
Resource Hash: 12818e979314343e8b5db33f3e89c4f20c2671bdf1a292780a4afeb5751099ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 15:52:10 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 57 B
406 B 577ms
104ms XHR
application/json 35.227.221.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.227.221.36 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.221.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 369623aef11dd0795a6851fe3ad7f3867b3c7c0f51b5da8ff4ba4b7ca13926a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 15:52:10 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 57 B
406 B 427ms
103ms XHR
application/json 35.186.234.63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.234.63 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 63.234.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e327579f4c2aa358d35797b547bd3f4d56fea451f6224f0571252afd05e39af4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 15:52:10 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
425 B 115ms
58ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=365217&u=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&v=3
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 15:52:10 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.21], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://gizmodo.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Fri, 10 Dec 2021 15:52:10 GMT

GET
H2 204 pv Show response
api.btloader.com/ 0
96 B 142ms
113ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=Rqxb2TmXSq&w=5737313936080896&o=5726495427264512&cv=2.0.2-2-gfdc9054&r=false&pageURL=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&upapi=true
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 10 Dec 2021 15:52:10 GMT
cache-control: no-cache, no-store, must-revalidate
vary: Origin
alt-svc: clear
via: 1.1 google

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 64ms
36ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-142218-3&cid=274705393.1639151530&jid=1946493393&_u=YGDACEAABAQCAC~&z=722636208

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 58ms
31ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-142218-3&cid=274705393.1639151530&jid=1946493393&_u=YGDACEAABAQCAC~&z=722636208

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 62ms
36ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-142218-33&cid=274705393.1639151530&jid=688042501&_u=YGDACEABBAQCAC~&z=1076073278

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 57ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-142218-33&cid=274705393.1639151530&jid=688042501&_u=YGDACEABBAQCAC~&z=1076073278

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 blogs Show response
gizmodo.com/api/profile/ 8 KB
3 KB 92ms
92ms Fetch
application/json 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/api/profile/blogs?ids=9&ids=1636140418&ids=11

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/permalinkPage.7cfcdad2c507f2758504.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

014b2420aedb69669653915b6f68138700b91d55c3105ae445a48a3143ab68cc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 8
x-cache: HIT, MISS
x-ua-device: desktop
x-kinja: kinja-profile-kube02-7555d676cf-h65t4 #183
x-cdn-fetch: mantle-origin-cache
content-length: 2622
x-xss-protection: 1; mode=block
x-served-by: cache-bwi5174-BWI, cache-cdg20737-CDG
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1639151530.083645,VS0,VE76
x-frame-options: DENY
date: Fri, 10 Dec 2021 15:52:10 GMT
vary: Accept-Encoding,Origin, Authorization, X-Valid-Scroll-User
content-type: application/json
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 2, 0

GET
H2 200 5.4b70f3c7c5a220c77f7d.js Show response
x.kinja-static.com/assets/new-client/ 64 KB
13 KB 17ms
17ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/5.4b70f3c7c5a220c77f7d.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

938e8fae53d4e15c47fde1ef86321f59e432f818910a353111b1a406655a6331

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32
via: 1.1 varnish
x-cache: HIT
content-length: 12524
x-amz-id-2: OBqp90R+FFqkRYmc9OMcCX4i45cCCqo/SLWr9evAqLn33mWRv1NM23bikoabHr/0YREAT6+JsFY=
x-served-by: cache-cdg20737-CDG
last-modified: Wed, 17 Nov 2021 10:52:25 GMT
server: AmazonS3
x-timer: S1639151530.110120,VS0,VE1
etag: "0cf99b00241702166b6bb1a6b13fa943"
vary: Accept-Encoding
x-amz-request-id: EB08AN2TYA2B912Y
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 videojs.9f2c9cf91a9a92c7bed9.js Show response
x.kinja-static.com/assets/new-client/ 297 B
416 B 18ms
17ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/videojs.9f2c9cf91a9a92c7bed9.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

eae1722b689bbad425c4497e30305830f31269c1e0074bc81747db9ae9781666

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63
via: 1.1 varnish
x-cache: HIT
content-length: 193
x-amz-id-2: ezHWr23gd0csnHM0xrtAPJCeBTKcdIljAKyPdgj7/eZvO+UMd1gQUE7cozVUjeDW1IxpmRlu1YI=
x-served-by: cache-cdg20737-CDG
last-modified: Mon, 22 Nov 2021 20:54:27 GMT
server: AmazonS3
x-timer: S1639151530.110391,VS0,VE1
etag: "497b034af5a5e6b483d47ff0ae865493"
vary: Accept-Encoding
x-amz-request-id: XSH9FM8R8WFHYKBQ
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 22a19b52f8d401bd114775b8b52667f9.jpg
i.kinja-img.com/gawker-media/image/upload/c_fit,f_auto,fl_progressive,pg_1,q_80,w_470/ 9 KB
10 KB 8ms
7ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fit,f_auto,fl_progressive,pg_1,q_80,w_470/22a19b52f8d401bd114775b8b52667f9.jpg
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1940b5b7b25eee1a9731c591c2a9281f026472d6bd6e2ec8f00e17b6476d44b3

Request headers

Referer: https://gizmodo.com/
Origin: https://gizmodo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 3KcoFDRXPni3IerEH69EWNzuMHOxjYIR
via: 1.1 varnish, 1.1 varnish
etag: "xcfgMhfK49non9Hev2VeYmOQ+nvz0Vb1ZLxFO99y9XY"
age: 802219
x-cache: HIT, HIT
fastly-io-info: ifsz=651699 idim=1920x1080 ifmt=jpeg ofsz=9488 odim=470x264 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 9488
x-amz-id-2: MqHphLxBwigRoHCfdbAkPTQsgBusy+T/ddaBGZ5RIbFXrfGyV6fpXPs09oxe94km5z7G6d7vkMk=
x-served-by: cache-bwi5121-BWI, cache-hhn4072-HHN
server: AmazonS3
x-timer: S1639151530.106730,VS0,VE0
date: Fri, 10 Dec 2021 15:52:10 GMT
vary: Accept
x-amz-request-id: JW4721CF1Z408KST
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&format=pjpg&frame=1&quality=80&width=470
accept-ranges: bytes
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 14

GET
H2 200 c221b1a2c99589be94ad7282e80218bc.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/ 15 KB
16 KB 17ms
17ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/c221b1a2c99589be94ad7282e80218bc.jpg
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22f50e6cb7107e79ccdbc1d49c60198f79cfc5787ed2d99ebf25a29d773de09b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: F933Vn6ldr5MlIeOcpW.LHAIYCGeZh69
via: 1.1 varnish, 1.1 varnish
etag: "mCdFP+Hu0CXlaKW8RcU15tXysPM1flCUjYqusHiiH7I"
age: 2610551
x-cache: HIT, HIT
fastly-io-info: ifsz=2838717 idim=1920x1080 ifmt=png ofsz=15600 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 15600
x-amz-id-2: 6NIy599XxeJRf8NoTxtoiqB/PwKjAmPBygV9HI/OZ+Eas5S4ffVEWgnktTxJnLd1C/hLcetfuO8=
x-served-by: cache-bwi5149-BWI, cache-cdg20737-CDG
server: AmazonS3
x-timer: S1639151530.118173,VS0,VE0
date: Fri, 10 Dec 2021 15:52:10 GMT
vary: Accept
x-amz-request-id: HZMAED5GM7S1SD87
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
accept-ranges: bytes
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 6

GET
H2 200 e8143b05d31423c337803b378988e9d9.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/ 6 KB
7 KB 24ms
24ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/e8143b05d31423c337803b378988e9d9.jpg
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 326154071df5776f817b14fe7975a16c385fad2ed4a9d0e71919dbcb63ce67bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: hGuJcJGjt_Rf4eArfbNXvrAh9k03Zk0e
via: 1.1 varnish, 1.1 varnish
etag: "AnHs/be45hucKNgM6YQPv00El1gmo5cE6PM5fETeCnE"
age: 3628810
x-cache: HIT, HIT
fastly-io-info: ifsz=651699 idim=1920x1080 ifmt=jpeg ofsz=6354 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 6354
x-amz-id-2: 3/mQ+Xby+RHsIqUTiEPYoPxy69ElPof8j/NnuuivGQ7udgpkX6uvT0IoOBrar8hSo56gHi2FyWw=
x-served-by: cache-bwi5178-BWI, cache-cdg20737-CDG
server: AmazonS3
x-timer: S1639151530.130826,VS0,VE0
date: Fri, 10 Dec 2021 15:52:10 GMT
vary: Accept
x-amz-request-id: FDHPQP1FBZVTHP6E
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
accept-ranges: bytes
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 6

GET
H2 200 pmk-202003261.4.js Show response
widget.perfectmarket.com/gomedianetwork/ 117 KB
32 KB 8ms
7ms Script
application/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/gomedianetwork/pmk-202003261.4.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56b2661dcb5519f9481fa7e1d7373c1b5d67021f889068dddd2229ad47605029

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 8XH_FoRMNd01D6wDBMJaqbxyZ1s5qjTO
content-encoding: gzip
etag: "05f5096d76eb8bb18e9f8247992062c4"
age: 14018539
x-cache: HIT, HIT
content-length: 32198
x-amz-id-2: 7soZc4OmaBNnLqUBhkovKKZ2+6J0f0VUt4DD4LXh9itsUd9uVQmVXchg3aLqnZM95l8CWaU4awU=
x-served-by: cache-sna10732-LGB, cache-hhn4047-HHN
last-modified: Thu, 09 Apr 2020 13:22:35 GMT
server: AmazonS3
x-timer: S1639151530.108489,VS0,VE1
date: Fri, 10 Dec 2021 15:52:10 GMT
vary: Accept-Encoding,,
x-amz-request-id: 6S1TWY07D060F8QQ
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1375, 1

GET
H2 403 logo-gizmodo-600x85-300x43.png
g-omedia.com/wp-content/uploads/2016/11/ Frame 8B94 0
0 384ms
375ms Image
application/xml 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-omedia.com/wp-content/uploads/2016/11/logo-gizmodo-600x85-300x43.png
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sourcepoint.gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 375 KB
124 KB 65ms
15ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b666cd4fde0554c6dbd946339abca10c1aba4fd4ebebc434e7fe38aa32b301e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126530
x-xss-protection: 0
expires: Fri, 10 Dec 2021 15:52:10 GMT

GET
H2 200 videojs.css
x.kinja-static.com/assets/stylesheets/ 43 KB
11 KB 17ms
17ms Stylesheet
text/css 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/stylesheets/videojs.css

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

60c68b884400bc800bba771cd3ce25c5ebdf630ff54060a53e74bd6d7f2e81cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63
via: 1.1 varnish
x-cache: HIT
content-length: 11010
x-amz-id-2: 7hXq8voIP/lNTwzXNRg++Ie9Uc0tXmYPdYkJoRG0lzE2PetEpBGMjA7Ht6ghgGpDRjZrkOJKDac=
x-served-by: cache-cdg20737-CDG
last-modified: Tue, 07 Dec 2021 19:54:26 GMT
server: AmazonS3
x-timer: S1639151530.209211,VS0,VE1
etag: "4b1d22003ba3219dcd5b72d7d4899a17"
vary: Accept-Encoding
x-amz-request-id: P23TQWF55JJWNF7F
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 1

GET
H2 200 getList Show response
gizmodo.com/api/core/corepost/ 91 KB
19 KB 100ms
99ms Fetch
application/json 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/api/core/corepost/getList?id=1848138035&id=1848138561&id=1848103267

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/permalinkPage.7cfcdad2c507f2758504.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6796599c3ea36a0cfb9f46a94417927ff9cd9f518bd8659efcdec14ff1b2dcff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 0
x-cache: HIT, MISS
x-ua-device: desktop
x-kinja: kinja-core-kube01-6b4c758dd8-94kcd #425
x-cdn-fetch: mantle-default
content-length: 19148
x-xss-protection: 1; mode=block
x-served-by: cache-bwi5155-BWI, cache-cdg20737-CDG
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1639151530.228477,VS0,VE83
x-frame-options: DENY
date: Fri, 10 Dec 2021 15:52:10 GMT
vary: Accept-Encoding,Origin, Authorization, X-Valid-Scroll-User
content-type: application/json
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 204 b
sb.scorecardresearch.com/ 0
337 B 9ms
8ms Image
text/plain 13.35.253.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1639151530220&ns_c=UTF-8&cv=3.5&c8=Someone%20Is%20Running%20Hundreds%20of%20Malicious%20Servers%20on%20Tor%20Network&c7=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&c9=
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: m8NaF_0M6UnAgx4LgdQXFsjj4iJi9_JT2ZP7Aqtywcyk_-qfN5ZQMA==
x-cache: Miss from cloudfront

GET
H2 200 93e4eb3110104043ce2bf179ff210c09.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_78,pg_1,q_60,w_140/ 2 KB
2 KB 18ms
17ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_78,pg_1,q_60,w_140/93e4eb3110104043ce2bf179ff210c09.jpg
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2a0ef1592a7f962e4cf46d93ccba947fe72ccb6cd5fef06868da83c36ae9e3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: heY9xmPO3TnvzlJP3NkZgXMbIByNl4f8
via: 1.1 varnish, 1.1 varnish
etag: "QiHcqu8rDB4wFvB1u33YuRjZhHnrjwHLp+feD3rKCc0"
age: 20568
x-cache: HIT, HIT
fastly-io-info: ifsz=264851 idim=1000x562 ifmt=jpeg ofsz=1546 odim=140x78 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 1546
x-amz-id-2: Y0aAd+RiOFJkypj0MpM1lOdnRwb5BmxmFU2ZY7/+nNy57Ojal9lGRRX3cjosv7yor8WXwpub6so=
x-served-by: cache-bwi5142-BWI, cache-cdg20737-CDG
server: AmazonS3
x-timer: S1639151530.251116,VS0,VE0
date: Fri, 10 Dec 2021 15:52:10 GMT
vary: Accept
x-amz-request-id: 55KJ4AG8EEHWJP79
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=78&quality=60&width=140
accept-ranges: bytes
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 3, 11

GET
H2 200 22ebe60e68a9945aa2d21eace501255f.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_78,pg_1,q_60,w_140/ 1 KB
2 KB 18ms
16ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_78,pg_1,q_60,w_140/22ebe60e68a9945aa2d21eace501255f.jpg
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 297ab3bc03232acceab643e4c33665076e99a69f1d7d3080ca5e3abbec16c3f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: x9wm.NJfSAx1TNG7rWhmqRUuKUtF7QUd
via: 1.1 varnish, 1.1 varnish
etag: "u2kHGki471I4yAtWG504mP2AvF9CPoJ+K+NqhuxhVNE"
age: 86261
x-cache: HIT, HIT
fastly-io-info: ifsz=186830 idim=2054x1155 ifmt=jpeg ofsz=1440 odim=140x78 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 1440
x-amz-id-2: 4sRIR4gJX1vqRxynqUhxiH4yzusAqNp/uS16EZjsxIySuNJZotAmsX6THo2PeHO+9UawPABkybU=
x-served-by: cache-bwi5142-BWI, cache-cdg20737-CDG
server: AmazonS3
x-timer: S1639151530.251456,VS0,VE0
date: Fri, 10 Dec 2021 15:52:10 GMT
vary: Accept
x-amz-request-id: 76SZCHP5M34CR5DS
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=78&quality=60&width=140
accept-ranges: bytes
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 9

GET
H2 200 c5d965747ebea89960d3c791a26d8839.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_78,pg_1,q_60,w_140/ 3 KB
3 KB 19ms
17ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_78,pg_1,q_60,w_140/c5d965747ebea89960d3c791a26d8839.jpg
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 893d901b1468efefad5e6f9dc095e794633e6b5aedd035bb13fc65f3e31f9a21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: QPCYUQUf87vNf5V4uvjtNYFtl5nsZ0WJ
via: 1.1 varnish, 1.1 varnish
etag: "nkrUKC99/mvZ0xF/An7IVnrq6/eOU170VHqRXtkU2sA"
age: 88720
x-cache: HIT, HIT
fastly-io-info: ifsz=291421 idim=1948x1093 ifmt=jpeg ofsz=2934 odim=140x78 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 2934
x-amz-id-2: E5IobacaQJaCqilf5GLEJsszNJm+dywaDauervRa547EIs+rDo++rx7N1p/4kiaFgBGEaIPTk3w=
x-served-by: cache-bwi5175-BWI, cache-cdg20737-CDG
server: AmazonS3
x-timer: S1639151530.251642,VS0,VE0
date: Fri, 10 Dec 2021 15:52:10 GMT
vary: Accept
x-amz-request-id: NT9ERMZKG2GHBDFE
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=78&quality=60&width=140
accept-ranges: bytes
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 2, 30

GET
H2 200 93e4eb3110104043ce2bf179ff210c09.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_275,pg_1,q_60,w_490/ 9 KB
9 KB 18ms
17ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_275,pg_1,q_60,w_490/93e4eb3110104043ce2bf179ff210c09.jpg
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 07ba4afc0764d2e9ceeb18eb82cf3ebb4a0dcd268036d03029fee050bcca09ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: heY9xmPO3TnvzlJP3NkZgXMbIByNl4f8
via: 1.1 varnish, 1.1 varnish
etag: "OSzoE13zg777E0/t6IYs/9sSc1NrAZT5qyqc4UaOuwM"
age: 20568
x-cache: HIT, HIT
fastly-io-info: ifsz=264851 idim=1000x562 ifmt=jpeg ofsz=9152 odim=490x275 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 9152
x-amz-id-2: Y0aAd+RiOFJkypj0MpM1lOdnRwb5BmxmFU2ZY7/+nNy57Ojal9lGRRX3cjosv7yor8WXwpub6so=
x-served-by: cache-bwi5153-BWI, cache-cdg20737-CDG
server: AmazonS3
x-timer: S1639151530.251795,VS0,VE0
date: Fri, 10 Dec 2021 15:52:10 GMT
vary: Accept
x-amz-request-id: 55KJ4AG8EEHWJP79
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=275&quality=60&width=490
accept-ranges: bytes
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 23

GET
H2 200 22ebe60e68a9945aa2d21eace501255f.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_275,pg_1,q_60,w_490/ 8 KB
8 KB 19ms
18ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_275,pg_1,q_60,w_490/22ebe60e68a9945aa2d21eace501255f.jpg
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdc9c2f8368337a8594c538af8d5ef3aa6951ecc559257442fe7b0a3a25c6172

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: x9wm.NJfSAx1TNG7rWhmqRUuKUtF7QUd
via: 1.1 varnish, 1.1 varnish
etag: "b/UxYVnzZBJKJwb8SIkXaHlEmnza1pHWXyRNGWI8umM"
age: 86261
x-cache: HIT, HIT
fastly-io-info: ifsz=186830 idim=2054x1155 ifmt=jpeg ofsz=8088 odim=490x275 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 8088
x-amz-id-2: 4sRIR4gJX1vqRxynqUhxiH4yzusAqNp/uS16EZjsxIySuNJZotAmsX6THo2PeHO+9UawPABkybU=
x-served-by: cache-bwi5170-BWI, cache-cdg20737-CDG
server: AmazonS3
x-timer: S1639151530.252166,VS0,VE0
date: Fri, 10 Dec 2021 15:52:10 GMT
vary: Accept
x-amz-request-id: 76SZCHP5M34CR5DS
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=275&quality=60&width=490
accept-ranges: bytes
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 9

GET
H2 200 c5d965747ebea89960d3c791a26d8839.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_275,pg_1,q_60,w_490/ 18 KB
18 KB 19ms
18ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_275,pg_1,q_60,w_490/c5d965747ebea89960d3c791a26d8839.jpg
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0048062ea9fad71e145776f9e46031a939b5632d3c4cf7dabd086c464c9390ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: QPCYUQUf87vNf5V4uvjtNYFtl5nsZ0WJ
via: 1.1 varnish, 1.1 varnish
etag: "57Wj75ubi1W+QhjM0LRReISXrx46CnpfM8pYsn8bQ20"
age: 88719
x-cache: HIT, HIT
fastly-io-info: ifsz=291421 idim=1948x1093 ifmt=jpeg ofsz=18038 odim=490x275 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 18038
x-amz-id-2: E5IobacaQJaCqilf5GLEJsszNJm+dywaDauervRa547EIs+rDo++rx7N1p/4kiaFgBGEaIPTk3w=
x-served-by: cache-bwi5157-BWI, cache-cdg20737-CDG
server: AmazonS3
x-timer: S1639151530.252297,VS0,VE0
date: Fri, 10 Dec 2021 15:52:10 GMT
vary: Accept
x-amz-request-id: NT9ERMZKG2GHBDFE
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=275&quality=60&width=490
accept-ranges: bytes
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 31

GET
H2 200 getProfileRealtime Show response
script-api.kinja.com/ 202 B
327 B 200ms
200ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.kinja.com/getProfileRealtime?ccuid=7426b100-bbda-4ae7-9e64-7cb3fe2affd9&intent=false&demo=false&brands=false&audiences=true&parentId=968ce6abb2
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: 7df6b2b927e04e6cac995513fc4cab56832d031b60b0defd7cbf85bd4d4f0781

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: gzip
cache-control: private,max-age=1800
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 bundle Show response
script-api.kinja.com/script/ 39 KB
11 KB 103ms
103ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.kinja.com/script/bundle?id=gizmodo.com&parentId=968ce6abb2
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: 4430f93ad9fc507a4938e5d6d808a82950f2a5d63a46d1ac66a269a26b791d66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: gzip
cache-control: public,max-age=1200
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 1848156630 Show response
gizmodo.com/embed/comments/magma/ Frame F79A 52 KB
16 KB 133ms
133ms Document
text/html 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/embed/comments/magma/1848156630?

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c26ddabbe68131251eca47cedf45f374116026df60712c058248e208fc017a6d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Response headers

p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-kinja: kinja-mantle-kube03-5bb55868c5-54zn2 #3058
cache-control: stale-if-error=86400, stale-while-revalidate=300
x-kinja-build: 3058
x-kinja-server: kinja-mantle-kube03-5bb55868c5-54zn2
x-frame-options: SAMEORIGIN
content-encoding: gzip
x-googlenews-bot: false
x-kinja-revision: ce7354101d524aace14dcccbdcffe239448b6836
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/html; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
x-cdn-fetch: mantle-default
accept-ranges: bytes
date: Fri, 10 Dec 2021 15:52:10 GMT
age: 0
x-served-by: cache-bwi5148-BWI, cache-cdg20737-CDG
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1639151530.271891,VS0,VE116
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, Authorization, X-Use-Mantle
x-ua-device: desktop
x-use-mantle: yes
x-robots-tag: noindex, nofollow
content-length: 15981

GET
H2 200 22a19b52f8d401bd114775b8b52667f9.jpg
i.kinja-img.com/gawker-media/image/upload/c_fit,f_auto,fl_progressive,q_80,w_470/ 9 KB
10 KB 21ms
21ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fit,f_auto,fl_progressive,q_80,w_470/22a19b52f8d401bd114775b8b52667f9.jpg
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1940b5b7b25eee1a9731c591c2a9281f026472d6bd6e2ec8f00e17b6476d44b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 3KcoFDRXPni3IerEH69EWNzuMHOxjYIR
via: 1.1 varnish, 1.1 varnish
etag: "xcfgMhfK49non9Hev2VeYmOQ+nvz0Vb1ZLxFO99y9XY"
age: 802220
x-cache: HIT, HIT
fastly-io-info: ifsz=651699 idim=1920x1080 ifmt=jpeg ofsz=9488 odim=470x264 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 9488
x-amz-id-2: MqHphLxBwigRoHCfdbAkPTQsgBusy+T/ddaBGZ5RIbFXrfGyV6fpXPs09oxe94km5z7G6d7vkMk=
x-served-by: cache-bwi5140-BWI, cache-cdg20737-CDG
server: AmazonS3
x-timer: S1639151530.338243,VS0,VE1
date: Fri, 10 Dec 2021 15:52:10 GMT
vary: Accept
x-amz-request-id: JW4721CF1Z408KST
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&format=pjpg&frame=1&quality=80&width=470
accept-ranges: bytes
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H/1.1 200
OK 189964_240p,480p,720p,1080p.m3u8 Show response
kinja-otfp.global.ssl.fastly.net/189964/ 1 KB
1 KB 39ms
8ms XHR
application/x-mpegurl 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja-otfp.global.ssl.fastly.net/189964/189964_240p,480p,720p,1080p.m3u8

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

otfp /

Resource Hash

74261f58ee7a7685313f2d64f8ac336d1eeeadf8b855205b7507dc49c82db9f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 15:52:10 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 76337
X-Cache: HIT, HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 335
X-Served-By: cache-bwi5138-BWI, cache-hhn4073-HHN
Server: otfp
X-Timer: S1639151530.430324,VS0,VE0
Etag: "1KTpQqA0ic1EvWv3tzEoPD8HhVqIyzhdNyhJ0_Esn1FX8IXwnQN8z5FRSoWzpMColZFVLOxAJKKC61-sLNCYhYY2-IQUP8EmNKRLX8_sUER77COFzYEfQFZ3lnitoNq4cD_CHgxumpV9zWroK4fg5Xpzkwz8huw6Vibum1aR44F76L8gggDUfvwg1PgvjfvZZM5bBPSebr4flIs47Gcy-SWUf_5XuhAL1gTQcnawq46irQ"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300
Content-Type: application/x-mpegurl
Access-Control-Allow-Origin: *
Fastly-Stats: otfp=1
Accept-Ranges: bytes
X-Cache-Hits: 2, 173

GET
BLOB 200
OK 6729cce3-caa3-4684-9522-1f6340e11e35
https://gizmodo.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gizmodo.com/6729cce3-caa3-4684-9522-1f6340e11e35
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1382ac8052df72ce2aa352dbd65717c6d59790d99bdf233730b4bc1ba08c1967

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 5409
Content-Type: application/javascript

GET
H2 200 blogs Show response
gizmodo.com/api/profile/ 8 KB
3 KB 102ms
102ms Fetch
application/json 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/api/profile/blogs?ids=1636027099&ids=12&ids=17

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/permalinkPage.7cfcdad2c507f2758504.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8ea6b61a5174a4140f0246ac54b8e575432ae31c52776e07b0a1df8628d545dd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 6
x-cache: HIT, MISS
x-ua-device: desktop
x-kinja: kinja-profile-kube01-549d88f6d8-f28vl #183
x-cdn-fetch: mantle-origin-cache
content-length: 2673
x-xss-protection: 1; mode=block
x-served-by: cache-bwi5183-BWI, cache-cdg20737-CDG
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1639151530.426379,VS0,VE76
x-frame-options: DENY
date: Fri, 10 Dec 2021 15:52:10 GMT
vary: Accept-Encoding,Origin, Authorization, X-Valid-Scroll-User
content-type: application/json
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 discussion-b30c112549a9cc17f2b0e2bee0fa791b.css
x.kinja-static.com/assets/stylesheets/ Frame F79A 442 KB
66 KB 17ms
17ms Stylesheet
text/css 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/stylesheets/discussion-b30c112549a9cc17f2b0e2bee0fa791b.css

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/embed/comments/magma/1848156630?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a7d2803b5e758332eef4d4723df1cedf6bde21cc84a73116b0590b6258124a91

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
via: 1.1 varnish
x-cache: HIT
content-length: 67131
x-amz-id-2: 7ppJYBWqo3dopyyNbwpylkj/8r0KCJ94+BUjDxmcSFX1fBcYWaH3B72TVAk91/Qt14r2YMDikZM=
x-served-by: cache-cdg20737-CDG
last-modified: Wed, 08 Dec 2021 14:30:49 GMT
server: AmazonS3
x-timer: S1639151530.439257,VS0,VE1
etag: "b30c112549a9cc17f2b0e2bee0fa791b"
vary: Accept-Encoding
x-amz-request-id: Y5BJW9PS7PRJCTP4
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 1

GET
H2 200 accountwithtoken Show response
kinja.com/api/profile/ Frame F79A 197 B
724 B 117ms
117ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja.com/api/profile/accountwithtoken?jsonp=_fasttoken&newFollows=true

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/embed/comments/magma/1848156630?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ee7f0325c97f07acbb41ded296dba6579a09145f88c720206d24f3b7d5b14eda

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cache: MISS, MISS
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-ua-device: desktop
x-cdn-fetch: mantle-setcookie
content-length: 194
x-xss-protection: 1; mode=block
x-served-by: cache-bwi5179-BWI, cache-cdg20737-CDG
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1639151530.439474,VS0,VE89
x-frame-options: DENY
date: Fri, 10 Dec 2021 15:52:10 GMT
vary: Accept-Encoding,Origin
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache, no-store, private
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0

GET
H2 200 trackers.ff142cb4cdc2eeae66bf.en-US.js Show response
x.kinja-static.com/assets/packaged-js/ Frame F79A 27 KB
9 KB 17ms
16ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/packaged-js/trackers.ff142cb4cdc2eeae66bf.en-US.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/embed/comments/magma/1848156630?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c52f8e98f660e8c62927b9f53a766551cb33d70ec6571b9b1ceee4f8eceaf03a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
via: 1.1 varnish
x-cache: HIT
content-length: 9306
x-amz-id-2: e5SSbQ2ivemT1ZhVnJuNxLQxWYYWs4lv8RbtpCI/KrP7OTBU5Wgq0IOrLdZxc7aNSsmBvHY3SMs=
x-served-by: cache-cdg20737-CDG
last-modified: Thu, 09 Dec 2021 17:39:18 GMT
server: AmazonS3
x-timer: S1639151530.451398,VS0,VE1
etag: "006538a572d0b6b03a95afa292a42990"
vary: Accept-Encoding
x-amz-request-id: B4CXZ8C8KG7K593Q
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 scroll.js Show response
static.scroll.com/js/ Frame F79A 17 KB
6 KB 9ms
9ms Script
application/javascript 199.232.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scroll.com/js/scroll.js
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/embed/comments/magma/1848156630?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8f1657223a1fef42e52e40a420a5597ba44cf2e4088a90b97969230cb7d2a760

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: gzip
age: 57912
x-guploader-uploadid: ADPycdvVAPpsgKV13SPK-fX1CNQ4fy1VNAjj0RpG0bupFyqVYFniPY13u-kRFmoSTqhQ-SgAdLoYmJuCYsFbQooM3-Vpo-VGpQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 6448
x-served-by: cache-hhn4069-HHN
last-modified: Thu, 04 Nov 2021 23:05:53 GMT
server: UploadServer
x-timer: S1639151530.450153,VS0,VE0
etag: "1a3ebebabf09bbd4a49ef06cdafcdcb2"
vary: Origin
x-goog-hash: crc32c=klABqg==, md5=Gj6+ur8Ju9SknvBs2vzcsg==
x-goog-generation: 1636067153734265
via: 1.1 varnish
expires: Fri, 10 Dec 2021 23:46:57 GMT
cache-control: public, max-age=0, s-maxage=86400
access-control-allow-credentials: true
x-goog-stored-content-length: 6448
accept-ranges: bytes
content-type: application/javascript
x-scrolljs: 3
x-cache-hits: 13614

GET
H2 200 detectElementResize.js Show response
x.kinja-static.com/assets/javascripts/lib/ Frame F79A 3 KB
2 KB 18ms
18ms Script
application/x-javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/javascripts/lib/detectElementResize.js?v=3

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/embed/comments/magma/1848156630?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f0d3c5604e7d31126006921c7b4ba51bf013073f77857420b884c83ccd36a06a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24
via: 1.1 varnish
x-cache: HIT
content-length: 1397
x-amz-id-2: iHIa8fz6vxzB5Apguo3VUomL2xkUX3B2+kSQ+b6QLVVzfnL03LjPFK1yiW/JutkWbFd98iitlhM=
x-served-by: cache-cdg20737-CDG
last-modified: Fri, 20 Jan 2017 16:22:05 GMT
server: AmazonS3
x-timer: S1639151530.439840,VS0,VE1
etag: "ab3740acd8a3b539fe03e07bdcfabda3"
vary: Accept-Encoding
x-amz-request-id: JP3G0G3TPPTFM095
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/x-javascript
x-cache-hits: 1

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://gizmodo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame F79A 134 KB
36 KB 8ms
8ms Script
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/embed/comments/magma/1848156630?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding: gzip
etag: 1e39d25f07f5619925357b752ab10d04
age: 497
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 008CAP3246CJAD6G9411
date: Fri, 10 Dec 2021 15:43:55 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: blXY33DJI3e8LyPzgTTsOOzr1_voGtfAs6s-spAaTPuzkA37LXwY4A==

GET
H/1.1 304
NOT MODIFIED session.gif
api.bam-x.com/api/v0/ 0
957 B 105ms
105ms Image 3.226.34.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.bam-x.com/api/v0/session.gif?uid_bam=1760025554207691639

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.226.34.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-34-126.compute-1.amazonaws.com

Software

nginx/1.20.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 15:52:10 GMT
Server: nginx/1.20.1
ETag: 1760025554207691639
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: DELETE,GET,POST,PUT,OPTIONS
P3P: CP="NON DSP COR ADMo DEVo TAIo PSA PSDo OUR BUS CNT"
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Cache-Control: private, max-age=999999999, must-revalidate, proxy-revalidate
Connection: keep-alive
X-Robots-Tag: noindex, follow
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-None-Match,If-Modified-Since,X-BAM-Params

GET
H/1.1 200
OK 189964_240p.m3u8 Show response
kinja-otfp.global.ssl.fastly.net/189964/ 632 B
771 B 10ms
7ms XHR
application/x-mpegurl 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja-otfp.global.ssl.fastly.net/189964/189964_240p.m3u8

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

otfp /

Resource Hash

8f618a411abbdab66a69a897bc6904521609e3781cf615a94f464787033cbc08

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 15:52:10 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 117589
X-Cache: HIT, HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 180
X-Served-By: cache-bwi5160-BWI, cache-hhn4073-HHN
Server: otfp
X-Timer: S1639151530.458185,VS0,VE0
Etag: "Y-JTbs7Y_qYfGB_LcuxJvE5bSkRT5q6zpnbNbreIu19ur2CiywHuYGU8k3LAaKiM2tvDyq3IxbhqAafb9wNSeGKEgg"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300
Content-Type: application/x-mpegurl
Access-Control-Allow-Origin: *
Fastly-Stats: otfp=1
Accept-Ranges: bytes
X-Cache-Hits: 1277, 162

GET
H2 200 location Show response
privacy-location-edge.ccgateway.net/privacy/ 2 B
188 B 365ms
101ms XHR
text/plain 52.91.215.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-location-edge.ccgateway.net/privacy/location
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.91.215.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-91-215-149.compute-1.amazonaws.com
Software: /
Resource Hash: 9170a8b2fb3234baa721bf8b3de5935d8d160f6f987215b83b07a49a403e5e74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: Accept-Encoding
content-type: text/plain; charset=utf-8

GET
BLOB 200
OK c8768a8f-ba52-4685-befb-723076410429
https://gizmodo.com/ 52 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gizmodo.com/c8768a8f-ba52-4685-befb-723076410429
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b525d5b79e347e163079f3e39feb5365cf589e09333ae58153b27ebbe5ef9090

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 52795
Content-Type: application/javascript

GET
H2 200 scripts_clients_Hive_ContextualEngine.js Show response
carbon-cdn.ccgateway.net/script/cs/ 6 KB
2 KB 220ms
192ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://carbon-cdn.ccgateway.net/script/cs/scripts_clients_Hive_ContextualEngine.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: ddbf94c9ded5ac3e4b6d2f82f5a9324a6510314164e46e8dddcce1400be61a34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: gzip
cache-control: public,max-age=1200
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK 189964_240p-1.ts Show response
kinja-otfp.global.ssl.fastly.net/189964/ 253 KB
254 KB 8ms
8ms XHR
video/mp2t 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja-otfp.global.ssl.fastly.net/189964/189964_240p-1.ts

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

otfp /

Resource Hash

d590bba8b4d29e68c459b7659a2e99e789b906262efbfe008dd723df13e5ea1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 15:52:10 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 118825
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 259064
X-Served-By: cache-bwi5153-BWI, cache-hhn4073-HHN
X-Fastly-Otfp-Info: ss=0.000 sl=6.000 vl=94.800 rs=424x240
Server: otfp
X-Timer: S1639151530.488409,VS0,VE1
Etag: "FU2wQVIiiN10vLKw5F6EsXfEChp6dahFXPQLuAB2Ig77AOfM_2zWYCpfRz3YPmAmlYgzI-QiHkeW8v8zHUWNWpgr5A"
Strict-Transport-Security: max-age=300
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Fastly-Stats: otfp=1
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame F79A 0
309 B 7ms
6ms XHR
text/plain 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3076&u=https%3A%2F%2Fgizmodo.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 10:54:12 GMT
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
server: Server
age: 17877
x-cache: Hit from cloudfront
access-control-allow-origin: https://gizmodo.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 9erV6UwIahaTA1ryvJySB25C7lTm8CvvLdrlyX7aBZ02uXHMDLD5ZA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame F79A 6 KB
3 KB 7ms
7ms XHR
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 44374
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
date: Fri, 10 Dec 2021 03:32:37 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: fqygrXbvhpStEHUc-hFXG5i6rBcvQVKsHlaHq9xa4riCk2JDLhqupw==

GET
H2 200 sync Show response
gum.criteo.com/ 53 B
366 B 18ms
18ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUL2TG3D&version=5.1&dn=gizmodo.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d236e1af7b71e2ccd2d2fab9d9ba66893d95c884663688306742f8934aec7594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 10 Dec 2021 15:52:10 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1743
content-length: 169
expires: 60

GET
H2 200 log
pb-logs.media.net/ 35 B
194 B 89ms
19ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pb-logs.media.net/log?logid=kfk&evtid=prebid_analytics_events_client&requrl=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&dn=gizmodo.com&ref=&screen=1600x1200&cid=8CU74RYRS&lper=1&plper=&gdpr=0&ajx=1&pbv=v4.43.4&pbav=1.0.0&flt=1&supcrid=dfp-ad-8&tmax=1000&ismn=1&vplcmtt=&sts=0&ets=701&tts=NaN&aucstatus=completed&acid=3e283266-9597-47b1-8900-b7809c75bfcf&flrdata=ln%3D%7C%7Cskp%3D%7C%7Cenfj%3D%7C%7Cenfd%3D%7C%7Csr%3D%7C%7Cfs%3D&lgtp=PR&adid=&pvnm=-2&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=1&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=criteo&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=505509721a3f627&pvnm=ias&src=client&ogbdp=0.01&bdp=0.01&cbdp=0.00&dfpbd=0.00&szs=300x250&size=100x200&mtype=banner&dId=42&curr=USD&rests=159&status=1&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=trustx&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=pubmatic&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=medianet&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=324103326&pubcrid=324103326&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=rubicon&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=triplelift&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=openx&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=ix&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=appnexus&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=resetdigital&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&targ=
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:10 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 10 Dec 2021 15:52:10 GMT

GET
H2 200 log
pb-logs.media.net/ 35 B
194 B 90ms
20ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pb-logs.media.net/log?logid=kfk&evtid=prebid_analytics_events_client&requrl=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&dn=gizmodo.com&ref=&screen=1600x1200&cid=8CU74RYRS&lper=1&plper=&gdpr=0&ajx=1&pbv=v4.43.4&pbav=1.0.0&flt=1&supcrid=dfp-ad-8&tmax=1000&ismn=1&vplcmtt=&sts=0&ets=701&tts=707&aucstatus=completed&acid=3e283266-9597-47b1-8900-b7809c75bfcf&flrdata=ln%3D%7C%7Cskp%3D%7C%7Cenfj%3D%7C%7Cenfd%3D%7C%7Csr%3D%7C%7Cfs%3D&lgtp=AP&adid=&pvnm=-2&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=1&iwb=1&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=criteo&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=505509721a3f627&pvnm=ias&src=client&ogbdp=0.01&bdp=0.01&cbdp=0.00&dfpbd=0.00&szs=300x250&size=100x200&mtype=banner&dId=42&curr=USD&rests=159&status=1&iwb=1&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=trustx&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=pubmatic&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=medianet&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=324103326&pubcrid=324103326&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=rubicon&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=triplelift&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=openx&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=ix&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=appnexus&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=resetdigital&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&targ=%7B%22ias-kw%22%3A%22%22%2C%22id%22%3A%222238627f-59d1-11ec-a7db-0a1e87f1382c%22%2C%22fr%22%3A%22true%22%2C%22vio%22%3A%22veryLow%22%2C%22off%22%3A%22veryLow%22%2C%22hat%22%3A%22veryLow%22%2C%22drg%22%3A%22veryLow%22%2C%22dlm%22%3A%22veryLow%22%2C%22alc%22%3A%22veryLow%22%2C%22adt%22%3A%22veryLow%22%2C%22hb_format_ias%22%3A%22banner%22%2C%22hb_source_ias%22%3A%22client%22%2C%22hb_deal_ias%22%3A%2242%22%2C%22hb_size_ias%22%3A%22100x200%22%2C%22hb_pb_ias%22%3A%220.00%22%2C%22hb_adid_ias%22%3A%22505509721a3f627%22%2C%22hb_bidder_ias%22%3A%22ias%22%7D
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:10 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 10 Dec 2021 15:52:10 GMT

GET
H2 200 log
pb-logs.media.net/ 35 B
194 B 91ms
22ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pb-logs.media.net/log?logid=kfk&evtid=prebid_analytics_events_client&requrl=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&dn=gizmodo.com&ref=&screen=1600x1200&cid=8CU74RYRS&lper=1&plper=&gdpr=0&ajx=1&pbv=v4.43.4&pbav=1.0.0&flt=1&supcrid=dfp-ad-1&tmax=1000&ismn=1&vplcmtt=&sts=0&ets=NaN&tts=731&aucstatus=inProgress&acid=0b806690-162b-47a2-bd4e-04713df390e2&flrdata=ln%3D%7C%7Cskp%3D%7C%7Cenfj%3D%7C%7Cenfd%3D%7C%7Csr%3D%7C%7Cfs%3D&lgtp=AP&adid=&pvnm=-2&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=1&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=medianet&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=296855687&pubcrid=296855687&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=onemobile&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=onemobile&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=onemobile&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=onemobile&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=ix&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=5109af496a6daa&pvnm=ias&src=client&ogbdp=0.01&bdp=0.01&cbdp=0.00&dfpbd=0.00&szs=728x90%7C970x90%7C970x250&size=100x200&mtype=banner&dId=42&curr=USD&rests=177&status=1&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=openx&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=triplelift&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=pubmatic&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=resetdigital&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=trustx&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=3&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=rubicon&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=appnexus&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=criteo&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&targ=%7B%7D
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:10 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 10 Dec 2021 15:52:10 GMT

GET
H2 200 proxima_nova_cond_reg-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ Frame F79A 27 KB
28 KB 7ms
6ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_reg-webfont.woff2?08252015

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/stylesheets/discussion-b30c112549a9cc17f2b0e2bee0fa791b.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8fe5f0c4bdaf3e031a6172679193e88d3a24c7deb6e3c7e2b2a477061cc1ad81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://x.kinja-static.com/
Origin: https://gizmodo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 40
x-cache: HIT
content-length: 28044
x-amz-id-2: nzV+Sw0GzQL2bWkH4P+jVdu+aDNlQjboRsOB18cPCf0iv+gkiJKvJf9+F0BxlNeeopAJiFBkrRg=
x-served-by: cache-hhn4072-HHN
last-modified: Tue, 23 Nov 2021 22:02:48 GMT
server: AmazonS3
x-timer: S1639151531.524086,VS0,VE0
etag: "94cbaf403b2922fd6858c812dae091fb"
x-amz-request-id: G2MH1FC7QMPBYW1Z
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: binary/octet-stream
x-cache-hits: 2

GET
H2 200 vendor.e103276705f837fe133f.en-US.js Show response
x.kinja-static.com/assets/packaged-js/ Frame F79A 727 KB
219 KB 36ms
36ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/packaged-js/vendor.e103276705f837fe133f.en-US.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/embed/comments/magma/1848156630?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a5b688c596b4cf05bdf4d51eb8138ab1d459ebf30a0547820185cd82bc5fc858

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
via: 1.1 varnish
x-cache: HIT
content-length: 224341
x-amz-id-2: dBx1yYTNerZ1iJWKNAv32Uwuk+oSNTJPge1Xvaih+CVWwtGXQTUk5nku13r/SgDQ9R6lXylQp1w=
x-served-by: cache-cdg20737-CDG
last-modified: Thu, 09 Dec 2021 19:05:57 GMT
server: AmazonS3
x-timer: S1639151531.540402,VS0,VE1
etag: "24bc78f6ba1dfa155af8d164b90666ca"
vary: Accept-Encoding
x-amz-request-id: BMHEMSFK3PCQ44MB
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 Discussion.6df024f4879a08c1d22d.en-US.js Show response
x.kinja-static.com/assets/packaged-js/ Frame F79A 313 KB
75 KB 36ms
36ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/packaged-js/Discussion.6df024f4879a08c1d22d.en-US.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/embed/comments/magma/1848156630?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

face442a4faa1f025a97277b2928a1cfb37f572c67fd3ca6e106b1c7010bcfc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
via: 1.1 varnish
x-cache: HIT
content-length: 76469
x-amz-id-2: ttSI9largoGbRYKdfehMW7TanNg7NvPT8/81gyd33jKFqQLgTznXTlTT9Hm92JOEfsnEBgSAWZI=
x-served-by: cache-cdg20737-CDG
last-modified: Thu, 09 Dec 2021 19:05:56 GMT
server: AmazonS3
x-timer: S1639151531.540730,VS0,VE1
etag: "93faaf06103b19eefa4af9cddfa53d31"
vary: Accept-Encoding
x-amz-request-id: SW5HZTRBG7PEKRTB
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 log
pb-logs.media.net/ 35 B
194 B 74ms
24ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pb-logs.media.net/log?logid=kfk&evtid=prebid_analytics_events_client&requrl=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&dn=gizmodo.com&ref=&screen=1600x1200&cid=8CU74RYRS&lper=1&plper=&gdpr=0&ajx=1&pbv=v4.43.4&pbav=1.0.0&flt=1&supcrid=dfp-ad-1&tmax=1000&ismn=1&vplcmtt=&sts=0&ets=749&tts=731&aucstatus=completed&acid=0b806690-162b-47a2-bd4e-04713df390e2&flrdata=ln%3D%7C%7Cskp%3D%7C%7Cenfj%3D%7C%7Cenfd%3D%7C%7Csr%3D%7C%7Cfs%3D&lgtp=PR&adid=&pvnm=-2&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=1&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=medianet&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=296855687&pubcrid=296855687&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=onemobile&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=onemobile&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=onemobile&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=onemobile&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=ix&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=5109af496a6daa&pvnm=ias&src=client&ogbdp=0.01&bdp=0.01&cbdp=0.00&dfpbd=0.00&szs=728x90%7C970x90%7C970x250&size=100x200&mtype=banner&dId=42&curr=USD&rests=177&status=1&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=openx&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=triplelift&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=pubmatic&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=resetdigital&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=trustx&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=rubicon&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=appnexus&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&adid=&pvnm=criteo&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90%7C970x90%7C970x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&targ=%7B%7D
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:10 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 10 Dec 2021 15:52:10 GMT

GET
H2 200 rtbsspub
cdn-geuw1-xch.media.net/AdExchange/ 14 KB
2 KB 33ms
33ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-geuw1-xch.media.net/AdExchange/rtbsspub?&prvReqId=50038958025653641639151530509&gdpr=1&gdprconsent=0&gdprstring=CPQ-t_-PQ-t_-AGABCENB5CgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&cid=8CUL2TG3D&itype=HB&ptrid=8PRL4E7N3&sd=-1&requestString=395631964*23%7C300x250%7C1722916%7C18816267%7C%7C%7C1%40395631964*29%7C300x250%7C12156%7C317126_1626150_15%7C%7C%7C1%40395631964*106%7C300x250%7C541006788%7C541006794%7C%7C%7C1%40395631964*145%7C300x250%7C100600%7C499196%7C0.4%7C%7C1%40395631964*172%7C300x250%7C8CUL2TG3D%7C18685545%7C0.33%7C%7C1%40395631964*175%7C300x250%7C8CUL2TG3D%7C395631964_8CUL2TG3D%7C0.43%7C%7C1%40395631964*201%7C300x250%7C8CUL2TG3D%7C395631964_8CUL2TG3D%7C0.37%7C%7C1%40395631964*203%7C300x250%7C8CUL2TG3D%7C395631964_8CUL2TG3D%7C0.27%7C%7C1%40395631964*222%7C300x250%7C8CUL2TG3D%7C395631964_8CUL2TG3D%7C0.37%7C%7C1%40395631964*236%7C300x250%7C159463%7C2927740_715385%7C0.33%7C%7C1%40395631964*246%7C300x250%7C8CUL2TG3D%7C395631964_8CUL2TG3D%7C%7C%7C1%40395631964*251%7C300x250%7C8CUL2TG3D%7C395631964_8CUL2TG3D%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.6576795736702246&tscode=1&crid=395631964&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fgizmodo.com&https=1&requrl=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=7656&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&taginfo=%7B%22395631964%22%3A%7B%22supply_tag_id%22%3A%22dfp-ad-8%22%2C%22xps%22%3A1244.7265625%2C%22yps%22%3A896.5%7D%7D&encryptionVersion=0.0
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 36be9093978468f447c37765f1bc3196580e20d8a230b316b46245fe2ae05c8d

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://gizmodo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Fri, 10 Dec 2021 15:52:10 GMT

GET
H2 200 proxima_nova_cond_sbold-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ Frame F79A 27 KB
28 KB 8ms
7ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_sbold-webfont.woff2?08252015

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/stylesheets/discussion-b30c112549a9cc17f2b0e2bee0fa791b.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

63125723c148b0c5391dea8c827d96958a6706a542f8b45822904aaefe10c4ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://x.kinja-static.com/
Origin: https://gizmodo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 89
x-cache: HIT
content-length: 28136
x-amz-id-2: nJXlRnT4eA5amGHrGqbHJ72VdpQvwOtaovVSGwjeeSVy2Yynkv+O4m4rziF8z2npyTLx+xkTlos=
x-served-by: cache-hhn4072-HHN
last-modified: Mon, 06 Dec 2021 21:59:10 GMT
server: AmazonS3
x-timer: S1639151531.550191,VS0,VE0
etag: "7ac1e4b7ab03f256e831e00e3b5618a6"
x-amz-request-id: KT4K0GNSBSWRM1HD
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: binary/octet-stream
x-cache-hits: 2

GET
H2 200 scroll.iframe.4d0566cd.min.js Show response
static.scroll.com/js/scrolljsmin/scrolljs-20211104.1557/ Frame F79A 28 KB
8 KB 9ms
7ms Script
application/javascript 199.232.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scroll.com/js/scrolljsmin/scrolljs-20211104.1557/scroll.iframe.4d0566cd.min.js
Requested by: Host: static.scroll.com
URL: https://static.scroll.com/js/scroll.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0731e7c0437436d1bee80540e1b0327b60f1182a5557e92a7338af2bee44dafa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: gzip
age: 47511
x-guploader-uploadid: ADPycdtFBoqr3ravtKDv-1OpdjYFzRQCJn4iYx7LrUU5ap2vtROrR2xsrJxO9NZMH1QqbpWH9NCRhtDi0ajBAIJ9iku7pKO9bA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 8142
x-served-by: cache-hhn4069-HHN
last-modified: Thu, 04 Nov 2021 16:00:02 GMT
server: UploadServer
x-timer: S1639151531.554600,VS0,VE0
etag: "d3d38f4c7426524e6408983b01a2e5b7"
vary: Origin
x-goog-hash: crc32c=tYPsjw==, md5=09OPTHQmUk5kCJg7AaLltw==
x-goog-generation: 1636041602894361
via: 1.1 varnish
expires: Fri, 10 Dec 2021 02:40:14 GMT
cache-control: public, max-age=0, s-maxage=86400
access-control-allow-credentials: true
x-goog-stored-content-length: 8142
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 767

GET
H2 200 abd67d433048ffa31b3bdf78619a2f58.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_180,q_80,w_320/ 8 KB
9 KB 17ms
16ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_180,q_80,w_320/abd67d433048ffa31b3bdf78619a2f58.jpg
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a66dcf8433fe1ed25a24a1a9bd35dfc3a264f007fdf7851af0a688f22528ccb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: AFKsW4qsgKBGZm4I0wOoIYG2ISRbN7ci
via: 1.1 varnish, 1.1 varnish
etag: "dk55Yh3yRSYJ1bPt7BIF6Uu8WrN6KHr15eHsImkqJK8"
age: 851236
x-cache: HIT, HIT
fastly-io-info: ifsz=351942 idim=1920x1080 ifmt=jpeg ofsz=8642 odim=320x180 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 8642
x-amz-id-2: lqoFEEddOjth4NUpKfyXbRC2Y8zxCTCxC/OJKAaLyCkOLZ7AQ3YMK6hkzQwRtemiN9ne/FQrcHs=
x-served-by: cache-bwi5140-BWI, cache-cdg20737-CDG
server: AmazonS3
x-timer: S1639151531.598316,VS0,VE0
date: Fri, 10 Dec 2021 15:52:10 GMT
vary: Accept
x-amz-request-id: GKXN5AYHCK7D4486
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=180&quality=80&width=320
accept-ranges: bytes
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 30

GET
H2 200 c89c5d15419ef6d39120eb42fb307b2d.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_180,q_80,w_320/ 7 KB
8 KB 17ms
17ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_180,q_80,w_320/c89c5d15419ef6d39120eb42fb307b2d.jpg
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6191d437e27df2b9eafa1f1d96b6434e4624a985a5f9940daf7a4951ee7fc4de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: b.xXEdF_9mevpJEdKYy_gpdCS9IjI16O
via: 1.1 varnish, 1.1 varnish
etag: "U+3TTtw+BIkKPzwLjfWufbKJ1/rjimkD47c4qyJ3SaY"
age: 851274
x-cache: HIT, HIT
fastly-io-info: ifsz=150537 idim=1600x900 ifmt=jpeg ofsz=7616 odim=320x180 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 7616
x-amz-id-2: uiqmXiZ87qF17Wr4QKMLvxhqi4aQqQrW/IeUfkzBmzH6cRmiehwoPzL4iwsLba/cC98aRC9XZC4=
x-served-by: cache-bwi5125-BWI, cache-cdg20737-CDG
server: AmazonS3
x-timer: S1639151531.598495,VS0,VE0
date: Fri, 10 Dec 2021 15:52:10 GMT
vary: Accept
x-amz-request-id: 9Y1W3995NSY4NRYK
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=180&quality=80&width=320
accept-ranges: bytes
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 29

GET
H2 200 92ce640d219602e6153979575efb4bff.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_180,q_80,w_320/ 43 KB
44 KB 18ms
17ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_180,q_80,w_320/92ce640d219602e6153979575efb4bff.png
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6726f99678f79a000d10c7ec36e1349e232df1ab288f59e402a5ada574fa9d13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 0klo3Cvjp3jEQB9yeSZv5A6Yta3U5agC
via: 1.1 varnish, 1.1 varnish
etag: "yn0PifR/gg1enurjf/a3BOTahPl7uApcdg+JbbKrIM0"
age: 870752
x-cache: HIT, HIT
fastly-io-info: ifsz=1000045 idim=1688x950 ifmt=png ofsz=44420 odim=320x180 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 44420
x-amz-id-2: HQaskyQpzCfhkvN4X1CRgdnJbksPRVeRvt6xUo7jB5NQQ+s3AiN+wo79L89mz6Htmq81yN0F4zY=
x-served-by: cache-bwi5173-BWI, cache-cdg20737-CDG
server: AmazonS3
x-timer: S1639151531.598633,VS0,VE0
date: Fri, 10 Dec 2021 15:52:10 GMT
vary: Accept
x-amz-request-id: CNDR0ZJDV6KA2FW1
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=180&quality=80&width=320
accept-ranges: bytes
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 28

OPTIONS
H2 200 /
events.release.narrativ.com/api/v0/publishers/1123/impressions/page_impression/ Frame 0
0 318ms
104ms Preflight
text/html 52.201.92.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.release.narrativ.com/api/v0/publishers/1123/impressions/page_impression/?uid_bam=1760025554207691639

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.92.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-92-233.compute-1.amazonaws.com

Software

nginx/1.20.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: accept,content-type,x-bam-params
Origin: https://gizmodo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
content-type: text/html; charset=utf-8
content-length: 0
server: nginx/1.20.1
x-bam-env: release
x-bam-build-version: 6c4d334aca258b9ed025afe7cb1b93017f9afd0d
allow: OPTIONS, POST
access-control-allow-origin: https://gizmodo.com
access-control-allow-headers: accept, content-type, x-bam-params
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
vary: Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-robots-tag: none

POST
H2 201 / Show response
events.release.narrativ.com/api/v0/publishers/1123/impressions/page_impression/ 2 B
458 B 105ms
105ms XHR
application/json 52.201.92.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.release.narrativ.com/api/v0/publishers/1123/impressions/page_impression/?uid_bam=1760025554207691639

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.92.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-92-233.compute-1.amazonaws.com

Software

nginx/1.20.1 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: {"uid_bam":"1760025554207691639","BAMX_Opt_Out":""}
Referer: https://gizmodo.com/
X-BAM-Params: {"uid_bam":"1760025554207691639","BAMX_Opt_Out":""}
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

x-bam-build-version: 6c4d334aca258b9ed025afe7cb1b93017f9afd0d
date: Fri, 10 Dec 2021 15:52:10 GMT
server: nginx/1.20.1
x-bam-env: release
vary: Origin
content-type: application/json
access-control-allow-origin: https://gizmodo.com
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-robots-tag: none
content-length: 2

GET
H2 200 rtbsspub
cdn-geuw1-xch.media.net/AdExchange/ 2 KB
1 KB 30ms
30ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-geuw1-xch.media.net/AdExchange/rtbsspub?&prvReqId=87261318260548121639151530601&gdpr=1&gdprconsent=0&gdprstring=CPQ-t_-PQ-t_-AGABCENB5CgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&cid=8CUL2TG3D&itype=HB&ptrid=8PRL4E7N3&sd=-1&requestString=395631964*97%7C300x250%7C8CUL2TG3D%7C395631964_8CUL2TG3D%7C0.54%7C%7C1&bl=1&hlt=1&ndec=1&region=eu&rt=5&tr=0.21321987523189678&tscode=1&crid=395631964&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fgizmodo.com&https=1&requrl=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=7656&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&taginfo=%7B%22395631964%22%3A%7B%22supply_tag_id%22%3A%22dfp-ad-8%22%2C%22xps%22%3A1244.7265625%2C%22yps%22%3A896.5%7D%7D&encryptionVersion=0.0
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f66efff9866e3135a9356c85a24cae6028f1ab6d143c4be6e49eb47950b828e2

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://gizmodo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
content-length: 872
expires: Fri, 10 Dec 2021 15:52:10 GMT

GET
H2 200 c Show response
ids.cdnwidget.com/ 31 B
197 B 151ms
125ms XHR
application/json 34.107.191.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=6ed4a80763b4eebee0e3b93059d03bf4&SCH1=5495ee95cb45f22614c35bc2287b6316&GCS1=143020108&GCS2=ZjUxZmMxNGYtNGYwYS00NzA0LTlkMjEtNzhhNGY1OTdjZDJhLmxvY2Fs&pe=false&wsid=3589&varID=0123&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Afalse%2C%22pixEN%22%3Afalse%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A3589%2C%22loadID%22%3A%220GJbTgCvByCprQv%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A14%2C%22IDStageStart%22%3A14%2C%22netComplete%22%3A232%2C%22obsReqview%22%3A450%2C%22obsReqpage%22%3A604%2C%22obsReqdata%22%3A606%2C%22IDStagePrefire%22%3A606%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Atrue%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A0%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%7D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.191.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.191.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://gizmodo.com
date: Fri, 10 Dec 2021 15:52:10 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
H2 200 Discussions.93567dfee59628996ac7.en-US.js Show response
x.kinja-static.com/assets/packaged-js/ Frame F79A 2 MB
380 KB 18ms
18ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/packaged-js/Discussions.93567dfee59628996ac7.en-US.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/embed/comments/magma/1848156630?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c2361ee0cee034b7d83bd51e70ecb861d22d16fc79776b9bf8b8306004cddf66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
via: 1.1 varnish
x-cache: HIT
content-length: 388260
x-amz-id-2: y6O+MzUPUmzsVjLxqTDTLyS9N2aWTc310x342A6QimbBnfsFOegGhzuMpBUKn1qB1z8kjxsKFKQ=
x-served-by: cache-cdg20737-CDG
last-modified: Wed, 08 Dec 2021 19:29:17 GMT
server: AmazonS3
x-timer: S1639151531.705243,VS0,VE1
etag: "7ccc3c7b962c3eba06e179a9af40989d"
vary: Accept-Encoding
x-amz-request-id: ZAFNW5MP0Z5G1SWF
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

POST
H2 200 beacon Show response
gizmodo.com/api/kala/stats/ Frame F79A 49 B
532 B 99ms
98ms Fetch
application/json 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/api/kala/stats/beacon?pageType=other

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/packaged-js/Discussion.6df024f4879a08c1d22d.en-US.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

05fddbe5beb38d7f2552ee3374eae0ae8ee2d4c32ea632d20bdeaef35a26157d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gizmodo.com/embed/comments/magma/1848156630?
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-ua-device: desktop
x-kinja: kinja-kala-kube01-554b49db77-fm5qr #68
x-cdn-fetch: mantle-default
content-length: 73
x-xss-protection: 1; mode=block
x-served-by: cache-bwi5136-BWI, cache-cdg20737-CDG
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1639151531.727966,VS0,VE82
x-frame-options: DENY
date: Fri, 10 Dec 2021 15:52:10 GMT
vary: Accept-Encoding,Origin, Authorization, X-Valid-Scroll-User
content-type: application/json
access-control-allow-origin: https://gizmodo.com
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=658739742&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&ul=en-us&de=UTF-8&dt=Someone%20Is%20Running%20Hundreds%20of%20Malicious%20Servers%20on%20Tor%20Network&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=Video%20Load&el=kinjavideo-189964&_u=aGDACEABBAQCAC~&jid=1860972780&gjid=22142175&cid=274705393.1639151530&tid=UA-142218-33&_gid=972793312.1639151530&_r=1&cd39=none&cd40=none&cd42=189964&cd50=7.6.0&cd83=article&cd101=gizmodo&cd105=Gizmodo&cd111=0&cd16=article&cd22=none&cd41=clip&cd44=91-95&cd45=How%20to%20Remove%20Twitter%20Followers&cd62=none&cd63=gizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&cd65=0&cd89=none&cd120=gizmodo&cd121=outstream&cd122=none&cd129=Kinja&z=1925573785

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gizmodo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=658739742&t=event&_s=2&dl=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&ul=en-us&de=UTF-8&dt=Someone%20Is%20Running%20Hundreds%20of%20Malicious%20Servers%20on%20Tor%20Network&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=Video%20Content%20Initiation&el=kinjavideo-189964&_u=aGDACEABBAQCAC~&jid=&gjid=&cid=274705393.1639151530&tid=UA-142218-33&_gid=972793312.1639151530&cd39=none&cd40=none&cd42=189964&cd50=7.6.0&cd83=article&cd101=gizmodo&cd105=Gizmodo&cd111=0&cd16=article&cd22=none&cd41=clip&cd44=91-95&cd45=How%20to%20Remove%20Twitter%20Followers&cd62=none&cd63=gizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&cd65=0&cd89=none&cd120=gizmodo&cd121=outstream&cd122=none&cd129=Kinja&z=452617860

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 12:24:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12451
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 189964_240p-2.ts Show response
kinja-otfp.global.ssl.fastly.net/189964/ 194 KB
195 KB 11ms
10ms XHR
video/mp2t 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja-otfp.global.ssl.fastly.net/189964/189964_240p-2.ts

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

otfp /

Resource Hash

639abd6e4a4662ac73fe2dad3e6d5dcd069f13170e103ebdf69dea480540bff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 15:52:10 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 113344
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 198904
X-Served-By: cache-bwi5177-BWI, cache-hhn4073-HHN
X-Fastly-Otfp-Info: ss=6.000 sl=6.000 vl=94.800 rs=424x240
Server: otfp
X-Timer: S1639151531.744106,VS0,VE1
Etag: "mQfOB6h006Fnr32P7fMWozfuyYAGSk__q9sN1sikNE5Y8q-9lL2xw_qrzh2tFFauWccAHEV09GKt9SUmo6mEyl2JUQ"
Strict-Transport-Security: max-age=300
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Fastly-Stats: otfp=1
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H2 200 classification Show response
pogo.ccgateway.net/v1/p/968ce6abb2/ 331 B
381 B 134ms
105ms XHR
application/json 52.91.215.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pogo.ccgateway.net/v1/p/968ce6abb2/classification?url=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.91.215.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-91-215-149.compute-1.amazonaws.com
Software: /
Resource Hash: 15328a8f75718018364cb5a7c7dd8f85940c9282675a908e0a92acb273634149

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://gizmodo.com
date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
content-type: application/json

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 45ms
20ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-142218-33&cid=274705393.1639151530&jid=1860972780&gjid=22142175&_gid=972793312.1639151530&_u=aGDACEABBAQCAC~&z=911795123

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 10 Dec 2021 15:52:10 GMT
content-type: text/plain
access-control-allow-origin: https://gizmodo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
100 B 143ms
116ms Image
image/png 34.102.193.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=Country%2520not%2520allowed&cookieID=&deviceID=&BXWID=3589&warpspeed=2%5EHIykD&loadID=0GJbTgCvByCprQv&version=1.5.9
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.193.48 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 48.193.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H2 200 1848156630 Show response
gizmodo.com/ajax/comments/views/replies/ Frame F79A 100 KB
8 KB 142ms
142ms XHR
application/json 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/ajax/comments/views/replies/1848156630?startIndex=0&maxReturned=5&maxChildren=4&approvedOnly=true&cache=true&sorting=top

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/packaged-js/vendor.e103276705f837fe133f.en-US.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

571ea16b485833e133b0b5300729e6176d5b87e5a98b1e70c21246be6497626a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://gizmodo.com/embed/comments/magma/1848156630?
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-kinja-build: 3058
x-kinja-server: kinja-mantle-kube02-f7cf8844b-7s6k7
x-cache: MISS, MISS
x-ua-device: desktop
x-kinja: kinja-mantle-kube02-f7cf8844b-7s6k7 #3058
x-cdn-fetch: mantle-origin-cache
content-length: 7725
x-use-mantle: yes
x-served-by: cache-bwi5173-BWI, cache-cdg20737-CDG
x-timer: S1639151531.870248,VS0,VE123
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, X-Feature-Hash, Authorization, X-Valid-Scroll-User, X-Use-Mantle
content-type: application/json
via: 1.1 varnish, 1.1 varnish
x-xss-protection: 1; mode=block
cache-control: stale-if-error=86400, stale-while-revalidate=300
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-kinja-revision: ce7354101d524aace14dcccbdcffe239448b6836
x-cache-hits: 0, 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 48ms
30ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-142218-33&cid=274705393.1639151530&jid=1860972780&_u=aGDACEABBAQCAC~&z=308777291

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 48ms
31ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-142218-33&cid=274705393.1639151530&jid=1860972780&_u=aGDACEABBAQCAC~&z=308777291

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 863a2c8f-3daa-490f-983c-2cd14406f974
https://gizmodo.com/ Frame F79A 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gizmodo.com/863a2c8f-3daa-490f-983c-2cd14406f974
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/embed/comments/magma/1848156630?
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 accountwithtoken Show response
kinja.com/api/profile/ 211 B
963 B 99ms
99ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja.com/api/profile/accountwithtoken?jsonp=jsonp_1639151530918_7304

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6f03b1683cb3011ae2376a57d5c2264018c31866e480036143d44ae0624b1d57

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cache: MISS, MISS
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-ua-device: desktop
x-cdn-fetch: mantle-setcookie
content-length: 207
x-xss-protection: 1; mode=block
x-served-by: cache-bwi5182-BWI, cache-cdg20737-CDG
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1639151531.927657,VS0,VE83
x-frame-options: DENY
date: Fri, 10 Dec 2021 15:52:11 GMT
vary: Accept-Encoding,Origin
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache, no-store, private
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 61ms
25ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.648c9f1b18132a1dccd7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:10 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Dec 2021 15:52:10 GMT

GET
H/1.1 200
OK 189964_240p-3.ts Show response
kinja-otfp.global.ssl.fastly.net/189964/ 188 KB
189 KB 8ms
8ms XHR
video/mp2t 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja-otfp.global.ssl.fastly.net/189964/189964_240p-3.ts

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

otfp /

Resource Hash

d6a6971938b06deb3cbb0d3486bc8803a26499af4579000c088808ca71aafff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 15:52:10 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 103158
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 192888
X-Served-By: cache-bwi5170-BWI, cache-hhn4073-HHN
X-Fastly-Otfp-Info: ss=12.000 sl=6.000 vl=94.800 rs=424x240
Server: otfp
X-Timer: S1639151531.940665,VS0,VE1
Etag: "E95ChABD9X8IxuG4_DSEYBSrOpjjvLnO9zHWnWGusgM652SxVk0RMXpSHfGkdsQQq3uFoGYvx7_V2LM6P8YOD43zTg"
Strict-Transport-Security: max-age=300
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Fastly-Stats: otfp=1
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=658739742&t=event&ni=1&_s=3&dl=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&ul=en-us&de=UTF-8&dt=Someone%20Is%20Running%20Hundreds%20of%20Malicious%20Servers%20on%20Tor%20Network&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=Video%20Content%20Start&el=kinjavideo-189964&_u=aGDACEABBAQCAC~&jid=&gjid=&cid=274705393.1639151530&tid=UA-142218-33&_gid=972793312.1639151530&cd39=none&cd40=none&cd42=189964&cd50=7.6.0&cd83=article&cd101=gizmodo&cd105=Gizmodo&cd111=0&cd16=article&cd22=none&cd41=clip&cd44=91-95&cd45=How%20to%20Remove%20Twitter%20Followers&cd62=none&cd63=gizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&cd65=0&cd89=none&cd120=gizmodo&cd121=outstream&cd122=Autoplay&cd129=Kinja&z=1221977573

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 12:24:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12451
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 189964_240p-4.ts Show response
kinja-otfp.global.ssl.fastly.net/189964/ 306 KB
306 KB 12ms
11ms XHR
video/mp2t 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja-otfp.global.ssl.fastly.net/189964/189964_240p-4.ts

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

otfp /

Resource Hash

0919d556e4185f2d20e161adad4e06ec7747a477d7a001c1bd89b74133c31221

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 15:52:10 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 103158
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 313208
X-Served-By: cache-bwi5166-BWI, cache-hhn4073-HHN
X-Fastly-Otfp-Info: ss=18.000 sl=6.000 vl=94.800 rs=424x240
Server: otfp
X-Timer: S1639151531.976493,VS0,VE1
Etag: "DOo1-avefVpqXJie2rtj6o2qhvZXVjRnnPdsgbOTmzNG-_KpAvYqwLX_Y6dkzkStaRzhmLxhzU0A72E8d-C3MlKeCA"
Strict-Transport-Security: max-age=300
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Fastly-Stats: otfp=1
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 58ms
25ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:11 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Dec 2021 15:52:11 GMT

GET
H2 200 4.34ca862590d65c3d4596.en-US.js Show response
x.kinja-static.com/assets/packaged-js/ Frame F79A 3 KB
2 KB 189ms
188ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/packaged-js/4.34ca862590d65c3d4596.en-US.js

Requested by

Host: gizmodo.com
URL: https://gizmodo.com/embed/comments/magma/1848156630?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

86c164bd25fcf7375ad0519015f00467993538a2d175f96a77e747ba05cc4f53

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
via: 1.1 varnish
x-cache: HIT
content-length: 1583
x-amz-id-2: A3by6rlutLAxJ8nPuBsL/RquObEMnTzsAZVZZrXPaJpTynWA7YXToRBWQAhDzV7Y5T0uD+3+YmY=
x-served-by: cache-cdg20737-CDG
last-modified: Wed, 08 Dec 2021 19:29:16 GMT
server: AmazonS3
x-timer: S1639151531.027273,VS0,VE173
etag: "4aa67f886fb8a57b3163fac5b82ac6e6"
vary: Accept-Encoding
x-amz-request-id: Z4BFNJJG4FB4899K
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 adjnvq5glc8fn9cdawnz.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ Frame F79A 1 KB
2 KB 18ms
16ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/adjnvq5glc8fn9cdawnz.jpg
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 363e92fb521ccace0989ad7463b061190cd3da966664f8da925dab4b1700cbbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: multipartBody4562982339800230899asTemporaryFile
via: 1.1 varnish, 1.1 varnish
etag: "KH97KWlxtL27erjW6IyWl+PT81NrkGvykKTdO0PvLrg"
age: 3742011
accept-ranges: bytes
x-amz-meta-cld-version: 1457029644
x-cache: HIT, HIT
fastly-io-info: ifsz=382357 idim=1666x1111 ifmt=jpeg ofsz=1440 odim=80x80 ofmt=webp
x-amz-storage-class: STANDARD_IA
fastly-stats: io=1
x-amz-request-id: JH99JBBXYEW5603B
x-amz-id-2: yRfpfHUNqHTkTXq7dCl+6THScZgtfSt8/f1zQDjm18O2tDu3UAXc+f1C0jTyx6+1wG4io76vSXs=
x-served-by: cache-bwi5182-BWI, cache-cdg20737-CDG
x-amz-meta-cld-transformation-id: 10000011314925
server: AmazonS3
x-timer: S1639151531.089012,VS0,VE1
date: Fri, 10 Dec 2021 15:52:11 GMT
vary: Accept
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=80&quality=80&width=80
content-length: 1440
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 dj6znjyaqgjzlymot8bj.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ Frame F79A 1 KB
2 KB 23ms
21ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/dj6znjyaqgjzlymot8bj.jpg
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89492bc654b39cdbf1069ab17693e870c5a388f5ed8bee7651ef1e83acba7129

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: multipartBody4836309109612578237asTemporaryFile
via: 1.1 varnish, 1.1 varnish
etag: "AIgyDLKNyJvwc8B6aW1PzYT+7+WynnfyE7efSkuoMVk"
age: 282755
accept-ranges: bytes
x-amz-meta-cld-version: 1409287217
x-cache: HIT, HIT
fastly-io-info: ifsz=26929 idim=346x225 ifmt=jpeg ofsz=1512 odim=80x80 ofmt=webp
fastly-stats: io=1
x-amz-request-id: ZSY8QJ8ERQ1RTNVA
x-amz-id-2: m6mFZ4tZBwnQrprJ8uIOCR46g9oXIeQJdnbSzZFwvMgDTCvKce1fTMD2eiPjcBhJnnITKPYxTTI=
x-served-by: cache-bwi5139-BWI, cache-cdg20737-CDG
x-amz-meta-cld-transformation-id: 10000011314925
server: AmazonS3
x-timer: S1639151531.089361,VS0,VE1
date: Fri, 10 Dec 2021 15:52:11 GMT
vary: Accept
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=80&quality=80&width=80
content-length: 1512
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 lc8dwop9x7cp7ud4bvhn.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ Frame F79A 11 KB
11 KB 22ms
21ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/lc8dwop9x7cp7ud4bvhn.png
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e29a36953d293c7d4dfd4164955400e06f6873f7bdd834a496a167117a0b2a9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: multipartBody6916416406597183655asTemporaryFile
via: 1.1 varnish, 1.1 varnish
etag: "B5sUCNduSQfV/S9ouYm6n+yEEPboByDkba5CiFC2Ajw"
age: 294105
accept-ranges: bytes
x-amz-meta-cld-version: 1484718177
x-cache: HIT, HIT
fastly-io-info: ifsz=1872002 idim=1024x1024 ifmt=png ofsz=11012 odim=80x80 ofmt=webp
x-amz-storage-class: STANDARD_IA
x-amz-meta-cld-surrogate-key: 525610612297967128704722509594159488133
fastly-stats: io=1
x-amz-request-id: 409C2DMZVXA8RR13
x-amz-id-2: 8txDtQwuF/ExLfNLN2LL0Lv+JSllQ1qq0l2psEMuMW/Cr8ecuBfBBOdgbLZqpIQiwpxgeux4nm0=
x-served-by: cache-bwi5142-BWI, cache-cdg20737-CDG
x-amz-meta-cld-transformation-id: 10000011314925
server: AmazonS3
x-timer: S1639151531.089456,VS0,VE1
date: Fri, 10 Dec 2021 15:52:11 GMT
vary: Accept
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length: 11012
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 cpnp1zj7gybbeolzkeql.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ Frame F79A 1 KB
2 KB 22ms
21ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/cpnp1zj7gybbeolzkeql.jpg
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 76f86edda33c7bf690da932bb292d6126a560327984e3f264f1b9ad9c5cf6898

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: multipartBody5034856898422882805asTemporaryFile
via: 1.1 varnish, 1.1 varnish
etag: "2f4ZTGhSsKRAiC5LEWdXx48wPLTPYCYnhazL4J04oqg"
age: 283400
accept-ranges: bytes
x-amz-meta-cld-version: 1478119766
x-cache: HIT, HIT
fastly-io-info: ifsz=170251 idim=600x890 ifmt=jpeg ofsz=1298 odim=80x80 ofmt=webp
x-amz-storage-class: STANDARD_IA
x-amz-meta-cld-surrogate-key: 289973212880409209824533970841217521789
fastly-stats: io=1
x-amz-request-id: DGXWATHXZZ6C8X8T
x-amz-id-2: xfyevm6DCcucppkz2BfCLVNTAgv/fDfCHSwasIBoLSUTfecJLjdDaw7x0cUfw/9Rgcdjxt+NJIY=
x-served-by: cache-bwi5144-BWI, cache-cdg20737-CDG
x-amz-meta-cld-transformation-id: 10000011314925
server: AmazonS3
x-timer: S1639151531.089584,VS0,VE1
date: Fri, 10 Dec 2021 15:52:11 GMT
vary: Accept
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=80&quality=80&width=80
content-length: 1298
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 rxz9gnfndzmqdn0hid6m.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ Frame F79A 4 KB
5 KB 21ms
21ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/rxz9gnfndzmqdn0hid6m.png
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 773de507078985919ca23a2f6405889d9784fdb9021260a6f1c22a650b0fdbe4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: multipartBody1587634987247336672asTemporaryFile
via: 1.1 varnish, 1.1 varnish
etag: "GXIan1kY8dl6Hys+3xIlkPrfXh7hrNXFN55zoUWXlGs"
age: 1936632
accept-ranges: bytes
x-amz-meta-cld-version: 1450988871
x-cache: HIT, HIT
fastly-io-info: ifsz=26973 idim=284x275 ifmt=png ofsz=4154 odim=80x80 ofmt=webp
fastly-stats: io=1
x-amz-request-id: 7YYQEA3PSC39DRNQ
x-amz-id-2: pSIe/0KKEB4BDbDEPlaDLY4sM9t8oNyD3qnI/fWI5UfspvjsJ1PleE5H8Er0oFB/peXH7i2Og0s=
x-served-by: cache-bwi5132-BWI, cache-cdg20737-CDG
x-amz-meta-cld-transformation-id: 10000011314925
server: AmazonS3
x-timer: S1639151531.089745,VS0,VE2
date: Fri, 10 Dec 2021 15:52:11 GMT
vary: Accept
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=80&quality=80&width=80
content-length: 4154
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 fii8mziht4qquhnvravy.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ Frame F79A 3 KB
3 KB 21ms
20ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/fii8mziht4qquhnvravy.jpg
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 625be2289a2376c83e183e156d49adcc22dfa7a3e491114d7a37074c7a9d829f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: multipartBody1235876908508840028asTemporaryFile
via: 1.1 varnish, 1.1 varnish
etag: "fg0qknkLSE3AFneDND8eM0oK6SwqSu+7LusyigKLU4k"
age: 1490161
accept-ranges: bytes
x-amz-meta-cld-version: 1512805847
x-cache: HIT, HIT
fastly-io-info: ifsz=847660 idim=2048x1365 ifmt=jpeg ofsz=2776 odim=80x80 ofmt=webp
x-amz-storage-class: STANDARD_IA
x-amz-meta-cld-surrogate-key: 438192363948952074274953031332472885763
fastly-stats: io=1
x-amz-request-id: BNT66PT24NFX6MSM
x-amz-id-2: iL95MvVCW2Rhk76xz26sozrTKHwY1OHXi92VhZTOGVafB8Aq/frVtMOKJ2qGTDBUpAJ+PheZnaQ=
x-served-by: cache-bwi5149-BWI, cache-cdg20737-CDG
x-amz-meta-cld-transformation-id: 10000011314925
server: AmazonS3
x-timer: S1639151531.089860,VS0,VE2
date: Fri, 10 Dec 2021 15:52:11 GMT
vary: Accept
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=80&quality=80&width=80
content-length: 2776
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 18v1b7y3gjadnjpg.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ Frame F79A 844 B
1 KB 19ms
18ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/18v1b7y3gjadnjpg.jpg
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53373d18dc4f07bcb2f3aba7fcd64607d414333aa7824c7347961cf4c25332eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: original
via: 1.1 varnish, 1.1 varnish
etag: "v9hHeuAVqCILkGfHilEMcapmLWOBtOIT3u3xjI1jw7s"
age: 1935469
x-amz-meta-cld-version: 1388774992
x-cache: HIT, HIT
fastly-io-info: ifsz=39216 idim=600x600 ifmt=jpeg ofsz=844 odim=80x80 ofmt=webp
fastly-stats: io=1
content-length: 844
x-amz-id-2: zcr0/t7VzrIm26i85NWSJFtTuK697x9vOlOKTx7FUG86criFPxS7g86i5ankDp5Vw6SEg0EyizY=
x-served-by: cache-bwi5142-BWI, cache-cdg20737-CDG
server: AmazonS3
x-timer: S1639151531.108906,VS0,VE1
date: Fri, 10 Dec 2021 15:52:11 GMT
vary: Accept
x-amz-request-id: 7773NNA1XVDHK0PF
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=80&quality=80&width=80
x-amz-version-id: null
accept-ranges: bytes
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 d966lqckt2e4khtv58ys.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ Frame F79A 1 KB
2 KB 18ms
17ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/d966lqckt2e4khtv58ys.jpg
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03457d2d8927fb74742ae2128cac0e0144595624b37b156305486a6c1d94e40a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: multipartBody7105243359099873921asTemporaryFile
via: 1.1 varnish, 1.1 varnish
etag: "ocV7OIZn1yy1oJ8oZ6I9dPe+XEvtDxZqf6VZ0EHGn8w"
age: 1481831
accept-ranges: bytes
x-amz-meta-cld-version: 1519209255
x-cache: HIT, HIT
fastly-io-info: ifsz=4345 idim=100x100 ifmt=jpeg ofsz=1176 odim=80x80 ofmt=webp
x-amz-meta-cld-surrogate-key: 363546411357087230513025807179038362017
fastly-stats: io=1
x-amz-request-id: 8B7GE1FG6YQ28Y98
x-amz-id-2: bGyPzh/RSLvr0cwz4HSJFhd+n76Zz/V7r8elYZpuRew67Ri9cieaiF4vsKAoeFEYMpLQsjUmHLA=
x-served-by: cache-bwi5175-BWI, cache-cdg20737-CDG
x-amz-meta-cld-transformation-id: 10000011314925
server: AmazonS3
x-timer: S1639151531.113812,VS0,VE1
date: Fri, 10 Dec 2021 15:52:11 GMT
vary: Accept
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=80&quality=80&width=80
content-length: 1176
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 pedurpfxq3axonhtlkbf.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ Frame F79A 2 KB
2 KB 19ms
17ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/pedurpfxq3axonhtlkbf.jpg
Requested by: Host: gizmodo.com
URL: https://gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 822dd4fa0dae09fca1dd68ee453cd1b146ace014147d2db83754d54760dae60d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: multipartBody8431177724652149117asTemporaryFile
via: 1.1 varnish, 1.1 varnish
etag: "m3373V/yMuPlOl0vDaOlD+O32PdLJa6mwRKdHly5/DY"
age: 3136923
accept-ranges: bytes
x-amz-meta-cld-version: 1543440358
x-cache: HIT, HIT
fastly-io-info: ifsz=85719 idim=1100x644 ifmt=jpeg ofsz=1698 odim=80x80 ofmt=webp
x-amz-meta-cld-surrogate-key: 474385012330863683626977692330335808691
fastly-stats: io=1
x-amz-request-id: GF1SJ54CY5HR90MQ
x-amz-id-2: mjTkEbZlH1HYjgyQ+JIRnLq8hlCBfclGP6vK68/nzBQGZOzVBprwzrrJrt+ZGrr9ZJDhHYZsXFQ=
x-served-by: cache-bwi5179-BWI, cache-cdg20737-CDG
x-amz-meta-cld-transformation-id: 10000011314925
server: AmazonS3
x-timer: S1639151531.113995,VS0,VE1
date: Fri, 10 Dec 2021 15:52:11 GMT
vary: Accept
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=80&quality=80&width=80
content-length: 1698
content-type: image/webp
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 accountwithtoken Show response
kinja.com/api/profile/ Frame F79A 227 B
947 B 98ms
97ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja.com/api/profile/accountwithtoken?jsonp=jQuery21105566665383339973_1639151530639

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/packaged-js/vendor.e103276705f837fe133f.en-US.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a41d3aec768c530c3e11488e2affac174bf32da33f279d6bc359276fddaffc22

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cache: MISS, MISS
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-ua-device: desktop
x-cdn-fetch: mantle-setcookie
content-length: 220
x-xss-protection: 1; mode=block
x-served-by: cache-bwi5147-BWI, cache-cdg20737-CDG
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1639151531.113622,VS0,VE81
x-frame-options: DENY
date: Fri, 10 Dec 2021 15:52:11 GMT
vary: Accept-Encoding,Origin
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache, no-store, private
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0

GET
H2 200 checksync.php Show response
hbx.media.net/ Frame 6F97 22 KB
8 KB 194ms
194ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/checksync.php?cid=8CUL2TG3D&cs=1&cv=37&hb=1&prvid=108%2C2030%2C175%2C59%2C3%2C201%2C2026%2C96%2C3012%2C203%2C29%2C2027%2C236%2C220%2C147%2C145%2C23%2C2034%2C172%2C3017%2C3016%2C77%2C222%2C106%2C159%2C117%2C97%2C246%2C226%2C251%2C132%2C229%2C141%2C126&vsSync=1&refUrl=&gdpr=1&gdprconsent=0&gdprstring=CPQ-t_-PQ-t_-AGABCENB5CgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&usp_status=0&usp_consent=1&coppa=0

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUL2TG3D&version=5.1&dn=gizmodo.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b11a43de5f6ea17f6954891895fe6cedf5c00afb9c9ac77e46eae6e72565daa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sun, 12 Dec 2021 15:52:11 GMT
date: Fri, 10 Dec 2021 15:52:11 GMT
content-length: 7902

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1641 291 B
590 B 18ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=gizmodo.com&gdpr=1&gdpr_consent=CPQ-t_-PQ-t_-AGABCENB5CgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 380
date: Fri, 10 Dec 2021 15:52:11 GMT
content-length: 321

GET
H/1.1 200
OK 189964_240p-5.ts Show response
kinja-otfp.global.ssl.fastly.net/189964/ 238 KB
239 KB 8ms
8ms XHR
video/mp2t 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja-otfp.global.ssl.fastly.net/189964/189964_240p-5.ts

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

otfp /

Resource Hash

50a3f4ec66ac5a5af162828c1ed815de78b9eb8f1a065a6e63cc77e1da081090

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 15:52:11 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 118875
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 244024
X-Served-By: cache-bwi5146-BWI, cache-hhn4073-HHN
X-Fastly-Otfp-Info: ss=24.000 sl=6.000 vl=94.800 rs=424x240
Server: otfp
X-Timer: S1639151531.115635,VS0,VE1
Etag: "dX0jjm2i5hfyOigKjhkSFalxVykwqcIHnaNJMPFi1o2WJPbxtKKtYTE4rRGyKhvUdCne1gSXy1Hz_DvzGpNGvOq9aw"
Strict-Transport-Security: max-age=300
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Fastly-Stats: otfp=1
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK 189964_240p-6.ts Show response
kinja-otfp.global.ssl.fastly.net/189964/ 206 KB
207 KB 9ms
8ms XHR
video/mp2t 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja-otfp.global.ssl.fastly.net/189964/189964_240p-6.ts

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

otfp /

Resource Hash

5d71957841aa94472a972ee679c553060e5156225d4538c14fc2a978096de160

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 15:52:11 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 108170
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 210936
X-Served-By: cache-bwi5133-BWI, cache-hhn4073-HHN
X-Fastly-Otfp-Info: ss=30.000 sl=6.000 vl=94.800 rs=424x240
Server: otfp
X-Timer: S1639151531.150858,VS0,VE1
Etag: "SArpVXoJpvxQwlbpLTYxPqF2wSJz2Z-XQrPdroEHvU2usSylY-2SDaRUquZw0E3SBZNf-C0o1jkndjEPjPnPRG5QSw"
Strict-Transport-Security: max-age=300
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Fastly-Stats: otfp=1
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H2 200 i.png
trx-hub.com/i/m/ 128 B
444 B 33ms
6ms Image
image/png 13.32.22.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trx-hub.com/i/m/i.png?q=N4IghgLhBOD6BmB7aB3M0AmBLAdgcxAC5gBfAGhAFsBTCMDSMI0iiLS3A48kAV2gA2AZ2Y9IMWGAAOU6jgyiKUsHmqwYYAMbUiAbQC6FTbyERElWDTqKQmgVjkR17HYRAAmAAzuAjAFofdwDPABUfAFZCcPdCQIA6AA5whIAtECUVNTYIAVcQAGVzakQcagACAEkhMoAlXhwcTjKACXqMaGoMasR4MoBZMHtNLEQTMvzqaAA3Se6cMpDkMoA5WhRkAGt0kCwsBTddjB8ANgBmAE4IiNP3JIS8AAt4beoZnCcIAE9ZIh3KKQ6QiEIxw22MpiKcD2vzwRWwYFgngiYHCsDwWAAXpREBhEGC9lIfDC4VgEUjwij8RgpO4YZjsbiQCQgA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-95.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 19:01:53 GMT
via: 1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 04:40:25 GMT
server: AmazonS3
age: 75021
etag: "90eb1bf3b49429bde87a3b5f0b53e6a5"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 128
x-amz-cf-id: a1n8U7bCbGAUwori8DVcnrk5Qk5dharZz8K9YSKt1To_EJhfop3bYQ==

POST id
api.britepool.com/v1/britepool/ 0
0

OPTIONS id
api.britepool.com/v1/britepool/ Frame 0
0

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=

70 B
264 B

32ms
31ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date: Fri, 10 Dec 2021 15:52:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 204
No content push_sync
sofia.trustx.org/ 0
275 B 106ms
105ms Image
text/html 35.211.168.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sofia.trustx.org/push_sync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.211.168.6 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.168.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 15:52:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=themediagrid
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=themediagrid
https://x.bidswitch.net/sync?dsp_id=188&user_id=t12gtO7VRY5FQr5T6Ld6eMIkbBU&user_group=1&ssp=themediagrid

43 B
220 B

9ms
9ms

Image
image/gif

18.193.230.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=188&user_id=t12gtO7VRY5FQr5T6Ld6eMIkbBU&user_group=1&ssp=themediagrid
Protocol: HTTP/1.1
Server: 18.193.230.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-230-138.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 15:52:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/sync?dsp_id=188&user_id=t12gtO7VRY5FQr5T6Ld6eMIkbBU&user_group=1&ssp=themediagrid
Date: Fri, 10 Dec 2021 15:52:13 GMT
Connection: keep-alive
Content-Length: 140
Content-Type: text/html; charset=utf-8

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=161204
https://image8.pubmatic.com/AdServer/ImgSync?p=161204&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0Y0MjJDMkItNUQ5MS00RDc2LTk3QzUtNjUwNzg4RTc2QzYz&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0Y0MjJDMkItNUQ5MS00RDc2LTk3QzUtNjUwNzg4RTc2QzYz&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
219 B

13ms
13ms

Image
text/plain

198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol: H2
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Fri, 10 Dec 2021 15:52:13 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:417
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pd
u.openx.net/w/1.0/ 43 B
131 B 118ms
112ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:13 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cksync.php
cs.media.net/ 44 B
294 B 44ms
36ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:13 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 44
x-mnet-hl2: E
expires: Fri, 10 Dec 2021 15:52:13 GMT

POST
H2 200 beacon Show response
gizmodo.com/api/kala/stats/ Frame F79A 49 B
586 B 102ms
102ms Fetch
application/json 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gizmodo.com/api/kala/stats/beacon?pageType=other

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/packaged-js/Discussion.6df024f4879a08c1d22d.en-US.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

05fddbe5beb38d7f2552ee3374eae0ae8ee2d4c32ea632d20bdeaef35a26157d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gizmodo.com/embed/comments/magma/1848156630?
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-ua-device: desktop
x-kinja: kinja-kala-kube02-85bbbc84c4-gwqr9 #68
x-cdn-fetch: mantle-default
content-length: 73
x-xss-protection: 1; mode=block
x-served-by: cache-bwi5120-BWI, cache-cdg20737-CDG
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1639151534.728800,VS0,VE86
x-frame-options: DENY
date: Fri, 10 Dec 2021 15:52:13 GMT
vary: Accept-Encoding,Origin, Authorization, X-Valid-Scroll-User
content-type: application/json
access-control-allow-origin: https://gizmodo.com
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=658739742&t=event&ni=1&_s=4&dl=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&ul=en-us&de=UTF-8&dt=Someone%20Is%20Running%20Hundreds%20of%20Malicious%20Servers%20on%20Tor%20Network&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=Video%20Content%203s&el=kinjavideo-189964&_u=aGDACEABBAQCAC~&jid=&gjid=&cid=274705393.1639151530&tid=UA-142218-33&_gid=972793312.1639151530&cd39=none&cd40=none&cd42=189964&cd50=7.6.0&cd83=article&cd101=gizmodo&cd105=Gizmodo&cd111=0&cd16=article&cd22=none&cd41=clip&cd44=91-95&cd45=How%20to%20Remove%20Twitter%20Followers&cd62=none&cd63=gizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&cd65=3&cd89=none&cd120=gizmodo&cd121=outstream&cd122=Autoplay&cd129=Kinja&z=1750018304

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 12:24:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12454
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 189964_240p-7.ts Show response
kinja-otfp.global.ssl.fastly.net/189964/ 276 KB
277 KB 10ms
10ms XHR
video/mp2t 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja-otfp.global.ssl.fastly.net/189964/189964_240p-7.ts

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

otfp /

Resource Hash

1733c7e3d32fa5674db51bbca27b287abe2c51633a7be4fc40e30fd730b63be4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 15:52:14 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 121500
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 283128
X-Served-By: cache-bwi5150-BWI, cache-hhn4073-HHN
X-Fastly-Otfp-Info: ss=36.000 sl=6.000 vl=94.800 rs=424x240
Server: otfp
X-Timer: S1639151534.184637,VS0,VE1
Etag: "5hI3p1qpVAknGlvhWK9nA3VL4FZsP1pB1Is17XFS2Jmj0ITRZEI6CFuycALLw2i-yYRUb5d9FhPKigdsDfSpzsHNsA"
Strict-Transport-Security: max-age=300
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Fastly-Stats: otfp=1
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H2 200 bx_suppress
events.bouncex.net/track.gif/ 42 B
257 B 49ms
21ms Image
image/gif 34.117.4.53

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/bx_suppress?reason=iab_cmp&websiteid=3589&source=web&agent=user
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.4.53 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 15:52:14 GMT
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
timing-allow-origin: *
alt-svc: clear
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/gomedia-gizmodo/trc/3/ 7 KB
4 KB 81ms
80ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/gomedia-gizmodo/trc/3/json?tim=15%3A52%3A15.154&lti=deflated&data=%7B%22id%22%3A129%2C%22ii%22%3A%22%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1639045812558%2C%22vi%22%3A1639151535152%2C%22cv%22%3A%2220211209-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CPQ-t_-PQ-t_-AGABCENB5CgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1776%2C%22dh%22%3A13688%2C%22nsid%22%3A%22gomedianetwork%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22organic-rec-reel-1n4-a%3Apub%3Dgomedianetwork%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22cd%22%3A2464.890625%2C%22mw%22%3A590%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630%2CMid%20Article%20Thumbnails%3Dorganic-rec-reel-1n4-a%3Apub%3Dgomedianetwork%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fc9227b19eef996896cf05f28e53aa09e8343550c14d1fced2318bec2345962c

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 73
date: Fri, 10 Dec 2021 15:52:15 GMT
content-encoding: gzip
server: nginx
x-timer: S1639151535.134601,VS0,VE73
x-served-by: cache-hhn4032-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://gizmodo.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 19 KB
6 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a351fd92e5702efce917edb3a5fa5e15b0c2c01b05c72004d183ea3cd0ac8cc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: n7qu5_m2oY3yYk8zx0ISQgopnHkiUO7s
content-encoding: gzip
etag: "103abcd7af0ff73c2bca84d874ada0e2"
age: 2323
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6020
x-amz-id-2: GeZqO0F3NOz0iOI821vgOrpurze73riaxjRievCeZJaww5OvYYab4S9DM5B85HZrq/4Smi3CKCA=
x-served-by: cache-hhn4032-HHN
last-modified: Tue, 30 Nov 2021 12:15:08 GMT
server: AmazonS3
x-timer: S1639151535.225829,VS0,VE0
date: Fri, 10 Dec 2021 15:52:15 GMT
vary: Accept-Encoding
x-amz-request-id: DM4TS8RBC4QR30HB
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 87
x-cache-hits: 1897

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
943 B 8ms
7ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8061c17ad6d7b8805745d8f136437acc8abe498fed1a01cec4d142b55def3c55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 8oi59FmV5lZnBSZug04yEHoBr2VIEPOj
content-encoding: gzip
etag: "44e0fb48ae5c8af459ee8102bcc39ee7"
age: 2323
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 702
x-amz-id-2: YfEo/jNKy9VyzAv0FTU0ShdBG6Mo4oz8bW0wfQ1Y8GKbPYea7tc56se0/ZtAApmrLISWlz6RHhc=
x-served-by: cache-hhn4032-HHN
last-modified: Tue, 30 Nov 2021 12:15:07 GMT
server: AmazonS3
x-timer: S1639151535.225955,VS0,VE0
date: Fri, 10 Dec 2021 15:52:15 GMT
vary: Accept-Encoding
x-amz-request-id: DM4JZ6Z5KTTR7WY0
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 87
x-cache-hits: 1902

GET
H2 200 2e3daf69-37fc-4f06-a647-294eb68bb91d.css
cdn.taboola.com/static/2e/ 652 B
589 B 7ms
7ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/static/2e/2e3daf69-37fc-4f06-a647-294eb68bb91d.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e2aea6c477e64819d01d9fb012341c1455afbf0d4d1dcf4fb673c8edc8e205f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: nbboy6ttUdYKImA5HDlqrAxN_rJtiR4q
content-encoding: gzip
etag: "5b5df2bd324d67bce9d5bc42bd6b1211"
age: 24846
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 316
x-amz-id-2: tzLLSpZv/7V0w+KJ2nvXtIx+6zWHdaK6eyqUmt6RPe65LGUAIy1hYn7Wid6o7LuV6exPXkK3RaQ=
x-served-by: cache-hhn4032-HHN
last-modified: Tue, 28 May 2019 19:30:34 GMT
server: AmazonS3
x-timer: S1639151535.230507,VS0,VE0
date: Fri, 10 Dec 2021 15:52:15 GMT
vary: Accept-Encoding
x-amz-request-id: W5F2180WVD7B27JS
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: text/css
abp: 87
x-cache-hits: 9

GET
H2 200 30162ac7-43c0-425a-acbd-cb2c76076280.css
cdn.taboola.com/static/30/ 661 B
648 B 7ms
7ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/static/30/30162ac7-43c0-425a-acbd-cb2c76076280.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 201060ebf8f83654bfe93cbc4d1256452f4b9888b24c37c03f39428aa1395bcf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: U55SRxV2sS3UDOoccg7mS7Lsn1uGIBlv
content-encoding: gzip
etag: "bd94c76245dc5e6e316109c009621074"
age: 2249
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 324
x-amz-id-2: Q4/WrUBU3VI7DiGnqagi3wcHvVczy2xzlL5LPAJrHyadlOow4Ej2PlJwLda/6cfOn53C5oCUo14=
x-served-by: cache-hhn4032-HHN
last-modified: Thu, 23 May 2019 18:23:27 GMT
server: AmazonS3
x-timer: S1639151535.230602,VS0,VE0
date: Fri, 10 Dec 2021 15:52:15 GMT
vary: Accept-Encoding
x-amz-request-id: 664Y1DH92756218S
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: text/css
abp: 87
x-cache-hits: 4

GET
H2 200 tb Show response
15.taboola.com/ 204 B
469 B 23ms
22ms XHR
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=gomedia-gizmodo&unitType=254&tbloc=&pageType=text&pstn=Mid%20Article%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630&encoded=1&uid=6e701f8a-1556-4361-a89b-7e0e87385ce8-tuct8acfd2f&variant=0|1786174623&callback=TRC.videoTagCallbacks.videoCallback1&cb=1639151535270&tagid=&cntry=DE&platform=1&sesid=151374827c99fa2ab3a9069f329ccbfd&itemid=/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630&viewid=1639151535152&geolat=&geoing=&deviceifa=&appid=&sd=v2_151374827c99fa2ab3a9069f329ccbfd_6e701f8a-1556-4361-a89b-7e0e87385ce8-tuct8acfd2f_1639151535_1639151535_CNawjgYQh61JGLCIrqjaLyABKAEwODib4wlAhooQSICn3QNQp-wQWAFgAGiApKeijMutlDNwAA&ri=82e9c968c70e28c158525d4d9decd855&appname=&cdb=CPQ-t_-PQ-t_-AGABCENB5CgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&gdprApplies=true&rid=&sii=4307501949427938137&oee=true&tpubid=1201799&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=MV&hasGDPRConsent=false&tcfVersion=2&cmpStatus=0&tnetid=1201756&prcnt=&layer=
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~biztoolsPage~channelSectionPage~commerceDashboard~curatedHomepage~errorPage~experim~10911379.364bd4c6e709b32d0a2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 83de9d4d2e6d401d4a527e6ac9480eb29fab56ec73e8b7a3ea884a63ff4082af

Request headers

Referer: https://gizmodo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Dec 2021 15:52:15 GMT
content-encoding: gzip
access-control-allow-origin: https://gizmodo.com
machineid: 1418
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn4032-HHN
pragma: no-cache
server: nginx
x-timer: S1639151535.251143,VS0,VE11
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 userx.20211209-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 17 KB
5 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20211209-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedianetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: gnvPGW_ylDxX5RkfJvFRoqUOE9m1hBRC
content-encoding: gzip
etag: "a078577fcaa0862a2cc3cabff4d37f24"
age: 98
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5339
x-amz-id-2: PiX4Rm+Li60qX6N+SBsZBjgAdWZWyviRHZa46lFFFhNAMci9683cA1jiGYvWip2DtWSR0X8b2NE=
x-served-by: cache-hhn4032-HHN
last-modified: Thu, 09 Dec 2021 10:15:37 GMT
server: AmazonS3
x-timer: S1639151535.251250,VS0,VE0
date: Fri, 10 Dec 2021 15:52:15 GMT
vary: Accept-Encoding
x-amz-request-id: 95W3NY7DS0BKNYQ7
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 87
x-cache-hits: 16

GET
H2 204 social
am-trc-events.taboola.com/gomedia-gizmodo/log/3/ 0
0 62ms
14ms Image
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/gomedia-gizmodo/log/3/social?route=AM:AM:V&tvi2=2623&lti=deflated&ri=82e9c968c70e28c158525d4d9decd855&sd=v2_151374827c99fa2ab3a9069f329ccbfd_6e701f8a-1556-4361-a89b-7e0e87385ce8-tuct8acfd2f_1639151535_1639151535_CNawjgYQh61JGLCIrqjaLyABKAEwODib4wlAhooQSICn3QNQp-wQWAFgAGiApKeijMutlDNwAA&ui=6e701f8a-1556-4361-a89b-7e0e87385ce8-tuct8acfd2f&pi=/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630&wi=4307501949427938137&pt=text&vi=1639151535152&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Someone%20Is%20Running%20Hundreds%20of%20Malicious%20Servers%20on%20the%20Tor%20Network%20and%20Might%20Be%20De-Anonymizing%20Users%22%2C%22sec%22%3A%22tor%22%2C%22aut%22%3A%5B%22Lucas%20Ropek%22%5D%2C%22img%22%3A%22https%3A%2F%2Fi.kinja-img.com%2Fgawker-media%2Fimage%2Fupload%2Fc_fill%2Cf_auto%2Cfl_progressive%2Cg_center%2Ch_675%2Cpg_1%2Cq_80%2Cw_1200%2F792a936cb47c77f21212f115ff53ca5d.png%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=15%3A52%3A15.284&id=1106&llvl=2&cv=20211209-5-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 10 Dec 2021 15:52:15 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET social
am-trc-events.taboola.com/gomedia-gizmodo/log/3/ 0
0

GET
H2 200 proxima_nova_cond_sbold-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ 27 KB
28 KB 11ms
10ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_sbold-webfont.woff2?08252015

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

63125723c148b0c5391dea8c827d96958a6706a542f8b45822904aaefe10c4ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gizmodo.com/
Origin: https://gizmodo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:15 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 93
x-cache: HIT
content-length: 28136
x-amz-id-2: nJXlRnT4eA5amGHrGqbHJ72VdpQvwOtaovVSGwjeeSVy2Yynkv+O4m4rziF8z2npyTLx+xkTlos=
x-served-by: cache-hhn4072-HHN
last-modified: Mon, 06 Dec 2021 21:59:10 GMT
server: AmazonS3
x-timer: S1639151535.293536,VS0,VE0
etag: "7ac1e4b7ab03f256e831e00e3b5618a6"
x-amz-request-id: KT4K0GNSBSWRM1HD
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: binary/octet-stream
x-cache-hits: 3

GET
H2 200 proxima_nova_cond_reg-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ 27 KB
27 KB 10ms
10ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_reg-webfont.woff2?08252015

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8fe5f0c4bdaf3e031a6172679193e88d3a24c7deb6e3c7e2b2a477061cc1ad81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gizmodo.com/
Origin: https://gizmodo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:15 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 44
x-cache: HIT
content-length: 28044
x-amz-id-2: nzV+Sw0GzQL2bWkH4P+jVdu+aDNlQjboRsOB18cPCf0iv+gkiJKvJf9+F0BxlNeeopAJiFBkrRg=
x-served-by: cache-hhn4072-HHN
last-modified: Tue, 23 Nov 2021 22:02:48 GMT
server: AmazonS3
x-timer: S1639151535.293750,VS0,VE0
etag: "94cbaf403b2922fd6858c812dae091fb"
x-amz-request-id: G2MH1FC7QMPBYW1Z
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: binary/octet-stream
x-cache-hits: 3

GET
H2 200 proxima_nova_cond_sbold_it-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ 30 KB
30 KB 7ms
7ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_sbold_it-webfont.woff2?08252015

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8e8d2c867ae480b6b318900eb4168d5645f635420bdb1626976c9c0af71c45eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gizmodo.com/
Origin: https://gizmodo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:52:15 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 42
x-cache: HIT
content-length: 30232
x-amz-id-2: agUcTRKg8HyUwB+GIkKC86N+d84rU5ayq80FlaE9MUIdH//gE0osSYOzio4R52iCsUTl2FqoL9Q=
x-served-by: cache-hhn4072-HHN
last-modified: Wed, 01 Dec 2021 00:37:36 GMT
server: AmazonS3
x-timer: S1639151535.300580,VS0,VE0
etag: "6d0ce198b25710fd5d0a2c0fb863b22c"
x-amz-request-id: RZ4HJSA6F47RJ13H
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: binary/octet-stream
x-cache-hits: 2

GET
H2 204 abtests
trc.taboola.com/gomedia-gizmodo/log/3/ 0
230 B 15ms
15ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/gomedia-gizmodo/log/3/abtests?route=AM:AM:V&tvi2=2623&lti=deflated&ri=82e9c968c70e28c158525d4d9decd855&sd=v2_151374827c99fa2ab3a9069f329ccbfd_6e701f8a-1556-4361-a89b-7e0e87385ce8-tuct8acfd2f_1639151535_1639151535_CNawjgYQh61JGLCIrqjaLyABKAEwODib4wlAhooQSICn3QNQp-wQWAFgAGiApKeijMutlDNwAA&ui=6e701f8a-1556-4361-a89b-7e0e87385ce8-tuct8acfd2f&pi=/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630&wi=4307501949427938137&pt=text&vi=1639151535152&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1639151535308%7D&tim=15%3A52%3A15.308&id=417&llvl=2&cv=20211209-5-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 10 Dec 2021 15:52:15 GMT
via: 1.1 varnish
server: nginx
x-timer: S1639151535.292752,VS0,VE9
x-served-by: cache-hhn4032-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 7d2e2d2cc71eb1989fc472a6b2746e6a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_720%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.kinja-img.com/gawker-media/image/upload/c_fill%2Cf_auto%2Cfl_progressive%2Cg_ce... 19 KB
20 KB 15ms
8ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_720%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.kinja-img.com/gawker-media/image/upload/c_fill%2Cf_auto%2Cfl_progressive%2Cg_center%2Ch_675%2Cpg_1%2Cq_80%2Cw_1200/7d2e2d2cc71eb1989fc472a6b2746e6a.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 10 Dec 2021 15:52:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 77873
edge-cache-tag: 383162399368496539441598246188320010129,624356415285541528811653644175829052535,29ecf9b93bbf306179626feeda1fab70
cache-tag: 383162399368496539441598246188320010129,624356415285541528811653644175829052535,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 1007
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_720%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.kinja-img.com/gawker-media/image/upload/c_fill%2Cf_auto%2Cfl_progressive%2Cg_center%2Ch_675%2Cpg_1%2Cq_80%2Cw_1200/7d2e2d2cc71eb1989fc472a6b2746e6a.jpg
content-length: 19666
x-request-id: 7c372cf1f7d86a89e97f52d1cfab2323
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Thu, 09 Dec 2021 18:14:22 GMT
server: nginx
x-timer: S1639151535.301493,VS0,VE1
etag: "bcd6be641f391cb37197a0896a12bdef"
x-served-by: cache-bwi5034-BWI, cache-dca17742-DCA, cache-hhn4032-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1

GET 507ed220d783f0940e314342cc1357af.gif
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_720%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.kinja-img.com/gawker-media/image/upload/c_fill%2Cf_auto%2Cfl_progressive%2Cg_ce... 0
0

GET
H2 200 746c08ec15f3f769fd94799a3e58f155.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_720%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.kinja-img.com/gawker-media/image/upload/c_fill%2Cf_auto%2Cfl_progressive%2Cg_ce... 12 KB
13 KB 15ms
9ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_720%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.kinja-img.com/gawker-media/image/upload/c_fill%2Cf_auto%2Cfl_progressive%2Cg_center%2Ch_675%2Cpg_1%2Cq_80%2Cw_1200/746c08ec15f3f769fd94799a3e58f155.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 10 Dec 2021 15:52:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 170375
edge-cache-tag: 481692677434016566010400399967245757266,624356415285541528811653644175829052535,29ecf9b93bbf306179626feeda1fab70
cache-tag: 481692677434016566010400399967245757266,624356415285541528811653644175829052535,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 714
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_720%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.kinja-img.com/gawker-media/image/upload/c_fill%2Cf_auto%2Cfl_progressive%2Cg_center%2Ch_675%2Cpg_1%2Cq_80%2Cw_1200/746c08ec15f3f769fd94799a3e58f155.jpg
content-length: 12134
x-request-id: 45506ba90dce532093f0b677953dc42a
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified: Wed, 08 Dec 2021 16:32:41 GMT
server: nginx
x-timer: S1639151535.301806,VS0,VE1
etag: "b6a9fb463cd53fb6cbe908216be9db05"
x-served-by: cache-dca17753-DCA, cache-dca17765-DCA, cache-hhn4032-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 197xrjaz7466rpng.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_720%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.kinja-img.com/gawker-media/image/upload/c_fill%2Cf_auto%2Cfl_progressive%2Cg_ce... 786 B
1 KB 13ms
7ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_720%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.kinja-img.com/gawker-media/image/upload/c_fill%2Cf_auto%2Cfl_progressive%2Cg_center%2Ch_675%2Cpg_1%2Cq_80%2Cw_1200/197xrjaz7466rpng.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gizmodo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 10 Dec 2021 15:52:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 4401217
edge-cache-tag: 607379360410202884756278237062462219054,624356415285541528811653644175829052535,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 45
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_720%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.kinja-img.com/gawker-media/image/upload/c_fill%2Cf_auto%2Cfl_progressive%2Cg_center%2Ch_675%2Cpg_1%2Cq_80%2Cw_1200/197xrjaz7466rpng.png
content-length: 786
x-request-id: 8c96b68cb0f3476378f31a5e33e879e9
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Wed, 20 Oct 2021 16:33:11 GMT
server: nginx
x-timer: S1639151535.301592,VS0,VE1
etag: "1d5ca977851e8d3fe113dc0cfba74324"
x-served-by: cache-wdc5569-WDC, cache-dca12922-DCA, cache-hhn4032-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.britepool.com
URL: https://api.britepool.com/v1/britepool/id

Domain: api.britepool.com
URL: https://api.britepool.com/v1/britepool/id

Domain: am-trc-events.taboola.com
URL: https://am-trc-events.taboola.com/gomedia-gizmodo/log/3/social?route=AM:AM:V&tvi2=2623&lti=deflated&ri=82e9c968c70e28c158525d4d9decd855&sd=v2_151374827c99fa2ab3a9069f329ccbfd_6e701f8a-1556-4361-a89b-7e0e87385ce8-tuct8acfd2f_1639151535_1639151535_CNawjgYQh61JGLCIrqjaLyABKAEwODib4wlAhooQSICn3QNQp-wQWAFgAGiApKeijMutlDNwAA&ui=6e701f8a-1556-4361-a89b-7e0e87385ce8-tuct8acfd2f&pi=/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630&wi=4307501949427938137&pt=text&vi=1639151535152&st=social-visible&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-div%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22ln%22%3A%22below-fold%22%2C%22lx%22%3A1039%2C%22ly%22%3A1084%2C%22m%22%3A%22video%22%2C%22v%22%3A3%2C%22md%22%3A%7B%22ap%22%3Anull%2C%22vd%22%3Anull%7D%7D%5D%7D&tim=15%3A52%3A15.285&id=6376&llvl=2&cv=20211209-5-RELEASE&

Domain: am-trc-events.taboola.com
URL: https://am-trc-events.taboola.com/gomedia-gizmodo/log/3/social?route=AM:AM:V&tvi2=2623&lti=deflated&ri=82e9c968c70e28c158525d4d9decd855&sd=v2_151374827c99fa2ab3a9069f329ccbfd_6e701f8a-1556-4361-a89b-7e0e87385ce8-tuct8acfd2f_1639151535_1639151535_CNawjgYQh61JGLCIrqjaLyABKAEwODib4wlAhooQSICn3QNQp-wQWAFgAGiApKeijMutlDNwAA&ui=6e701f8a-1556-4361-a89b-7e0e87385ce8-tuct8acfd2f&pi=/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630&wi=4307501949427938137&pt=text&vi=1639151535152&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-share%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A1%2C%22m%22%3A%22stp%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Someone%20Is%20Running%20Hundreds%20of%20Malicious%20Servers%20on%20the%20Tor%20Network%20and%20Might%20Be%20De-Anonymizing%20Users%22%2C%22sec%22%3A%22tor%22%2C%22aut%22%3A%5B%22Lucas%20Ropek%22%5D%2C%22img%22%3A%22https%3A%2F%2Fi.kinja-img.com%2Fgawker-media%2Fimage%2Fupload%2Fc_fill%2Cf_auto%2Cfl_progressive%2Cg_center%2Ch_675%2Cpg_1%2Cq_80%2Cw_1200%2F792a936cb47c77f21212f115ff53ca5d.png%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=15%3A52%3A15.285&id=4233&llvl=2&cv=20211209-5-RELEASE&

Domain: images.taboola.com
URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_720%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.kinja-img.com/gawker-media/image/upload/c_fill%2Cf_auto%2Cfl_progressive%2Cg_center%2Ch_675%2Cpg_1%2Cq_80%2Cw_1200/507ed220d783f0940e314342cc1357af.gif

Verdicts & Comments Add Verdict or Comment

240 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

63 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 01:28:47	Name: sync Value: CgkIOhDz-62o2i8=
gizmodo.com/	1969-12-31 23:59:59	Name: geocc Value: DE
.gizmodo.com/	1970-01-20 08:04:47	Name: KinjaBucket Value: 5
gizmodo.com/	1970-01-19 23:19:11	Name: KinjaSetBucket Value: 5\|1639151400\|GMdoznzmNZu5G9t1lqvWUPQRFmwqGwCY35N3yP3rY3A=
kinja.com/	1970-01-19 23:29:16	Name: KinjaSession Value: a705d784-815a-4005-aff2-6896cfd18e87
.kinja.com/	1970-01-20 08:04:47	Name: KinjaBucket Value: 5
kinja.com/	1970-01-19 23:19:11	Name: KinjaSetBucket Value: 5\|1639151400\|GMdoznzmNZu5G9t1lqvWUPQRFmwqGwCY35N3yP3rY3A=
gizmodo.com/	1970-01-19 23:19:13	Name: lux_uid Value: 163915152919479832
gizmodo.com/	1970-01-19 23:19:12	Name: _dd_r Value: 0
.gizmodo.com/	1970-01-19 23:20:37	Name: entryPopupSeen Value: true
gizmodo.com/	1970-01-20 08:04:47	Name: __k_iut Value: 1639151529458
gizmodo.com/	1970-01-20 00:02:23	Name: _sp_v1_uid Value: 1:323:9137264b-ded0-4f3f-960d-b2129b1a7d02
gizmodo.com/	1970-01-20 00:02:23	Name: _sp_v1_data Value: 2:257192:1639151529:0:1:0:1:0:0:_:-1
gizmodo.com/	1970-01-20 00:02:23	Name: _sp_v1_ss Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlXTgyqKRGXkghkFtLC59OCWUYgEO1mB4eQAAAA%3D%3D
gizmodo.com/	1970-01-20 00:02:23	Name: _sp_v1_opt Value: 1:
gizmodo.com/	1970-01-20 00:02:23	Name: _sp_v1_consent Value: 1!0:-1:-1:-1:-1:-1
gizmodo.com/	1970-01-20 00:02:23	Name: _sp_v1_csv Value: null
gizmodo.com/	1970-01-20 00:02:23	Name: _sp_v1_lt Value: 1:
.gizmodo.com/	1970-01-20 08:04:47	Name: consentUUID Value: 6832426b-3564-4079-8a52-146935b3c409
gizmodo.com/	1970-01-20 08:04:47	Name: ka Value: 7931621f-a218-406a-b6b4-ee0a7675a1bf\|e55d3965-6631-4e85-a8a3-2df968db7deb\|1639151529507
gizmodo.com/	1970-01-20 08:47:59	Name: _cb_ls Value: 1
gizmodo.com/	1970-01-20 08:47:59	Name: _cb Value: D2gVqNBozqXNzA27h
gizmodo.com/	1970-01-20 08:47:59	Name: _chartbeat2 Value: .1639151529571.1639151529571.1.Cdoy7RBWbSaVBXbVxe1mutyDdsqzT.1
gizmodo.com/	1970-01-19 23:19:13	Name: _cb_svref Value: null
.gizmodo.com/	1970-01-19 23:19:15	Name: AMP_TOKEN Value: %24NOT_FOUND
.gizmodo.com/	1970-01-20 16:50:23	Name: _ga Value: GA1.2.274705393.1639151530
.gizmodo.com/	1970-01-19 23:20:37	Name: _gid Value: GA1.2.972793312.1639151530
.gizmodo.com/	1970-01-19 23:19:11	Name: _gat_unique Value: 1
.gizmodo.com/	1970-01-19 23:19:11	Name: _gat Value: 1
.scorecardresearch.com/	1970-01-20 16:35:59	Name: UID Value: 1BRWVL63CZZNJNAD6FKAKDg1639151530
gizmodo.com/	1969-12-31 23:59:59	Name: pageDepth Value: 1
gizmodo.com/	1970-01-19 23:19:12	Name: GLAM-JID Value: 7b5ce0cbd2e4408b8d30695564876c62
gizmodo.com/	1970-01-20 00:02:23	Name: GLAM-AID Value: aa4a99ddebed4a069e8a26ab69e3e481
gizmodo.com/	1969-12-31 23:59:59	Name: GLAM-SID Value: e97dd0ac29c34198a404328c90405a35
gizmodo.com/	1970-01-19 23:19:12	Name: __j_state Value: %7B%22landing_url%22%3A%22https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630%22%2C%22pageViews%22%3A1%2C%22prevPvid%22%3A%22595418d6b3bf464f995271a83067e360%22%2C%22extreferer%22%3A%22https%3A%2F%2Fgizmodo.com%2Fsomeone-is-running-hundreds-of-malicious-servers-on-the-1848156630%22%2C%22user_worth%22%3A0%7D
gizmodo.com/	1970-01-20 00:02:23	Name: _pbjs_userid_consent_data Value: 3524755945110770
.liadm.com/	1970-01-20 16:50:23	Name: lidid Value: 8e862c59-b37c-42e3-b4f8-6e0bbb0375b0
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+dZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==
.adnxs.com/	1970-01-20 01:28:47	Name: icu Value: ChgI5IdgEAoYASABKAEwqe_NjQY4AUABSAEQqe_NjQYYAA..
.adnxs.com/	1970-01-20 01:28:47	Name: uuid2 Value: 7044034024506486109
.rubiconproject.com/	1970-01-20 08:04:47	Name: khaos Value: KX0KHZ14-H-E8GH
.rubiconproject.com/	1970-01-20 08:04:47	Name: audit Value: 1\|naVuGyos1qpCymIhiiF3J0ZeVCuLeoYaJAQRvrb7NaaVL7v9nbH7lhY5Be35YRTd3w4E5E4Zp83AUJ+gL7gixVMTHpBfpY+6/R7Fz5/Qhm0=
.gizmodo.com/	1970-01-19 23:19:13	Name: bounceClientVisit3589v Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgOYCWAXgLYD2AJtQHQDG1lRKrAptQHacC0pFPwBOAVx49SPYvzgTaIzrWHUAZv0oBDMKSalqY4Sk4iAbqdU9+COAICMADgAsj+wFYAbJ4wAGEAA0ICIwICAAvkA
hb.vhsrv.com/	1970-01-20 01:28:47	Name: ckbk Value: 0000008EC26D52D3
gizmodo.com/	1970-01-19 23:19:13	Name: _tb_sess_r Value:
gizmodo.com/	1970-01-19 23:19:13	Name: _tb_t_ppg Value: https%3A//gizmodo.com/someone-is-running-hundreds-of-malicious-servers-on-the-1848156630
.britepool.com/	1970-01-20 00:23:59	Name: _temp_bpid_ Value: 897eb367-56be-47cb-92a2-724a5f3db2ff
.bam-x.com/	1970-01-20 12:26:49	Name: uid_bam Value: 1760025554207691639
.gizmodo.com/	1970-01-19 23:19:11	Name: _gat_kinjavideo189964 Value: 1
gizmodo.com/	1970-01-19 23:19:14	Name: KinjaToken Value: dummy-60e0b7b7-be4b-41bc-b74d-12fcf5c3da0e
.3lift.com/	1970-01-20 01:28:47	Name: tluid Value: 17463011503294124194
.bidswitch.net/	1970-01-20 08:04:47	Name: tuuid Value: 0b12f55a-d7d2-4a5c-84d6-e1a113e4c7da
.bidswitch.net/	1970-01-20 08:04:47	Name: c Value: 1639151533
.bidswitch.net/	1970-01-20 08:04:47	Name: tuuid_lu Value: 1639151533
.pubmatic.com/	1970-01-19 23:20:37	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 01:28:47	Name: SyncRTB3 Value: 1640304000%3A220
.pubmatic.com/	1970-01-20 01:28:47	Name: KADUSERCOOKIE Value: 3F422C2B-5D91-4D76-97C5-650788E76C63
.doubleclick.net/	1970-01-20 08:40:47	Name: IDE Value: AHWqTUmOau1EtwN6Gkvvx9aAdAOx1J7mdzozU1wA51zmlPeJXaS6C0HPx3qXxV3gxQI
.pubmatic.com/	1970-01-20 01:28:47	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 23:20:37	Name: pi Value: 161204:3
.pubmatic.com/	1970-01-20 01:28:47	Name: chkChromeAb67Sec Value: 2
sync.srv.stackadapt.com/	1970-01-20 08:04:47	Name: sa-user-id Value: s%3A0-b75da0b4-eed5-458e-4542-be53e8b77a78.1RkcLfUK%2FNmmaFLKSD%2FhSKLiHvEJt%2B1Les%2Bd%2BVSQoFA
.srv.stackadapt.com/	1970-01-20 08:04:47	Name: sa-user-id-v2 Value: s%3A0-b75da0b4-eed5-458e-4542-be53e8b77a78%24ip%24194.36.108.21.SG%2Fs92vYRhUB5ZkRO7iwUOix8pBUd1%2Bx80eTsupcwSA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=897eb367-56be-47cb-92a2-724a5f3db2ff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://g-omedia.com/wp-content/uploads/2016/11/logo-gizmodo-600x85-300x43.png Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
ad-delivery.net
ad.doubleclick.net
am-trc-events.taboola.com
ampcid.google.com
ampcid.google.de
api.bam-x.com
api.britepool.com
api.btloader.com
api.rlcdn.com
as-sec.casalemedia.com
assets.bounceexchange.com
bidder.criteo.com
btloader.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
carbon-cdn.ccgateway.net
cdn-geuw1-xch.media.net
cdn-magiclinks.trackonomics.net
cdn.britepool.com
cdn.speedcurve.com
cdn.taboola.com
cm.g.doubleclick.net
connect.scroll.com
contextual.media.net
cs.media.net
data.cdnbasket.net
e.cdnwidget.com
eb2.3lift.com
events.bouncex.net
events.release.narrativ.com
f.kinja-static.com
fastlane.rubiconproject.com
fusion-media-group-d.openx.net
g-omedia.com
gizmodo.com
gum.criteo.com
hb.vhsrv.com
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
i.kinja-img.com
ib.adnxs.com
id.sv.rkdms.com
ids.cdnwidget.com
idx.liadm.com
image2.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
insight.adsrvr.org
js-sec.indexww.com
kinja-com.videoplayerhub.com
kinja-otfp.global.ssl.fastly.net
kinja.com
match.adsrvr.org
page.cdnbasket.net
pb-logs.media.net
ping.chartbeat.net
pixel.adsafeprotected.com
pogo.ccgateway.net
prebid.media.net
privacy-location-edge.ccgateway.net
px.britepool.com
sb.scorecardresearch.com
script-api.ccgateway.net
script-api.kinja.com
securepubads.g.doubleclick.net
sofia.trustx.org
sourcepoint.gizmodo.com
static.chartbeat.com
static.criteo.net
static.narrativ.com
static.scroll.com
stats.g.doubleclick.net
sync.srv.stackadapt.com
tag.bounceexchange.com
tagan.adlightning.com
thrtle.com
tlx.3lift.com
trc.taboola.com
trx-hub.com
u.openx.net
view.cdnbasket.net
widget.perfectmarket.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
x.bidswitch.net
x.kinja-static.com
am-trc-events.taboola.com
api.britepool.com
images.taboola.com
107.21.238.20
107.23.88.187
13.248.245.213
13.32.22.58
13.32.22.95
13.32.29.201
13.35.253.75
130.211.23.194
141.226.228.48
142.250.186.162
142.250.186.166
143.204.209.34
143.204.209.91
151.101.193.181
151.101.193.194
151.101.193.44
151.101.2.217
151.101.66.166
159.203.149.85
178.250.0.165
18.156.195.47
18.193.230.138
184.73.243.156
185.64.189.112
185.64.190.80
198.47.127.18
199.232.194.217
2.18.234.21
2.18.235.93
216.58.212.130
23.22.200.199
23.37.38.181
23.62.140.165
2600:9000:2057:800:18:1fcd:34f:cdc1
2600:9000:211e:9200:1d:8c8c:47c0:93a1
2602:803:c003:200::41
2606:4700:20::681a:246
2606:4700:20::681a:68b
2606:4700:3039::6815:c076
2a00:1450:4001:80e::2008
2a00:1450:4001:810::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9b
2a02:2638::1c
2a02:2638::3
3.226.34.126
3.228.133.61
3.237.175.195
3.33.220.150
34.102.193.48
34.107.148.139
34.107.191.194
34.117.4.53
34.120.133.55
34.120.253.250
34.98.72.95
35.186.234.63
35.201.100.179
35.201.112.123
35.211.168.6
35.227.221.36
35.244.159.8
37.252.173.27
52.201.92.233
52.28.103.21
52.86.156.15
52.91.215.149
54.229.132.88
65.9.68.20
0048062ea9fad71e145776f9e46031a939b5632d3c4cf7dabd086c464c9390ae
0131733a1dcf92378d7e567baa326140c50d95bb6cae590c0a07a2692e07866a
014b2420aedb69669653915b6f68138700b91d55c3105ae445a48a3143ab68cc
03457d2d8927fb74742ae2128cac0e0144595624b37b156305486a6c1d94e40a
04fb64f756936decdca4d9f6b3f524a0add612070c057904b6d48542a7751fbb
051ab97ebcc57e48c1c0197cec9721cf92a316f36f50ad1ac4785d82b4c87f98
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05fddbe5beb38d7f2552ee3374eae0ae8ee2d4c32ea632d20bdeaef35a26157d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0731e7c0437436d1bee80540e1b0327b60f1182a5557e92a7338af2bee44dafa
07ba4afc0764d2e9ceeb18eb82cf3ebb4a0dcd268036d03029fee050bcca09ef
082688a5110752fd691628d88cf69ef8dbd561b8922944204406b1a71df0bac8
08c1f2deb3b836fdb3ac4f8e4496b8c0b8fb6dc517f8820dd1cccbfb44a36be2
0919d556e4185f2d20e161adad4e06ec7747a477d7a001c1bd89b74133c31221
09dbcef950643ff0e4ff9e44c0eda619a95d9b430ea166c3fbc72a567e143398
0a66dcf8433fe1ed25a24a1a9bd35dfc3a264f007fdf7851af0a688f22528ccb
0b27e7babe4a89efc77bf398e23504abf4e4c1141aeb1895f87ffdfbda2f4604
0e16456425cf7f027e33160c6a93f775858561bbb7d2e0fd32d426a6921f831b
0e4a68c3e4e1420435a34e864b38059d479f0240cfc39e68d37cf06ba4b6fda7
10d7b76f7e0f35f79b58037808e778a7b7dceee21d803dc91baf22c02b6e5681
10ee136aea127b01c75bf0a2783f28537c1cdc4c8d34a82000e3bfd9c03a4336
12818e979314343e8b5db33f3e89c4f20c2671bdf1a292780a4afeb5751099ff
1382ac8052df72ce2aa352dbd65717c6d59790d99bdf233730b4bc1ba08c1967
142f3bf1bca0c37e1182af44afe00c9b67c9f9d5bcffd263952521327156e568
15328a8f75718018364cb5a7c7dd8f85940c9282675a908e0a92acb273634149
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
1733c7e3d32fa5674db51bbca27b287abe2c51633a7be4fc40e30fd730b63be4
18384c12a02d09f936dc34fb2696399bedf5b734d3f264106fbe696846cd71ed
1940b5b7b25eee1a9731c591c2a9281f026472d6bd6e2ec8f00e17b6476d44b3
194662b5e721e1296b1248044fbd905c8ce6d6670b0a72783ca2522925981786
1bbee1696340edd7c6bd495f1f4689bc36279dd5669c4c9937e84dbcedb96e88
1ccce1aaef3253c3bad0952be1ae20c0c06e940522ec3b776d5565ce61c90ad5
201060ebf8f83654bfe93cbc4d1256452f4b9888b24c37c03f39428aa1395bcf
20809a7928d25e26d8f009ebe5f825839e9d2a5fd325555e7f961b38c89c88e4
22f50e6cb7107e79ccdbc1d49c60198f79cfc5787ed2d99ebf25a29d773de09b
26bb50500bfdfa32376bca2911e642ee1c3f01a917646ab6cb3bc6df4d25d097
27cb1b3e0f95a82fe94c75859a6ca784ab63c7835b98134ffcfa8e3966ab562d
27e98f40761c493c424145161909ab5ccc2fd233bde82853d6e8a80829865eba
297ab3bc03232acceab643e4c33665076e99a69f1d7d3080ca5e3abbec16c3f8
29ba0a849861f7782447f23e2e40791c3be2992cd5e0a4320187b7fb3af4e41c
2a9155f50ff45150c98d3e5e9800022fcf7610f6c348d99e2f988051b9799aaf
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2d858a3dbb03600e19a60079cb0aefd2d3ade061f28bc40d457bb46a3cf0ff84
2fbbde414b78b924daeb68dde9a1af5e1c7f7ca0c4a17643482068d1725dbadc
31274f730a367bcd3b8c3a37bcd766e87b55ef404dbc1b53b80972ca22a6cadf
316f1c1fa4ffe57bdec1dd009527992bbde3776fd78e6589f5f0c4bfbd67f90d
326154071df5776f817b14fe7975a16c385fad2ed4a9d0e71919dbcb63ce67bc
34d4007b4a9032fabc81e230cd2f45483a43b703e587227b96af0326693beca5
358ee04f36eee2066e319ec9c2dfcee16e32e656e8993b88c69fc26b6210928c
363e92fb521ccace0989ad7463b061190cd3da966664f8da925dab4b1700cbbb
369623aef11dd0795a6851fe3ad7f3867b3c7c0f51b5da8ff4ba4b7ca13926a8
36be9093978468f447c37765f1bc3196580e20d8a230b316b46245fe2ae05c8d
3aea8e727cf57c7e65ca90a77ba45f30c9bf39b614a9a20d7f4332ccbff74370
3b8f91935bca9051d908c09faeb696058626846b9eb76a9baf3c9b6270247e07
3b955a6a6cb618cdffceb35e899aa3315cbbbc653c078da04c6c8ff307eed07f
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7
3d764be1388f0488c90be29ca58c3ad082f9d954ece8448448779bb79e3ca7a4
3def86f9af701a63363e5f2ca4da3f7d5f26383b84de45bc99d381ed2a5eb7f5
3eb737400ae32634cff88be84fea7a990181fb8007f8196e018f92ddf291ac26
3fe2a048a1cac466c0a9ef6603d95d1cb9eeddf18208eb2b9d50836f96fb80ec
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4430f93ad9fc507a4938e5d6d808a82950f2a5d63a46d1ac66a269a26b791d66
444c745dbb80f80a2b84c32645676ad61bae55acdb30f34ee3ec015046b667c9
48c79fbb76d0593333b01923064ee25bb1b5eab3ca48470a54743ebe856e8580
498d017c7df4ed4e2a5945e5502cbd57fd431fa898b4fd3209fdc045c3c34d7e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fe5e3d1ad166ce8333a12c05a3fa4c2aed581527fab7688ecb54961a4e37388
50a3f4ec66ac5a5af162828c1ed815de78b9eb8f1a065a6e63cc77e1da081090
50ee0dcaf262f35534df4e89772941e35bd4da8433f90c3b339d9e859588ad5f
51eb44a48f2ec3bf5ee39395698b49d23ad55ed26f05bcbbccbeb1e128f477ef
53373d18dc4f07bcb2f3aba7fcd64607d414333aa7824c7347961cf4c25332eb
5338cf28185a0f0aee716e5ea8592b898b678b6e67925633a13925e4dab253a2
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
568068711d00d07ac001e1937acdb4621d0d7ea602ff8beb225c1b9f22701d1d
56b2661dcb5519f9481fa7e1d7373c1b5d67021f889068dddd2229ad47605029
56ee6baa44de05f18ccfca8879f1f2da2fa33b83833ab967b64a6ce68d951551
571bf2874f0d17d36e34dd86a44c881aebd2a741703b7685335d024b10b313b3
571ea16b485833e133b0b5300729e6176d5b87e5a98b1e70c21246be6497626a
5d71957841aa94472a972ee679c553060e5156225d4538c14fc2a978096de160
60c68b884400bc800bba771cd3ce25c5ebdf630ff54060a53e74bd6d7f2e81cd
6191d437e27df2b9eafa1f1d96b6434e4624a985a5f9940daf7a4951ee7fc4de
61ccb8c3252e27a327becaf9318517719a131160e0bc05659b0d2493dc6e9245
625be2289a2376c83e183e156d49adcc22dfa7a3e491114d7a37074c7a9d829f
63125723c148b0c5391dea8c827d96958a6706a542f8b45822904aaefe10c4ad
639abd6e4a4662ac73fe2dad3e6d5dcd069f13170e103ebdf69dea480540bff5
654618d3af2d319ce964144b9740d3865c14a1c24f4ca15b44d26252b53c19db
6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324
66c931a6f6e9b2cf6c3a42a79aca893f847c7a1fe11ac4ecf194efe11d17e112
6726f99678f79a000d10c7ec36e1349e232df1ab288f59e402a5ada574fa9d13
6796599c3ea36a0cfb9f46a94417927ff9cd9f518bd8659efcdec14ff1b2dcff
67aef848ffd07fcca6c638b57a792f11a48bb87ab93685c13ce333b83efec4c7
6850e98440a49430e1f021383fa47ba895af88c46b5f9d72a6982bedc7c079f8
6865fdaa619738961b7a2b2ce90803745a2327084d611f55145b09750505f5a0
695d18fc0d3253ff18ee97cfc66179c16f4aa1e823820bcee093e9295ca947df
6c02f985f5f5b415611b0c1317611b428066dab3a4106b616ffcee9ecf00c163
6e2aea6c477e64819d01d9fb012341c1455afbf0d4d1dcf4fb673c8edc8e205f
6f03b1683cb3011ae2376a57d5c2264018c31866e480036143d44ae0624b1d57
7191d479ed7098fddafe5a50fa92c52c6f52cdd3b0c1419f79c5baacb90f9634
74261f58ee7a7685313f2d64f8ac336d1eeeadf8b855205b7507dc49c82db9f9
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7670a805f802d0ec1186acf112f3cf5614dd1d7b0616f1339a0376c711b91296
76f86edda33c7bf690da932bb292d6126a560327984e3f264f1b9ad9c5cf6898
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
773de507078985919ca23a2f6405889d9784fdb9021260a6f1c22a650b0fdbe4
794988cdd4276662be72313c3fe92c673a2d64dad47a7b3030423a4feab406d6
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7adb539b83bf4023701556c288a357dc733bfd7b8663f9d47b94209787e8cdcb
7b5d708c5ddd994fb4357a7d4d5f5751cde06b5d6ef5dd66c6ad3a4423ec01da
7bb1875751a9969744ec9117961a5aed810cf817126b104f800d8034af9e0020
7c44874e212bb59909bbc1963a75d2c326cae854268a8f9b57a222de325d7b5d
7de345118716980f490d0db13e907019b7cff3c4e306349215ffff844e509f5c
7df6b2b927e04e6cac995513fc4cab56832d031b60b0defd7cbf85bd4d4f0781
8061c17ad6d7b8805745d8f136437acc8abe498fed1a01cec4d142b55def3c55
81584efa9b869e9b6e809755463cbc348c6df3c202ceb7a2c95fb94102ca0d23
822dd4fa0dae09fca1dd68ee453cd1b146ace014147d2db83754d54760dae60d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83de9d4d2e6d401d4a527e6ac9480eb29fab56ec73e8b7a3ea884a63ff4082af
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86c164bd25fcf7375ad0519015f00467993538a2d175f96a77e747ba05cc4f53
875bd363305b38d8841cb4d16303ced3964dd6be3d09de9f436669ba2547a987
893d901b1468efefad5e6f9dc095e794633e6b5aedd035bb13fc65f3e31f9a21
89492bc654b39cdbf1069ab17693e870c5a388f5ed8bee7651ef1e83acba7129
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a4a9d8475ca11dca0dc8e3aee776432d6de9989b08519d2d6669278f635a0d0
8adbca7c94a147c083f537865f279f6be4a4fd50bb39e5c4e961f2c76a28292d
8c90d0fa49315d682079d71194327c764f1695cd9c8818dda414f29911507c98
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e5561695a575ccc21b2a32a74de81cadf861ea91df101aa196a064bb9373904
8e8d2c867ae480b6b318900eb4168d5645f635420bdb1626976c9c0af71c45eb
8ea6b61a5174a4140f0246ac54b8e575432ae31c52776e07b0a1df8628d545dd
8f1657223a1fef42e52e40a420a5597ba44cf2e4088a90b97969230cb7d2a760
8f618a411abbdab66a69a897bc6904521609e3781cf615a94f464787033cbc08
8fe5f0c4bdaf3e031a6172679193e88d3a24c7deb6e3c7e2b2a477061cc1ad81
906e77ee494b3ef981722f67dc7dac022fd5091c9ec57464442ca25eba168de6
9170a8b2fb3234baa721bf8b3de5935d8d160f6f987215b83b07a49a403e5e74
920f81ce63ed8dbfecd40a07c308a94494c3f5cf9e80f4ce3a70c11a964c9ce8
938e8fae53d4e15c47fde1ef86321f59e432f818910a353111b1a406655a6331
94309a08caaa85e6316c3393e940b80a016c059fdb30fe4d5af95bfb68f789e1
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a0ca6f463a8210c6619561e05f9115395e97927ae3a464b6dac0ce6c791bcb7
9ffc65524e6f92146a89b60c6b9ea2f439cb5358834f848702e5f979dd63ded3
a02e97b5142073943544a11660eea34c7220a46a64eed8945496327e1808a503
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3038297a72e5cce50eba9bd4b86355a18dadfe2f49c7cf528ba29dc95e9b793
a351fd92e5702efce917edb3a5fa5e15b0c2c01b05c72004d183ea3cd0ac8cc4
a41d3aec768c530c3e11488e2affac174bf32da33f279d6bc359276fddaffc22
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6
a5b688c596b4cf05bdf4d51eb8138ab1d459ebf30a0547820185cd82bc5fc858
a7d2803b5e758332eef4d4723df1cedf6bde21cc84a73116b0590b6258124a91
acb7edb8909b961fdcd5aa5202a5d85fe2abf36b4cc501651c2c07533cde99ec
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aead809f400977a75421c91e1e82100e88cbdd841d335536017b9ea23e6ec529
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aecf95e8a2999fb041d5553b1fc8c17ca8328bbd6d89ad5ce4124f996be462fc
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b11a43de5f6ea17f6954891895fe6cedf5c00afb9c9ac77e46eae6e72565daa5
b16e4fdd3534e5df810787df45c2b8441ef95029ca125ab45d99f0bc68da9bc0
b1b93d55703d886dc21e38577c2f5d477a6eea948b2cdfd54384a200905db335
b327274be0506470e5547c067fec6cd0b01bbbf003268c492c48aa9170d30b6d
b525d5b79e347e163079f3e39feb5365cf589e09333ae58153b27ebbe5ef9090
b5d76ce8413b4ed7998ad373788cd6bb1c137d4f35489031ecaefb26182ecf72
b666cd4fde0554c6dbd946339abca10c1aba4fd4ebebc434e7fe38aa32b301e6
b78d601966c586196b0784ee0becb43269f8310dc90f3973f3897b0549b34b26
b872b6a51e90554dad90c6b71ff30a9a74d55733643dbdc1887acc783f94047f
ba19a457a3e4176f028464659e179a5c2e46a8addb3634184c5c6a972393d66f
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcf8e50405f3ddbccfe8bf32b5d6ea035086b0b31117a0fa9428176fe72b855f
bdc9c2f8368337a8594c538af8d5ef3aa6951ecc559257442fe7b0a3a25c6172
bea46f3f1c19557bf886c4006b0af4730c0d14d28a1cec1ac743c890f66359d2
becaecc6663d091f14a00c80317ebc9fa3beeab411becf786f6df9f266192a6a
c2361ee0cee034b7d83bd51e70ecb861d22d16fc79776b9bf8b8306004cddf66
c26ddabbe68131251eca47cedf45f374116026df60712c058248e208fc017a6d
c2a0ef1592a7f962e4cf46d93ccba947fe72ccb6cd5fef06868da83c36ae9e3e
c44d54cb4b2811123ded679809a9e9841feb71eb90166991f11169ee95699269
c52f8e98f660e8c62927b9f53a766551cb33d70ec6571b9b1ceee4f8eceaf03a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbfc2b42647f6516c8eec0e77080c859e071d453a500715f827629164e27bdaa
cd2b62f8b97109b3c256b6907602a2fe4de7999c88050402b0d5efcd94009eb1
ce07894ef3fe92a4b8c09fef821f9fe7c93885bf17ebba244021a4cc94cc64c2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0029cf36c9826a5fe5c4e2170133240b5451e63f497083034a666bbd611f213
d1d3bc772ecd6d97ca9f34613a31aa77c4fba442357e0ad6ac59422a4320ec02
d236e1af7b71e2ccd2d2fab9d9ba66893d95c884663688306742f8934aec7594
d590bba8b4d29e68c459b7659a2e99e789b906262efbfe008dd723df13e5ea1c
d5b6396ac66c7ae1dc534e3735b6c1e2fad134bd8011a99bc97313ea1c31b103
d6a6971938b06deb3cbb0d3486bc8803a26499af4579000c088808ca71aafff8
d840f0d6fa9d269bbb3ba942393b71e93c77092408a5cb15d7017bce287174b4
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9f23619ed881ec26f0a846e9b5b9e8ac0bf60a26139462a83413d02c1de08d7
db4b7fab912feae4c5c6d6d6f9fbd1546c6a9ba08e3a553436257849e984c186
dc9a4e24a1ca0c02f08209e8021c6547a3a2a4c0b9d545e9cf66e96bf3b683a8
ddbf94c9ded5ac3e4b6d2f82f5a9324a6510314164e46e8dddcce1400be61a34
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
e14be9e8f91d3649c96f7c89191f211bfd2943687755a6bd5177203c5adb57af
e29a36953d293c7d4dfd4164955400e06f6873f7bdd834a496a167117a0b2a9d
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e327579f4c2aa358d35797b547bd3f4d56fea451f6224f0571252afd05e39af4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fa1b90217bb9ee7ec9bc013916964ddb9e2605d81c01c75242a05083a9ce78
e699ff22ed399a8ba0b590d94e166c8892e7fb8c9ebc4d13bffaf99a2809fcfd
e6f1a0a066d6fc6486b1f8dfa736395561b5418ae2722332bd7169a9d9f19a7a
e794e365894861fb8507752149f71f21e6651ebb57af15df39612b2c453da316
e8f597be9012b70e4d53b62cdd9ffcb58ded2f9b15b9ad82b7de81a70657f3ac
ea21a5d0020cf93672dbac4da25542796f3e2fa2ec95327f4b3a88f9959b24ca
eae1722b689bbad425c4497e30305830f31269c1e0074bc81747db9ae9781666
ecdbaa267d84e1443f8fc7ac62f0450871f8c5c6b89511c2081b0a60993f705c
ee69a945ace16363ebea3645fc6b1d80401c6466aeec03a0bff83d22543755e2
ee7f0325c97f07acbb41ded296dba6579a09145f88c720206d24f3b7d5b14eda
eee06c3cf62915b9e6c5f3ac310e5494ca71ce47d7a3c45b202c0054d6fa8781
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd93be9d1e4c46c2ba4399060c7c6a069f74a80dff4382678dd1a866ca0f05b
f0d3c5604e7d31126006921c7b4ba51bf013073f77857420b884c83ccd36a06a
f45530ee93fe1451632f4c4da09ff7b9dcbbe6a64f2ae824c058c78fababd34c
f5625ad95d548433e103b033f5868927f1e752dff3145f34e1f3458da17f320d
f66efff9866e3135a9356c85a24cae6028f1ab6d143c4be6e49eb47950b828e2
f6a31a00fc661a550d15ffa6be4c1bb76faca73b98e97bed8534d56d3c85a20d
f790443e2488ff49c5759ce699ff0c307c4bfa3aa50e0e4407d7555b89662f44
face442a4faa1f025a97277b2928a1cfb37f572c67fd3ca6e106b1c7010bcfc8
fb6eb180a7807cf8503f57e2cf237138ac3746d20c1ce171d749ed98dcf34ef6
fc9227b19eef996896cf05f28e53aa09e8343550c14d1fced2318bec2345962c
fcbee465c96419ed115adfaf5eec6f3c1ed2abead430e6e2ff64496a9abaf27c
fd70914ddca40de1a059d7c7d80255aaa82345f8ce2b9c20c41dc801591b0d73
fdc13a1899049d328f22b0ff1e1fb1027344cc73bb28b96198421444283e5b5c
fee348a732f1fac5a2594b06c069297d93be8524ee1f247d7cab4de83e6a6997

gizmodo.com Open in urlscan Pro 151.101.66.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

291 Requests

95 %HTTPS

23 %IPv6

56 Domains

92 Subdomains

69 IPs

7 Countries

5162 kBTransfer

14175 kBSize

63 Cookies

38 Outgoing links

Redirected requests

291 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gizmodo.com Open in urlscan Pro
151.101.66.166 Public Scan

Screenshot
Live screenshot

Full Image

291
Requests

95 %
HTTPS

23 %
IPv6

56
Domains

92
Subdomains

69
IPs

7
Countries

5162 kB
Transfer

14175 kB
Size

63
Cookies

291 HTTP transactions
2 data transactions