www.newsweek.com Open in urlscan Pro
99.83.219.100  Public Scan

15 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://t.co/sJVbuREl6X Page URL
2. https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

• https://sb.scorecardresearch.com/b?c1=2&c2=7922264&ns__t=1600949422801&ns_c=UTF-8&c8=Russian%20Cyber%20Gang%20Linked%20to%20Hospital%20Hack%20That%20Resulted%20in%20Woman%27s%20Death&c7=https%3A%2F%2Fwww.newsweek.com%2Fgerman-hospital-ransomware-cyberattack-russia-hackers-1533752&c9=https%3A%2F%2Ft.co%2FsJVbuREl6X HTTP 302
• https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1600949422801&ns_c=UTF-8&c8=Russian%20Cyber%20Gang%20Linked%20to%20Hospital%20Hack%20That%20Resulted%20in%20Woman%27s%20Death&c7=https%3A%2F%2Fwww.newsweek.com%2Fgerman-hospital-ransomware-cyberattack-russia-hackers-1533752&c9=https%3A%2F%2Ft.co%2FsJVbuREl6X&cs_ak_ss=1

Request Chain 72

• https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5 HTTP 302
• https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5&__user_check__=1&sync_id=ec8a705e-fe5e-11ea-b36f-1ac857eb1906

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	sJVbuREl6X Show response t.co/	413 B 533 B	190ms 145ms	Document text/html	104.244.42.133 TWITTER
General Check archive.org Show headers Download Go to Full URL https://t.co/sJVbuREl6X Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.42.133 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash 3c50b45921064df405c478aa9c06af4caff779192244cdb864e566be4e9eb8ee Security Headers Name Value Strict-Transport-Security max-age=0 X-Xss-Protection 0 Request headers :method GET :authority t.co :scheme https :path /sJVbuREl6X pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 cache-control private,max-age=300 content-encoding gzip content-length 225 content-type text/html; charset=utf-8 date Thu, 24 Sep 2020 12:10:22 GMT expires Thu, 24 Sep 2020 12:15:22 GMT server tsa_o set-cookie muc=5104279c-fcf5-4ef3-9ce4-69400dce9323; Max-Age=63072000; Expires=Sat, 24 Sep 2022 12:10:22 GMT; Domain=t.co; Secure; SameSite=None strict-transport-security max-age=0 vary Origin x-connection-hash d7f71875e1e4b82292faa9861845677e x-response-time 121 x-xss-protection 0
GET H2	200	Primary Request german-hospital-ransomware-cyberattack-russia-hackers-1533752 Show response www.newsweek.com/	284 KB 63 KB	294ms 100ms	Document text/html	99.83.219.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Requested by Host: t.co URL: https://t.co/sJVbuREl6X Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.83.219.100 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a4fb2973ac9c49f88.awsglobalaccelerator.com Software / Resource Hash 76fad6e6d45a7bcbe276720c2ce5587b26fcae1e61237b2630ac56e4317733be Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :method GET :authority www.newsweek.com :scheme https :path /german-hospital-ransomware-cyberattack-russia-hackers-1533752 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer https://t.co/sJVbuREl6X accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://t.co/sJVbuREl6X Response headers status 200 date Thu, 24 Sep 2020 12:10:22 GMT content-type text/html; charset=UTF-8 content-length 63747 cache-control public, max-age=3600 vary Accept-Encoding content-encoding gzip x-b V6.3-3 web2 age 149 x-cache hit cached x-cache-hits 2 x-forwarded-for 185.212.171.67 x-ua-device desktop set-cookie X-UA-Info=country|NL|state|NH|city|Amsterdam|latitude|52.310900|longitude|4.945300|isp|M247 Ltd|ip|185.212.171.67|device|desktop|time|1600949422; path=/; x-debug x-xss-protection 1; mode=block x-content-type-options nosniff x-frame-options SAMEORIGIN strict-transport-security max-age=86400; includeSubDomains accept-ranges bytes
GET H2	200	loader.js Show response sdk.privacy-center.org/	2 KB 1 KB	24ms 6ms	Script application/javascript	2600:9000:214f:4400:5:b7cc:d3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sdk.privacy-center.org/loader.js Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:4400:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 053eefdb2cbd40aea86f938e2d2d00df4102da3a0f7c13b2e80412b30b370462 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:07:28 GMT content-encoding gzip server CloudFront age 174 etag "85fa0fd4825777b74b069d25efe616eb" x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 status 200 cache-control public, max-age=3600 x-amz-cf-pop FRA53-C1 content-length 817 via 1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront) x-amz-cf-id vrE39BjfiCvHc4JUUdsGe_PA7rfkprzfYhvXgPQSN-5btBpEUIpajQ==
GET H2	200	ats.js Show response ats.rlcdn.com/	177 KB 58 KB	185ms 138ms	Script application/javascript	35.244.220.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ats.rlcdn.com/ats.js Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.220.155 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 155.220.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash 2bb2475d2b2cf370397c2b64a849bd7c28af361e4380ec3b78328d22a85579ef Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:22 GMT content-encoding gzip x-guploader-uploadid ABg5-Uy0Qwt1ho3Djd85kuuT2gojWCJyhFhwWXVmTcspMaDx4tHICV1WxUhB6GxlvwoG269YPRRMlt4CpRhFK3lQNWDQv0ZWMA x-goog-storage-class STANDARD status 200 x-goog-metageneration 4 x-goog-stored-content-encoding gzip alt-svc clear content-length 58978 last-modified Fri, 18 Sep 2020 09:37:32 GMT server UploadServer etag "8bf2d290e7a0e481c7891dec04b04bfa" x-goog-hash crc32c=br09bg==, md5=i/LSkOeg5IHHiR3sBLBL+g== x-goog-generation 1600421852871292 cache-control no-transform x-goog-stored-content-length 58978 accept-ranges bytes content-type application/javascript expires Fri, 24 Sep 2021 12:10:22 GMT
GET H2	200	script.js Show response d275im4r3zngba.cloudfront.net/	102 KB 35 KB	31ms 8ms	Script application/javascript	2600:9000:214f:6200:8:bd4:5580:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d275im4r3zngba.cloudfront.net/script.js Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:6200:8:bd4:5580:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9a8214052359402b1c25fa4523dd04a049eb8be38b2eb41f738d2d330787d192 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 00:14:15 GMT content-encoding gzip last-modified Mon, 31 Aug 2020 13:02:02 GMT server AmazonS3 age 42967 etag W/"6e47f1c06fad84ce8f75d64aa976c461" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 x-amz-cf-pop FRA53-C1 x-amz-cf-id oFgKwRXf_-XbzVYVtqMOtuN-FUczWUQP1HaI3-lEMchDBWEaE_P4fw== via 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
GET H2	200	gtm.js Show response www.googletagmanager.com/	149 KB 45 KB	35ms 16ms	Script application/javascript	2a00:1450:4001:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TVS8NW5 Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash de8db975129fccbbddea1d3cebcbf260340b954bc560346681af63dcd1fa588f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:22 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control status 200 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 45734 x-xss-protection 0 expires Thu, 24 Sep 2020 12:10:22 GMT
GET H2	200	c7d02a1e59a0e7b51e0d5f9d5beb0a3d.js Show response g.newsweek.com/sys/js/	140 KB 44 KB	81ms 25ms	Script application/javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://g.newsweek.com/sys/js/c7d02a1e59a0e7b51e0d5f9d5beb0a3d.js?v=1600948734 Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash 44a13145a0a6b78680fd1903b7e55241141be68d2bb0ef6aaaf5ea0e9e6846b1 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:22 GMT content-encoding gzip last-modified Thu, 24 Sep 2020 11:59:00 GMT server Apache status 200 etag "1600948740" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949422.cds207.lo4.hn,1600949422.cds088.lo4.c content-type application/javascript access-control-allow-origin * cache-control public, max-age=25920000 accept-ranges bytes content-length 45134
OPTIONS H2	204	1a i.clean.gg/ Frame	0 0	162ms 113ms	Other text/plain	34.95.69.49 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://i.clean.gg/1a Protocol H2 Server 34.95.69.49 , United States, ASN15169 (GOOGLE, US), Reverse DNS 49.69.95.34.bc.googleusercontent.com Software nginx/1.17.4 / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://www.newsweek.com Sec-Fetch-Mode cors Response headers status 204 server nginx/1.17.4 date Thu, 24 Sep 2020 12:10:22 GMT access-control-allow-origin * access-control-allow-methods GET, POST, OPTIONS access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,x-api-key access-control-max-age 1728000 content-type text/plain; charset=utf-8 content-length 0 via 1.1 google alt-svc clear
OPTIONS H2	200	958153f1b8b96ec4c4eb2147429105d9.json dw7nrwnn2bkh1.cloudfront.net/ Frame	0 0	198ms 137ms	Other	2600:9000:20ae:2c00:6:266a:9940:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json Protocol H2 Server 2600:9000:20ae:2c00:6:266a:9940:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://www.newsweek.com Sec-Fetch-Mode cors Response headers status 200 content-length 0 date Thu, 24 Sep 2020 12:10:23 GMT access-control-allow-origin * access-control-allow-methods GET, POST access-control-allow-headers content-type access-control-max-age 600 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method server AmazonS3 x-cache Miss from cloudfront via 1.1 4cb16ea6a84fa64395352e03f53b5e8f.cloudfront.net (CloudFront) x-amz-cf-pop WAW50-C1 x-amz-cf-id 7mSliMlqSbGvdlNQh2iy5WHmp2BlkkmJZzJMn_Sw0_se49VK4kow2Q==
POST H2	200	1a Show response i.clean.gg/	0 104 B	111ms 111ms	XHR application/octet-stream	34.95.69.49 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://i.clean.gg/1a Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.95.69.49 , United States, ASN15169 (GOOGLE, US), Reverse DNS 49.69.95.34.bc.googleusercontent.com Software nginx/1.17.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers date Thu, 24 Sep 2020 12:10:22 GMT via 1.1 google server nginx/1.17.4 access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,x-api-key status 200 access-control-allow-methods GET, POST, OPTIONS content-type application/octet-stream access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range alt-svc clear content-length 0
GET H2	200	958153f1b8b96ec4c4eb2147429105d9.json Show response dw7nrwnn2bkh1.cloudfront.net/	4 KB 4 KB	26ms 25ms	XHR application/json	2600:9000:20ae:2c00:6:266a:9940:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ae:2c00:6:266a:9940:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a908fad3bb28da9ab396f788ae30181a09aa46d9a959aec0b726392fe8dd130b Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers date Thu, 24 Sep 2020 11:32:24 GMT via 1.1 4cb16ea6a84fa64395352e03f53b5e8f.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 2279 x-cache Hit from cloudfront status 200 content-length 3614 last-modified Thu, 24 Sep 2020 11:30:37 GMT server AmazonS3 etag "3392e8d2d41bf4a3b8f8076ce14b63ab" access-control-max-age 600 access-control-allow-methods GET, POST content-type application/json access-control-allow-origin * x-amz-cf-pop WAW50-C1 accept-ranges bytes x-amz-cf-id sp82pISEOQAmQzed9WQEyZNUmF2z_xjNAOhGVKjcW0ijuJpLpu10mA==
GET H2	200	prebid.js Show response g.newsweek.com/www/js/	381 KB 120 KB	104ms 49ms	Script application/javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://g.newsweek.com/www/js/prebid.js?v=4.8.0 Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash 79df0f2164a61d893ab4b277d8d900b857e86e1cc14716cd80ade940d6c2d9b8 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:22 GMT content-encoding gzip last-modified Fri, 18 Sep 2020 15:55:24 GMT server Apache status 200 etag "1600444524" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949422.cds207.lo4.hn,1600949422.cds011.lo4.c content-type application/javascript access-control-allow-origin * cache-control public, max-age=25920000 accept-ranges bytes content-length 123176
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	52 KB 18 KB	89ms 33ms	Script text/javascript	172.217.23.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s22-in-f162.1e100.net Software sffe / Resource Hash e2175ad7e73e4186e33c65da9e035b5a3dc28e9ef3104e73128eb102790409ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:22 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "642 / 426 of 1000 / last-modified: 1600945960" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17541 x-xss-protection 0 expires Thu, 24 Sep 2020 12:10:22 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	108 KB 28 KB	130ms 48ms	Script application/javascript	54.192.228.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.192.228.117 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-228-117.waw50.r.cloudfront.net Software Server / Resource Hash 02a2079808b1d062ff16a7d19627e9ee4a94f989aa879d9f81333364fa5a8ea0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Sep 2020 13:10:26 GMT content-encoding gzip server Server age 82795 etag 7332ce399a8e629a25d60312745ef936 x-cache Hit from cloudfront content-type application/javascript status 200 cache-control public, max-age=86400 x-amz-cf-pop WAW50-C1 accept-ranges bytes timing-allow-origin * x-amz-cf-id rAPoUr8Lgo_5nEDeijE_b03K0S-3oi27eiUAUO94wguGa0gZf0iIyA== via 1.1 7210fed509d8e341021bffe29c62787c.cloudfront.net (CloudFront)
GET H2	200	2530abce6ca00642603d2da0bd9e6505.js Show response g.newsweek.com/sys/js/	12 KB 4 KB	128ms 73ms	Script application/javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://g.newsweek.com/sys/js/2530abce6ca00642603d2da0bd9e6505.js?v=1600948734 Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash 4ba4b7e5cc9406279c05c66c5902b7a16811e176eae44df624f896a7f3d50940 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:22 GMT content-encoding gzip last-modified Thu, 24 Sep 2020 11:58:57 GMT server Apache status 200 etag "1600948737" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949422.cds207.lo4.hn,1600949422.cds259.lo4.c content-type application/javascript access-control-allow-origin * cache-control public, max-age=25920000 accept-ranges bytes content-length 4459
GET H2	200	db6ebc72fb9158474ca45ddec7e24506.js Show response g.newsweek.com/sys/js/	44 KB 13 KB	129ms 74ms	Script application/javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://g.newsweek.com/sys/js/db6ebc72fb9158474ca45ddec7e24506.js?v=1600948734 Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash 049cc18db6ba09cc073a627b58cacb62bef99b3873f54eef771db46afd30b429 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:22 GMT content-encoding gzip last-modified Thu, 24 Sep 2020 11:58:57 GMT server Apache status 200 etag "1600948737" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949422.cds207.lo4.hn,1600949422.cds097.lo4.c content-type application/javascript access-control-allow-origin * cache-control public, max-age=25920000 accept-ranges bytes content-length 13579
GET H2	200	3a01ce5912471ea9604df7353ae5fd6f.js Show response g.newsweek.com/sys/js/	22 KB 4 KB	129ms 75ms	Script application/javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://g.newsweek.com/sys/js/3a01ce5912471ea9604df7353ae5fd6f.js?v=1600948734 Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash b85cdba14be845f439bbc4c0fa50392b8256ae564227d2de1758938b40fb7848 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:22 GMT content-encoding gzip last-modified Thu, 24 Sep 2020 11:58:57 GMT server Apache status 200 etag "1600948737" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949422.cds207.lo4.hn,1600949422.cds203.lo4.c content-type application/javascript access-control-allow-origin * cache-control public, max-age=25920000 accept-ranges bytes content-length 4293
GET H2	200	b Show response query.fqtag.com/	82 B 163 B	82ms 26ms	Script text/plain	35.186.195.222 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://query.fqtag.com/b?org=YQwTNw4Muk9XFo4QH9JJ&sk=Wxsob0fAt4ZFyMO18SqG&callback=fq_callback&p=www.newsweek.com_article&a=article&cmp=none&cb=1600949422655&url=https%3A%2F%2Ft.co%2FsJVbuREl6X&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36 Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.195.222 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 222.195.186.35.bc.googleusercontent.com Software / Resource Hash b896263dd16c4f5f4009a72b04489499dcd90ce9658086dcb3eb4b01409f088b Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Thu, 24 Sep 2020 12:10:22 GMT via 1.1 google alt-svc clear content-length 82
GET H2	200	pub.js Show response pub.doubleverify.com/	2 KB 2 KB	105ms 69ms	Script text/javascript	2606:4700::6812:a6e0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pub.doubleverify.com/pub.js?ctx=17474756&cmp=17492528 Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8d8697cb9d666adc44ac56735286570f2959b000bb9f1151f0b8d67f6803095d Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Thu, 24 Sep 2020 12:10:22 GMT content-encoding br server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary User-Agent, Referer, Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=0, stale-while-revalidate=345600, stale-if-error=345600 server-timing ids;desc="ids cached";dur=44, bsc;desc="bsc cached";dur=33 cf-ray 5d7c66e3d9afc281-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 05619ea26a0000c281f413a200000001
GET H2	200	icon-arrow-right.svg g.newsweek.com/www/images/	328 B 345 B	87ms 56ms	Image image/svg+xml	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://g.newsweek.com/www/images/icon-arrow-right.svg Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash ec21da6e960bab474158649800a3c87e315353d3de7e08442097d6feea9f2704 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Origin https://www.newsweek.com Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:22 GMT content-encoding gzip last-modified Sun, 07 Jun 2020 12:28:02 GMT server Apache status 200 etag "1591532882" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949422.cds018.lo4.hn,1600949422.cds092.lo4.c content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=25920000 accept-ranges bytes content-length 227
GET H2	200	icon-search-glass.svg g.newsweek.com/www/images/	485 B 503 B	56ms 25ms	Image image/svg+xml	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://g.newsweek.com/www/images/icon-search-glass.svg Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash 62650fd33dce4209d2585176f5f4fcee4fb5abdeba5f3140bec1dd5f9abe043a Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:22 GMT content-encoding gzip last-modified Wed, 06 May 2020 17:31:53 GMT server Apache status 200 etag "1588786313" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949422.cds207.lo4.hn,1600949422.cds066.lo4.c content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=25920000 accept-ranges bytes content-length 293
GET H2	200	robotocondensed-regular-webfont.woff2 g.newsweek.com/www/fonts/	20 KB 20 KB	73ms 28ms	Font application/octet-stream	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://g.newsweek.com/www/fonts/robotocondensed-regular-webfont.woff2 Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash 388af73744b09132aa6a876cf3534a0dc298c8f907d3f1d3747c9cc77e377709 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Origin https://www.newsweek.com Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:22 GMT content-encoding gzip last-modified Thu, 11 Jun 2020 19:21:10 GMT server Apache status 200 etag "1591903270" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949422.cds018.lo4.hn,1600949422.cds088.lo4.c content-type application/octet-stream access-control-allow-origin * cache-control public, max-age=25920000 accept-ranges bytes content-length 20051
GET H2	200	robotocondensed-bold-webfont.woff2 g.newsweek.com/www/fonts/	20 KB 20 KB	72ms 29ms	Font application/octet-stream	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://g.newsweek.com/www/fonts/robotocondensed-bold-webfont.woff2 Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash 584c77a6f70354f4e4f5a7630ab2a362c2d946d99e8bfee1f0fbed2e085e6987 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Origin https://www.newsweek.com Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:22 GMT content-encoding gzip last-modified Tue, 07 Jul 2020 11:38:00 GMT server Apache status 200 etag "1594121880" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949422.cds018.lo4.hn,1600949422.cds017.lo4.c content-type application/octet-stream access-control-allow-origin * cache-control public, max-age=25920000 accept-ranges bytes content-length 20051
GET H2	200	graphic Show response d.newsweek.com/widget/	65 KB 16 KB	73ms 25ms	XHR text/css	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://d.newsweek.com/widget/graphic?path=video/css/video-js.min.css&mime=text/css&v=1600948734 Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash dd4229e84aefebe8545d4730158e4907d51855f69181710d42782b9aa579b635 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:22 GMT content-encoding gzip x-cacheable YES status 200 access-control-allow-methods GET, POST content-length 15854 last-modified Thu, 24 Sep 2020 11:58:57 GMT server Apache etag "1600948737" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949422.cds053.lo4.hn,1600949422.cds098.lo4.c content-type text/css;charset=UTF-8 access-control-allow-origin * x-cahce HIT cache-control max-age=25920000, public, max-age=29030400, public accept-ranges bytes access-control-allow-headers X-Requested-With
GET H2	200	07bba1a9c30c8f01d28d980808d6b064.js Show response g.newsweek.com/sys/js/	552 KB 153 KB	50ms 49ms	Script application/javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://g.newsweek.com/sys/js/07bba1a9c30c8f01d28d980808d6b064.js?v=1600948734 Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash 4795db295809856d8ac5dfc848b75a56c0824f649673a2acddab250037917bc1 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:22 GMT content-encoding gzip last-modified Thu, 24 Sep 2020 11:58:57 GMT server Apache status 200 etag "1600948737" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949422.cds207.lo4.hn,1600949422.cds009.lo4.c content-type application/javascript access-control-allow-origin * cache-control public, max-age=25920000 accept-ranges bytes content-length 156896
GET H2	200	Genericons.woff g.newsweek.com/www/fonts/	14 KB 14 KB	70ms 50ms	Font application/octet-stream	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://g.newsweek.com/www/fonts/Genericons.woff Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash 970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Origin https://www.newsweek.com Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:22 GMT content-encoding gzip last-modified Wed, 23 Sep 2020 10:07:50 GMT server Apache status 200 etag "1600855670" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949422.cds018.lo4.hn,1600949422.cds106.lo4.c content-type application/octet-stream access-control-allow-origin * cache-control public, max-age=25920000 accept-ranges bytes content-length 13887
GET H2	200	logo-n1.svg g.newsweek.com/www/images/	409 B 401 B	61ms 60ms	Image image/svg+xml	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://g.newsweek.com/www/images/logo-n1.svg Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash 3498075c5fecbfcba9f37d8a12a10c7f29aabe59cf17f808c307a931327f7035 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:22 GMT content-encoding gzip last-modified Fri, 12 Jun 2020 17:41:47 GMT server Apache status 200 etag "1591983707" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949422.cds207.lo4.hn,1600949422.cds227.lo4.c content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=25920000 accept-ranges bytes content-length 294
GET H2	200	free-sign-up.svg g.newsweek.com/www/images/	3 KB 1 KB	62ms 61ms	Image image/svg+xml	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://g.newsweek.com/www/images/free-sign-up.svg Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash 06121602e76bebd8a474c28cf12e9fcf1d8ee8d586ee61997702e39fe3b365dc Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:22 GMT content-encoding gzip last-modified Thu, 07 May 2020 03:55:19 GMT server Apache status 200 etag "1588823719" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949422.cds207.lo4.hn,1600949422.cds091.lo4.c content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=25920000 accept-ranges bytes content-length 1332
GET H2	200	chartbeat.js Show response static.chartbeat.com/js/	36 KB 14 KB	23ms 7ms	Script application/x-javascript	2600:9000:2057:f600:18:1fcd:34e:d2a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat.js Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:f600:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 10:30:00 GMT content-encoding gzip last-modified Fri, 24 Apr 2020 01:13:41 GMT server nginx age 6022 etag W/"5ea23d45-8e68" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript status 200 cache-control max-age=7200 x-amz-cf-pop FRA6-C1 x-amz-cf-id HvlxuB0_mUvPhLHzTnjDvJ_jPPS0BfB4RN9nvFwlgx6EYaH8m8p8aA== via 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront) expires Thu, 24 Sep 2020 12:30:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	45 KB 19 KB	26ms 6ms	Script text/javascript	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 09 Sep 2020 01:50:37 GMT server Golfe2 age 5801 date Thu, 24 Sep 2020 10:33:41 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18650 expires Thu, 24 Sep 2020 12:33:41 GMT
GET H2	200	main.min.js Show response js.pelcro.com/sdk/	191 KB 52 KB	36ms 7ms	Script text/javascript	2600:9000:2057:ee00:c:b42a:3740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.pelcro.com/sdk/main.min.js Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:ee00:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f2c8f7ad3b7a6d630c09adddf2ee7dfad0d852646c3cc755d30f90419f40c65a Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 08:05:35 GMT content-encoding br last-modified Thu, 27 Aug 2020 20:52:02 GMT server AmazonS3 age 14697 etag "b6dd9aca00777edb251e7f41dd4f3976" x-cache Hit from cloudfront content-type text/javascript; charset=utf-8 status 200 x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 52549 via 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront) x-amz-cf-id sJzcX1brwYun9yJzoDChlWY-Va0Rsej5YhS4MESNGXzs84UntnQCCQ==
GET H/1.1	204 No Content	b2 sb.scorecardresearch.com/ Redirect Chain https://sb.scorecardresearch.com/b?c1=2&c2=7922264&ns__t=1600949422801&ns_c=UTF-8&c8=Russian%20Cyber%20Gang%20Linked%20to%20Hospital%20Hack%20That%20Resulted%20in%20Woman%27s%20Death&c7=https%3A%2F... https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1600949422801&ns_c=UTF-8&c8=Russian%20Cyber%20Gang%20Linked%20to%20Hospital%20Hack%20That%20Resulted%20in%20Woman%27s%20Death&c7=https%3A%2...	0 528 B	39ms 38ms	Image text/plain	2.19.34.195 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1600949422801&ns_c=UTF-8&c8=Russian%20Cyber%20Gang%20Linked%20to%20Hospital%20Hack%20That%20Resulted%20in%20Woman%27s%20Death&c7=https%3A%2F%2Fwww.newsweek.com%2Fgerman-hospital-ransomware-cyberattack-russia-hackers-1533752&c9=https%3A%2F%2Ft.co%2FsJVbuREl6X&cs_ak_ss=1 Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-19-34-195.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 24 Sep 2020 12:10:23 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1600949422801&ns_c=UTF-8&c8=Russian%20Cyber%20Gang%20Linked%20to%20Hospital%20Hack%20That%20Resulted%20in%20Woman%27s%20Death&c7=https%3A%2F%2Fwww.newsweek.com%2Fgerman-hospital-ransomware-cyberattack-russia-hackers-1533752&c9=https%3A%2F%2Ft.co%2FsJVbuREl6X&cs_ak_ss=1 Pragma no-cache Date Thu, 24 Sep 2020 12:10:22 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	check.svg g.newsweek.com/www/images/	171 B 274 B	25ms 24ms	Image image/svg+xml	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://g.newsweek.com/www/images/check.svg Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash aa12b6968b55d509378d47dc26722bd22f3b62a5d85d11685817da0275601693 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:22 GMT content-encoding gzip last-modified Fri, 08 May 2020 18:51:29 GMT server Apache status 200 etag "1588963889" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949422.cds207.lo4.hn,1600949422.cds065.lo4.c content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=25920000 accept-ranges bytes content-length 158
GET H2	200	icon-arrow-right.svg g.newsweek.com/www/images/	328 B 333 B	26ms 25ms	Image image/svg+xml	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://g.newsweek.com/www/images/icon-arrow-right.svg Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash ec21da6e960bab474158649800a3c87e315353d3de7e08442097d6feea9f2704 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:22 GMT content-encoding gzip last-modified Sun, 07 Jun 2020 12:28:02 GMT server Apache status 200 etag "1591532882" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949422.cds207.lo4.hn,1600949422.cds092.lo4.c content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=25920000 accept-ranges bytes content-length 227
GET H2	200	counter.js Show response gc.newsweek.com/front/js/	2 KB 1 KB	89ms 38ms	Script application/javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://gc.newsweek.com/front/js/counter.js Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash fe65e41e19be6b78afd67773d4b9ecc451715f2a83d04b4b4a2ddc9fedccf22d Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:22 GMT content-encoding gzip last-modified Sun, 20 Sep 2020 08:32:27 GMT server Apache status 200 etag "1600590747" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949422.cds039.lo4.hn,1600949422.cds021.lo4.c content-type application/javascript access-control-allow-origin * cache-control public, max-age=25920000 accept-ranges bytes content-length 874
GET H2	200	sdk.39fcc2cca26e12c665c0bc5b9b502d8b0b37eb2b.js Show response sdk.privacy-center.org/	240 KB 54 KB	8ms 8ms	Script application/javascript	2600:9000:214f:4400:5:b7cc:d3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sdk.privacy-center.org/sdk.39fcc2cca26e12c665c0bc5b9b502d8b0b37eb2b.js Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:4400:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0bb98fd633e582131b71cba4ee257a2021761308fa4375d8fcaa4dbdc1b8acb8 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Sep 2020 10:07:25 GMT content-encoding gzip last-modified Wed, 23 Sep 2020 10:04:36 GMT server AmazonS3 x-amz-meta-s3cmd-attrs atime:1600855357/ctime:1600855357/gid:0/gname:root/md5:0cac22596dda4da0573b0a17f0a37b73/mode:33188/mtime:1600855357/uid:0/uname:root age 93778 etag W/"0cac22596dda4da0573b0a17f0a37b73" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 status 200 cache-control public, max-age=31536000 x-amz-cf-pop FRA53-C1 x-amz-cf-id _dSFrAYi-CbBIbLQ2HvdR_jDCxf_5MxxNc7MStMhapAByVK6VZ3saQ== via 1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
GET H2	200	/ Show response geo.rlcdn.com/	117 B 343 B	212ms 182ms	Fetch application/json	2a00:1450:4001:801::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://geo.rlcdn.com/ Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Express Resource Hash 3f7bf30d500058f66506ccc4ac416612e3e16dde70a0a1a353d0a1503f29e47c Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:23 GMT content-encoding gzip etag W/"75-K1wgeg4GdzSOFo1iialOuyjNMuQ" server Google Frontend status 200 x-powered-by Express vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * x-cloud-trace-context 4f761e1184e328ba06ffd204ec4387f3 cache-control private content-length 129
GET H3-Q050	200	pubads_impl_2020091702.js Show response securepubads.g.doubleclick.net/gpt/	264 KB 93 KB	72ms 40ms	Script text/javascript	172.217.23.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516 Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.23.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s22-in-f162.1e100.net Software sffe / Resource Hash bf854a7b7ea523eaf0e05e333f6768d66af9f3430b9e2770edc995a169e24167 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:22 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 17 Sep 2020 18:00:22 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 94763 x-xss-protection 0 expires Thu, 24 Sep 2020 12:10:22 GMT
POST H2	204	/ vtrk.doubleverify.com/	0 183 B	107ms 35ms	Other text/plain	54.216.188.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=dv-pub-tag@2.1.0&cid=c203f15b-6513-4752-813f-8d85eb1feb38&ea=pq-get&z=974153419591&ctx=17474756&cmp=17492528 Requested by Host: pub.doubleverify.com URL: https://pub.doubleverify.com/pub.js?ctx=17474756&cmp=17492528 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.216.188.66 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-216-188-66.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 24 Sep 2020 12:10:23 GMT server nginx status 204 vary Origin access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://www.newsweek.com cache-control no-cache access-control-allow-credentials true
GET H2	200	implement-r.js Show response fqtag.com/tag/	2 KB 2 KB	83ms 35ms	Script application/javascript	35.190.72.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fqtag.com/tag/implement-r.js?org=YQwTNw4Muk9XFo4QH9JJ&p=www.newsweek.com_article_risk_Y&a=article&cmp=none&rd=https%3A%2F%2Ft.co%2FsJVbuREl6X&rt=display&sl=1&fq=1 Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 161.72.190.35.bc.googleusercontent.com Software / Resource Hash 8d516e44353e0be629db496e0358b21eb84598017044130e9f2fadff8fbdd140 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 24 Sep 2020 12:10:23 GMT via 1.1 google status 200 content-type application/javascript access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2059 x-xss-protection 0 expires 0
GET H2	200	the-debate Show response d.newsweek.com/json/	7 KB 1 KB	26ms 25ms	XHR application/json	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://d.newsweek.com/json/the-debate?time=1600943164&te=1600948734 Requested by Host: g.newsweek.com URL: https://g.newsweek.com/sys/js/c7d02a1e59a0e7b51e0d5f9d5beb0a3d.js?v=1600948734 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash 46623cb4837f482924ab8e77b6de05a11d3e3d659075bf2f12bad3f99574634a Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:23 GMT content-encoding gzip last-modified Thu, 24 Sep 2020 11:59:00 GMT server Apache x-cacheable YES status 200 etag "1600948740" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949423.cds053.lo4.hn,1600949423.cds062.lo4.c content-type application/json access-control-allow-origin * x-cahce HIT cache-control max-age=25920000, public, max-age=29030400, public accept-ranges bytes content-length 1314
GET H2	200	home-opinion Show response d.newsweek.com/json/	16 KB 2 KB	27ms 26ms	XHR application/json	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://d.newsweek.com/json/home-opinion?time=1600943164&te=1600948734 Requested by Host: g.newsweek.com URL: https://g.newsweek.com/sys/js/c7d02a1e59a0e7b51e0d5f9d5beb0a3d.js?v=1600948734 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash 82f3b947bd6f4f65456133f04265efc9f4bc4e5e8748051943d83392d1b8aee8 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:23 GMT content-encoding gzip last-modified Thu, 24 Sep 2020 11:59:00 GMT server Apache x-cacheable YES status 200 etag "1600948740" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949423.cds053.lo4.hn,1600949423.cds098.lo4.c content-type application/json access-control-allow-origin * x-cahce HIT cache-control max-age=25920000, public, max-age=29030400, public accept-ranges bytes content-length 1898
GET H2	200	v2obs;v3-location-point Show response api.weather.com/v3/aggcommon/	2 KB 1 KB	173ms 158ms	XHR application/json	2a02:26f0:f1:295::3282 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://api.weather.com/v3/aggcommon/v2obs;v3-location-point?geocodes=52.310900,4.945300&language=en-US&units=m&format=json&apiKey=122c977a0e234e1bac977a0e23de1b2e Requested by Host: g.newsweek.com URL: https://g.newsweek.com/sys/js/c7d02a1e59a0e7b51e0d5f9d5beb0a3d.js?v=1600948734 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:f1:295::3282 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash 8139577bf75bb4b5d409b4ccd07e175baad69e45ef8dee736c4ec654a33105c7 Request headers Accept */* Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:23 GMT content-encoding gzip status 200 surrogate-control ESI/1.0 vary Accept-Encoding content-type application/json; charset=UTF-8 access-control-allow-origin * cache-control max-age=293 x-region eu-west-1 x-trace-token a71ad272-7311-419d-9ad2-727311719d43, a71ad272-7311-419d-9ad2-727311719d43 content-length 963
POST H2	204	/ vtrk.doubleverify.com/	0 183 B	34ms 33ms	Other text/plain	54.216.188.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=dv-pub-tag@2.1.0&cid=c203f15b-6513-4752-813f-8d85eb1feb38&ea=load&z=161059539390&cd180=network&cd187=ids%20cached&cd188=bsc%20cached&cm170=0&cm180=109&cm181=14&cm182=5&cm183=17&cm184=69&cm185=0&cm186=289&cm187=44&cm188=33&ctx=17474756&cmp=17492528 Requested by Host: pub.doubleverify.com URL: https://pub.doubleverify.com/pub.js?ctx=17474756&cmp=17492528 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.216.188.66 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-216-188-66.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 24 Sep 2020 12:10:23 GMT server nginx status 204 vary Origin access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://www.newsweek.com cache-control no-cache access-control-allow-credentials true
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	142ms 54ms	XHR application/javascript	54.192.228.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.192.228.117 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-228-117.waw50.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 07:19:32 GMT content-encoding gzip vary Accept-Encoding,Origin age 17452 x-cache Hit from cloudfront status 200 access-control-allow-origin * last-modified Wed, 09 Sep 2020 11:16:19 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript via 1.1 5e71ebbd3e768e1e564c88b3632039d8.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop WAW50-C1 x-amz-cf-id 5XrVh0nA8LD0bRuKfKQlQfvmJE4rwqKSVG1xYfqR4y1f0_1w-NOCoQ==
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	296 KB 102 KB	35ms 15ms	Script text/javascript	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b7db90d988f2d569ee665c1666e383f3ccb226e4532320946bb42d09702c6ed8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:23 GMT content-encoding gzip x-content-type-options nosniff server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 accept-ranges bytes alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 104172 x-xss-protection 0 expires Thu, 24 Sep 2020 12:10:23 GMT
GET H2	200	play-list Show response videos.newsweek.com/widget/	8 KB 2 KB	937ms 887ms	XHR application/json	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://videos.newsweek.com/widget/play-list?nid=35495&items=4&v=1600948734 Requested by Host: g.newsweek.com URL: https://g.newsweek.com/sys/js/c7d02a1e59a0e7b51e0d5f9d5beb0a3d.js?v=1600948734 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash 35145ea7c5473c3c4c748de57615d843c31ae53622f3842aa465e8e12917217b Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Accept */* Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:24 GMT content-encoding gzip x-cacheable YES server Apache status 200 etag "1600949423" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949423.cds042.lo4.hn,1600949423.cds080.lo4.sc,1600949423.dop175.dc2.r,1600949423.cds176.dc2.sc,1600949423.cds176.dc2.p,1600949424.cds080.lo4.p content-type application/json access-control-allow-origin * x-cahce HIT cache-control max-age=25920000 last-modified Thu, 24 Sep 2020 12:10:23 GMT accept-ranges bytes content-length 1688
GET H2	200	opinion-headshot-bg.png g.newsweek.com/www/images/	5 KB 5 KB	24ms 24ms	Image image/png	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://g.newsweek.com/www/images/opinion-headshot-bg.png Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash d73c80c747e2ebaa8fce065cb77d293449cc8ca02591327c5a95d924c1948364 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:23 GMT content-encoding gzip last-modified Mon, 15 Jun 2020 13:40:33 GMT server Apache status 200 etag "1592228433" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949423.cds207.lo4.hn,1600949423.cds233.lo4.c content-type image/png access-control-allow-origin * cache-control public, max-age=25920000 accept-ranges bytes content-length 4876
GET H2	200	ping ping.chartbeat.net/	43 B 168 B	301ms 100ms	Image image/gif	54.174.166.121 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ping.chartbeat.net/ping?h=newsweek.com&p=%2Fgerman-hospital-ransomware-cyberattack-russia-hackers-1533752&u=D7VXNIet6slSIYUT&d=newsweek.com&g=65968&g0=Tech%20%26%20Science&g1=Jason%20Murdock&n=1&f=00001&c=0&x=0&m=0&y=7041&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=https%3A%2F%2Ft.co%2FsJVbuREl6X&b=927&t=BCnAvFBNMVqrD4nw-YDsN26feuDQz&V=120&i=Russian%20Cyber%20Gang%20Linked%20to%20Hospital%20Hack%20That%20Resulted%20in%20Woman%27s%20Death&tz=-120&_acct=anon&sn=1&sv=GPGxvCjtMS-Be_FWwBuL7OndVyi0&sr=https%3A%2F%2Ft.co%2FsJVbuREl6X&sd=1&im=067b0ff0&_ Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.174.166.121 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-174-166-121.compute-1.amazonaws.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 pragma no-cache date Thu, 24 Sep 2020 12:10:23 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 43 expires 0
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 455 B	40ms 14ms	XHR text/plain	2a00:1450:400c:c0c::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-44450862-1&cid=1588910994.1600949423&jid=1627161202&gjid=197475314&_gid=1095434925.1600949423&_u=YGBAgUADQAAAAE~&z=2129362219 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Thu, 24 Sep 2020 12:10:23 GMT status 200 content-type text/plain access-control-allow-origin https://www.newsweek.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	js Show response www.google-analytics.com/gtm/	77 KB 30 KB	37ms 23ms	Script application/javascript	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=GTM-TJXQJV5&t=gtm4&cid=1588910994.1600949423 Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 33ca2ed941c9f4b7b29267334c176159486a004dccd744f21dc43487d934dc42 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:23 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control status 200 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30807 x-xss-protection 0 expires Thu, 24 Sep 2020 12:10:23 GMT
GET H3-Q050	200	collect www.google-analytics.com/	35 B 392 B	28ms 14ms	Image image/gif	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j86&a=302896412&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsweek.com%2Fgerman-hospital-ransomware-cyberattack-russia-hackers-1533752&dr=https%3A%2F%2Ft.co%2FsJVbuREl6X&ul=en-us&de=UTF-8&dt=Russian%20Cyber%20Gang%20Linked%20to%20Hospital%20Hack%20That%20Resulted%20in%20Woman%27s%20Death&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUADQ~&jid=1627161202&gjid=197475314&cid=1588910994.1600949423&tid=UA-44450862-1&_gid=1095434925.1600949423&gtm=2wg9g1TVS8NW5&cd1=Jason%20Murdock&cd2=Tech%20%26%20Science&cd3=&cd4=US&cd5=en&cd6=article&cd7=1533752&cd8=20200923&cd9=202009&cd10=newsweek.com%2Ftech-science%2Farticle&cd12=N&cd13=N&cd14=Y&cd15=Y&cd17=Technology%20%26%20Computing&cd18=related&cd19=web&cd20=22&cd21=7&cd22=article&cd23=web&cd24=N&cd25=Germany%2C%20Hospital%2C%20Cyberattack%2C%20Ransomware%2C%20Russia&cd26=ndef&cd27=nonpromoted&cd28=Breaking%20News%20-%20LON&cd30=Y&cd31=3&cd32=N&cd33=ndef&cd34=anon&cd35=724&cd36=Twitter&cd37=4g&z=876513810 Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 24 Sep 2020 05:00:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 25779 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET BLOB	200 OK	0d60b884-0b19-453d-b832-6648036166df https://www.newsweek.com/	31 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.newsweek.com/0d60b884-0b19-453d-b832-6648036166df Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Length 31 Content-Type application/javascript
GET H2	200	ui-gdpr-en.39fcc2cca26e12c665c0bc5b9b502d8b0b37eb2b.js Show response sdk.privacy-center.org/	225 KB 44 KB	11ms 10ms	Script application/javascript	2600:9000:214f:4400:5:b7cc:d3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sdk.privacy-center.org/ui-gdpr-en.39fcc2cca26e12c665c0bc5b9b502d8b0b37eb2b.js Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:4400:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 404f4e4c2f095f2720c392ab51da90d8cfecb21dbffc190c6cfcd84efb28ad49 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Sep 2020 10:07:26 GMT content-encoding gzip last-modified Wed, 23 Sep 2020 10:04:39 GMT server AmazonS3 x-amz-meta-s3cmd-attrs atime:1600855357/ctime:1600855357/gid:0/gname:root/md5:f51b3c47aea7e043369b8075509d4f5d/mode:33188/mtime:1600855357/uid:0/uname:root age 93778 etag W/"f51b3c47aea7e043369b8075509d4f5d" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 status 200 cache-control public, max-age=31536000 x-amz-cf-pop FRA53-C1 x-amz-cf-id FSgoPFVoSehPjtXGQ8eizpgkb8X8PNmeZlq_yBH5sw86jSqAi1gAuQ== via 1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
GET H2	200	30.webp g.newsweek.com/img/weather/	1 KB 2 KB	25ms 24ms	Image image/webp	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://g.newsweek.com/img/weather/30.webp Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash c7b1a3b9e6ae68e92fd3bb1d9691c3fa36807750b051a48516ea3e8f024dde25 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:23 GMT content-encoding gzip x-cacheable YES server Apache status 200 strict-transport-security max-age=86400; includeSubDomains x-hw 1600949423.cds207.lo4.hn,1600949423.cds082.lo4.c content-type image/webp access-control-allow-origin * x-cahce HIT cache-control max-age=31622400 accept-ranges bytes content-length 1445
GET H2	200	ic-white-arrow.webp g.newsweek.com/img/weather/	138 B 212 B	25ms 24ms	Image image/webp	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://g.newsweek.com/img/weather/ic-white-arrow.webp Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash 7f550848daa10c777a7f933e5bad8bf5c345796196ebe61c93c66f875d7b948a Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:23 GMT content-encoding gzip x-cacheable YES server Apache status 200 strict-transport-security max-age=86400; includeSubDomains x-hw 1600949423.cds207.lo4.hn,1600949423.cds252.lo4.c content-type image/webp access-control-allow-origin * x-cahce HIT cache-control max-age=31622400 accept-ranges bytes content-length 142
GET H2	200	article Show response stats.newsweek.com/counter/	14 B 474 B	346ms 114ms	Script text/html	3.228.33.201 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://stats.newsweek.com/counter/article?ack=sys_callback&site_id=7&c_what=article&a_id=1533752&r_id=28424&c_id=111&c_url=&referer=https%3A%2F%2Ft.co%2FsJVbuREl6X&device=desktop&a_editor=10&c_country=NL&xz=5&c_uque=1&c_ruque=1&c_visits=1 Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.228.33.201 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-228-33-201.compute-1.amazonaws.com Software Apache / Resource Hash 2ec0b21f417bbe2beccc0a0fdc58fd9b26c97958897c46c07185ad3d97be9f48 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:23 GMT content-encoding gzip server Apache vary Accept-Encoding content-type text/html; charset=UTF-8 status 200 cache-control max-age=25920000 strict-transport-security max-age=86400; includeSubDomains content-length 34
GET H2	200	pixel.js Show response cdn.fqtag.com/1.27.339-ccfb11a/	88 KB 31 KB	75ms 26ms	Script application/javascript	35.190.36.172 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.36.172 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 172.36.190.35.bc.googleusercontent.com Software UploadServer / Resource Hash e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 05 Sep 2020 15:41:37 GMT content-encoding gzip age 1628926 x-guploader-uploadid AAANsUlSANmq-ZlddI2bxKVlrki339ltgVS_LPaSzr8-J-GcdYbUFdadvuyvQtry26IPqlYAvbslzvoxwBQpsPXG6rzN6owhtg x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30765 last-modified Tue, 07 Jul 2020 15:17:55 GMT server UploadServer etag "c08f1e8b98a0a7459fd55bc14df717ef" x-goog-hash crc32c=P7hdeA==, md5=wI8ei5igp0Wf1VvBTfcX7w== content-language en x-goog-generation 1594135075752938 x-goog-expiration Sun, 03 Jan 2021 15:17:55 GMT cache-control public,max-age=31556926,no-transform x-goog-stored-content-length 30765 accept-ranges bytes content-type application/javascript expires Sun, 05 Sep 2021 15:41:37 GMT
OPTIONS H2	200	site www.pelcro.com/api/v1/sdk/ Frame	0 0	109ms 69ms	Other text/html	2606:4700:10::6816:958 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/site?site_id=1028&language=en Protocol H2 Server 2606:4700:10::6816:958 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers cache-control,x-pelcro-sdk-version Origin https://www.newsweek.com Sec-Fetch-Mode cors Response headers access-control-allow-origin * access-control-allow-methods GET,POST,PATCH,PUT,DELETE,OPTIONS access-control-allow-headers Authorization, Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, X-PINGOTHER, Access-Control-Request-Method, Access-Control-Request-Headers, Cache-Control, X-Pelcro-Sdk-Version
GET H2	200	site Show response www.pelcro.com/api/v1/sdk/	12 KB 2 KB	17ms 16ms	XHR application/json	2606:4700:10::6816:958 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.pelcro.com/api/v1/sdk/site?site_id=1028&language=en Requested by Host: js.pelcro.com URL: https://js.pelcro.com/sdk/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:958 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68bc05d191afeb1334016581ce21402783292c4c8613de958c363aa04d4a25d3 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept application/json Cache-Control max-age=0 Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 X-Pelcro-Sdk-Version 2.4.15 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:23 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 311 status 200 content-type application/json content-length 2296 cf-request-id 05619ea56f0000650f251f9200000001 x-ua-compatible IE=edge server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET,POST,PATCH,PUT,DELETE,OPTIONS content-language en access-control-allow-origin * cache-control no-cache, private, max-age=0 accept-ranges bytes cf-ray 5d7c66e8bf5f650f-FRA access-control-allow-headers Authorization, Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, X-PINGOTHER, Access-Control-Request-Method, Access-Control-Request-Headers, Cache-Control, X-Pelcro-Sdk-Version
GET H2	200	ga-audiences www.google.com/ads/	42 B 513 B	39ms 20ms	Image image/gif	2a00:1450:4001:824::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-44450862-1&cid=1588910994.1600949423&jid=1627161202&_u=YGBAgUADQAAAAE~&z=1098408808 Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 24 Sep 2020 12:10:23 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 513 B	38ms 19ms	Image image/gif	2a00:1450:4001:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-44450862-1&cid=1588910994.1600949423&jid=1627161202&_u=YGBAgUADQAAAAE~&z=1098408808 Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 24 Sep 2020 12:10:23 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	200	/ api-location-prd.pelcro.com/ Frame	0 0	180ms 116ms	Other application/json	99.86.7.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-location-prd.pelcro.com/ Protocol H2 Server 99.86.7.105 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-105.fra6.r.cloudfront.net Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers cache-control,x-pelcro-sdk-version Origin https://www.newsweek.com Sec-Fetch-Mode cors Response headers status 200 content-type application/json content-length 0 date Thu, 24 Sep 2020 12:10:23 GMT x-amzn-requestid 190147e2-75fb-44c3-b00c-14825108b0d8 access-control-allow-origin * allow GET access-control-allow-headers Authorization, Cache-Control, X-Pelcro-Sdk-Version x-amz-apigw-id TXrrdFPVIAMF45g= access-control-allow-methods GET x-cache Miss from cloudfront via 1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-amz-cf-id Pv880N_NE4bYaAZuLIdeg0HHoYYlY8jztexa0SXrQm7Wgib_TxkS6Q==
GET H2	200	/ Show response api-location-prd.pelcro.com/	349 B 743 B	133ms 133ms	XHR application/json	99.86.7.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-location-prd.pelcro.com/ Requested by Host: js.pelcro.com URL: https://js.pelcro.com/sdk/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.7.105 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-105.fra6.r.cloudfront.net Software / Resource Hash a13897657542db0455c68e62827cc41b2aa4af449689aac9b9035b187ea9cf07 Request headers Accept application/json Cache-Control max-age=0 Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 X-Pelcro-Sdk-Version 2.4.15 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:23 GMT via 1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-amzn-requestid d885f359-6e56-4e9d-b442-22f60a568920 status 200 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * x-amzn-trace-id Root=1-5f6c8caf-631dbe50de9c45109195ebd0;Sampled=0 access-control-allow-credentials true x-amz-apigw-id TXrreFfyoAMFhJA= content-length 349 x-amz-cf-id LjtpPIjECjjBEosvd8fs5ZA3F7xI2GIhw0K9tVLJTcZBVpdZnn0k_A==
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	23 B 372 B	86ms 85ms	XHR text/javascript	54.192.228.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=3376&u=https%3A%2F%2Fwww.newsweek.com%2Fgerman-hospital-ransomware-cyberattack-russia-hackers-1533752&pr=https%3A%2F%2Ft.co%2FsJVbuREl6X&pid=dIwSSY2in3zAL&cb=0&ws=1600x1200&v=7.54.00&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-top%22%2C%22s%22%3A%5B%22970x250%22%5D%7D%2C%7B%22sd%22%3A%22dfp-ad-right1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%7D%2C%7B%22id%22%3A%22Newsweek_VideoSlot%22%2C%22mt%22%3A%22v%22%7D%5D&gdprl=%7B%22cmpTimeout%22%3A500%2C%22status%22%3A%22cmp-timeout%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.192.228.117 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-228-117.waw50.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:23 GMT via 1.1 7210fed509d8e341021bffe29c62787c.cloudfront.net (CloudFront) server Server x-amz-cf-pop WAW50-C1 status 200 vary User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://www.newsweek.com access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id TooyKY0wFvn6AIIy1YjqCjL_yLlgbEE7QRfWkW04WVaI2sC0SWNqMA==
GET H/1.1	200 OK	cs.js Show response sb.scorecardresearch.com/c2/7922264/	0 400 B	25ms 24ms	Script application/x-javascript	2.19.34.195 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/c2/7922264/cs.js Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-19-34-195.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 24 Sep 2020 12:10:23 GMT Content-Encoding gzip Last-Modified Fri, 08 Apr 2011 23:11:26 GMT ETag "d41d8cd98f00b204e9800998ecf8427e:1349196464" Vary Accept-Encoding Content-Type application/x-javascript Cache-Control private, no-transform, max-age=259200 Connection keep-alive Content-Length 20 Expires Sun, 27 Sep 2020 12:10:23 GMT
GET H2	200	jamil-n-jaffer.webp d.newsweek.com/en/full/1635852/	6 KB 6 KB	128ms 83ms	Image image/webp	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://d.newsweek.com/en/full/1635852/jamil-n-jaffer.webp?w=150&h=150&f=ee5b9c2a7934dd91670a659078f9bbea Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash 067354ede74d2342739a29184e417c83d50abed169543c2153b789d04e6133e2 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:23 GMT last-modified Mon, 14 Sep 2020 16:18:39 GMT server Apache x-cacheable YES status 200 etag "1600100319" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949423.cds017.lo4.hn,1600949423.cds078.lo4.c content-type image/webp access-control-allow-origin * x-cahce HIT cache-control max-age=25920000, max-age=29030400, public accept-ranges bytes content-length 6430
GET H2	200	bonnie-kristian.webp d.newsweek.com/en/full/1568478/	6 KB 6 KB	79ms 33ms	Image image/webp	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://d.newsweek.com/en/full/1568478/bonnie-kristian.webp?w=150&h=150&f=e7d92ab04281e52ef365c0014402de48 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash 155836c8ff476d546271e048e6818453e89f5b93c24ae8f76652ffc4c444ab32 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:23 GMT last-modified Fri, 18 Sep 2020 17:04:42 GMT server Apache x-cacheable YES status 200 etag "1600448682" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949423.cds017.lo4.hn,1600949423.cds037.lo4.c content-type image/webp access-control-allow-origin * x-cahce HIT cache-control max-age=25920000, max-age=29030400, public accept-ranges bytes content-length 6432
GET H2	200	michele-goodwin.webp d.newsweek.com/en/full/1596837/	2 KB 2 KB	78ms 33ms	Image image/webp	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://d.newsweek.com/en/full/1596837/michele-goodwin.webp?w=63&h=63&f=f64b9f55b70690270af56ffd3a31778d Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash e9e9cbcf364d0cf8b5defb05f8fceaf033041b6ea41bde946c0d0e75e4e2238e Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:23 GMT last-modified Wed, 23 Sep 2020 18:44:52 GMT server Apache x-cacheable YES status 200 etag "1600886692" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949423.cds017.lo4.hn,1600949423.cds207.lo4.c content-type image/webp access-control-allow-origin * x-cahce HIT cache-control max-age=25920000, max-age=29030400, public accept-ranges bytes content-length 1958
GET H2	200	alan-dershowitz.webp d.newsweek.com/en/full/1602706/	2 KB 2 KB	77ms 32ms	Image image/webp	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://d.newsweek.com/en/full/1602706/alan-dershowitz.webp?w=63&h=63&f=d83ee0f0a2a958ae747f9793d8d73562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash d70f0d43f0da979158bda0211976c0cf82224f28b59c623c9a8667f5d6348fe1 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:23 GMT last-modified Fri, 18 Sep 2020 12:53:39 GMT server Apache x-cacheable YES status 200 etag "1600433619" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949423.cds017.lo4.hn,1600949423.cds077.lo4.c content-type image/webp access-control-allow-origin * x-cahce HIT cache-control max-age=25920000, max-age=29030400, public accept-ranges bytes content-length 2102
GET H2	200	david-m-schizer.webp d.newsweek.com/en/full/1641166/	2 KB 2 KB	74ms 29ms	Image image/webp	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://d.newsweek.com/en/full/1641166/david-m-schizer.webp?w=63&h=63&f=516a2fed37cdf52157a49ed48156e714 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash 427a5070b2c4b73c5c298113f34e25ecdb542ee1c3f414132e59bf1e88c98158 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:23 GMT last-modified Wed, 23 Sep 2020 13:58:42 GMT server Apache x-cacheable YES status 200 etag "1600869522" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949423.cds017.lo4.hn,1600949423.cds038.lo4.c content-type image/webp access-control-allow-origin * x-cahce HIT cache-control max-age=25920000, max-age=29030400, public accept-ranges bytes content-length 2018
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	135 KB 34 KB	18ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self'; content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 34302 x-xss-protection 0 pragma public x-fb-debug dhhaJhGbIn2EHXRNx0ggxS/sX0e99MF5dgRLdewmbtSNbjf1iWrsJr7Z7j3qCya52oI3LbHa6azzG+lN6STV5w== x-fb-trip-id 664085054 x-frame-options DENY date Thu, 24 Sep 2020 12:10:23 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	5e9e00b619144f0012bc03cf Show response api.pushnami.com/scripts/v1/pushnami-adv/	356 KB 86 KB	86ms 29ms	Script application/javascript	143.204.215.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.pushnami.com/scripts/v1/pushnami-adv/5e9e00b619144f0012bc03cf Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.43 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-43.fra53.r.cloudfront.net Software / Resource Hash edcde0de7c97d64e120eee80ddd4e127423cd30e462a1bfb18660a63f5603a12 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:07:11 GMT via 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront) age 192 vary accept-encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 status 200 cache-control no-cache x-amz-cf-pop FRA53-C1 content-encoding gzip x-amz-cf-id hzbME8RMMJQcSAZgOCsVIV7aLmN4Zx9iZET9Pyx8ecohQfmBeTx_sQ==
GET H/1.1	204	partner sync.search.spotxchange.com/ Redirect Chain https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5 https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5&__user_check__=1&sync_id=ec8a705e-fe5e-11ea-b36f-1ac857eb1906	0 588 B	18ms 18ms	Image text/plain	185.94.180.126 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?source=82839&sync_limit=5&__user_check__=1&sync_id=ec8a705e-fe5e-11ea-b36f-1ac857eb1906 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.94.180.126 , Netherlands, ASN35220 (SPOTX-AMS, NL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-spotx-halt-type Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist Date Thu, 24 Sep 2020 12:10:23 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 13 Connection keep-alive Content-Length 0 Redirect headers Date Thu, 24 Sep 2020 12:10:23 GMT Server nginx Location /partner?source=82839&sync_limit=5&__user_check__=1&sync_id=ec8a705e-fe5e-11ea-b36f-1ac857eb1906 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 72 Connection keep-alive Content-Length 0
GET H2	200	userEvents:collect recommendationengine.googleapis.com/v1beta1/projects/248636979763/locations/global/catalogs/default_catalog/eventStores/default_event_store/	7 B 412 B	58ms 36ms	Image image/gif	2a00:1450:4001:821::200a GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://recommendationengine.googleapis.com/v1beta1/projects/248636979763/locations/global/catalogs/default_catalog/eventStores/default_event_store/userEvents:collect?key=AIzaSyC941bziWOAfKYUryv4ZGBrZgm3nYWfyzE&uri=https%3A%2F%2Fwww.newsweek.com%2Fgerman-hospital-ransomware-cyberattack-russia-hackers-1533752&user_event=%7B%22eventType%22%3A%22detail-page-view%22%2C%22userInfo%22%3A%7B%22visitorId%22%3A%22GA1.2.1588910994.1600949423%22%7D%2C%22productEventDetail%22%3A%7B%22productDetails%22%3A%5B%7B%22id%22%3A%221533752%22%7D%5D%7D%7D&ets=1600949423642 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 24 Sep 2020 12:10:23 GMT x-content-type-options nosniff alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type image/gif status 200 cache-control no-cache, no-store, must-revalidate vary Origin, X-Origin, Referer content-length 7 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	496391994180701 Show response connect.facebook.net/signals/config/	524 KB 134 KB	442ms 442ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/496391994180701?v=2.9.24&r=stable Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash fa6ba7fa671f03e8f7c81f421ac23ef6d1c54b302e95b1650e70db960357ca25 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug 1hnCZJ1PhpBJgCoYYUz7CnhnDQitwIDaU8+Er44MXpzpG2SZydxIMCWTTvrLY7tt66eKqZMwxQcW6lVmoDwBhw== x-fb-trip-id 664085054 x-frame-options DENY date Thu, 24 Sep 2020 12:10:24 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	hub api.pushnami.com/scripts/v1/ Frame 7072	0 0	24ms 24ms	Document text/html	143.204.215.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.pushnami.com/scripts/v1/hub Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.43 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-43.fra53.r.cloudfront.net Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'unsafe-inline' * X-Content-Security-Policy default-src 'unsafe-inline' * Request headers :method GET :authority api.pushnami.com :scheme https :path /scripts/v1/hub pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Response headers status 200 content-type text/html; charset=utf-8 date Thu, 24 Sep 2020 11:58:22 GMT access-control-allow-origin * access-control-allow-methods GET,PUT,POST,DELETE access-control-allow-headers X-Requested-With content-security-policy default-src 'unsafe-inline' * x-content-security-policy default-src 'unsafe-inline' * x-webkit-csp default-src 'unsafe-inline' * cache-control no-cache content-encoding gzip vary accept-encoding x-cache Hit from cloudfront via 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 x-amz-cf-id 3YlmKDKKFW5g0ROQkcozYxJ-6-uNI50yuwodxsYCmBSqhmTB0GGR3Q== age 721
GET H2	200	main.min.js Show response js.pelcro.com/ui/plugin/newsweek/	765 KB 124 KB	10ms 9ms	Script text/javascript	2600:9000:2057:ee00:c:b42a:3740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.pelcro.com/ui/plugin/newsweek/main.min.js Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:ee00:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e96ba1eb493a97fa24a6b1bbe179cdaf8f31aed77526e336e8a67894c4a37e4c Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Sep 2020 19:25:33 GMT content-encoding br last-modified Tue, 15 Sep 2020 13:29:07 GMT server AmazonS3 age 60291 etag "2b056cf3994234bb94dedfc49d5833a0" x-cache Hit from cloudfront content-type text/javascript; charset=utf-8 status 200 x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 126921 via 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront) x-amz-cf-id liKKMxoSg3X3msMT9E1gI3qUx7WDPViMEFQyOM791iVZwJlixmsy8g==
GET H2	200	events www.pelcro.com/api/v1/sdk/analytics/	42 B 795 B	103ms 86ms	Image image/gif	2606:4700:10::6816:958 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.pelcro.com/api/v1/sdk/analytics/events?site_id=1028&str_code=100&afwiod=1&t=1600949423831 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:958 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:23 GMT x-content-type-options nosniff cf-cache-status DYNAMIC status 200 content-type image/gif content-length 42 cf-request-id 05619ea6ef0000178eb32bc200000001 x-ua-compatible IE=edge pragma no-cache last-modified Wed, 11 Jan 2006 12:59:00 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET,POST,PATCH,PUT,DELETE,OPTIONS content-language en access-control-allow-origin *, * cache-control no-cache=Set-Cookie, private, proxy-revalidate, max-age=0 access-control-allow-credentials true cf-ray 5d7c66eb1f34178e-FRA access-control-allow-headers Authorization, Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, X-PINGOTHER, Access-Control-Request-Method, Access-Control-Request-Headers, Cache-Control, X-Pelcro-Sdk-Version expires Wed, 11 Jan 2000 12:59:00 GMT
POST H2	200	psp Show response psp.pushnami.com/api/	2 B 224 B	103ms 102ms	Fetch text/html	54.85.176.127 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://psp.pushnami.com/api/psp Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.85.176.127 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-85-176-127.compute-1.amazonaws.com Software / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers accept application/json, text/plain, */* Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 key 5e9e00b619144f0012bc03cf User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 content-type application/x-www-form-urlencoded Response headers date Thu, 24 Sep 2020 12:10:24 GMT content-encoding gzip status 200 vary accept-encoding content-type text/html; charset=utf-8 access-control-allow-origin https://www.newsweek.com cache-control no-cache access-control-allow-credentials true
OPTIONS H2	200	psp psp.pushnami.com/api/ Frame	0 0	309ms 101ms	Other application/json	54.85.176.127 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://psp.pushnami.com/api/psp Protocol H2 Server 54.85.176.127 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-85-176-127.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers key Origin https://www.newsweek.com Sec-Fetch-Mode cors Response headers access-control-allow-origin https://www.newsweek.com access-control-allow-credentials true access-control-expose-headers content-type, content-length, etag access-control-max-age 600 access-control-allow-headers key access-control-allow-methods POST
POST H2	200	track Show response trc.pushnami.com/api/push/	2 B 168 B	113ms 113ms	Fetch text/html	34.200.147.177 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trc.pushnami.com/api/push/track Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.200.147.177 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-200-147-177.compute-1.amazonaws.com Software / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers accept application/json, text/plain, */* Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 key 5e9e00b619144f0012bc03cf User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 content-type application/x-www-form-urlencoded Response headers status 200 date Thu, 24 Sep 2020 12:10:24 GMT cache-control no-cache access-control-allow-origin * content-type text/html; charset=utf-8 content-length 2 access-control-expose-headers WWW-Authenticate,Server-Authorization
OPTIONS H2	204	track trc.pushnami.com/api/push/ Frame	0 0	338ms 129ms	Other	34.200.147.177 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trc.pushnami.com/api/push/track Protocol H2 Server 34.200.147.177 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-200-147-177.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers key Origin https://www.newsweek.com Sec-Fetch-Mode cors Response headers status 204 date Thu, 24 Sep 2020 12:10:24 GMT access-control-allow-origin * access-control-allow-methods POST access-control-allow-headers Accept,Authorization,Content-Type,If-None-Match,key access-control-max-age 86400 access-control-expose-headers WWW-Authenticate,Server-Authorization cache-control no-cache
GET H2	200	/ Show response js.stripe.com/v3/	183 KB 48 KB	76ms 29ms	Script application/javascript	151.101.112.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash f08eb04c8f165308590d5677d903bcb9b6c9b58e027daf070c0f535f0aa3f5b9 Security Headers Name Value Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:23 GMT content-encoding gzip vary Accept-Encoding age 219 via 1.1 varnish x-cache HIT status 200 content-length 48395 x-amz-id-2 Tk5shA0YfJ8Fsethz0bF33a0OEmmdFGbil3LJuAW6hoBSpl2n7pR6u1ZXerjVgfA5YL5Elo8DK0= x-served-by cache-hhn4064-HHN timing-allow-origin * last-modified Wed, 23 Sep 2020 20:51:57 GMT server AmazonS3 etag "b72b15e47b45b905a27eaa17b45bbb91" strict-transport-security max-age=31556926; includeSubDomains; preload x-amz-request-id 718D69148B2D7827 access-control-allow-origin * cache-control public, max-age=300 content-security-policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' accept-ranges bytes content-type application/javascript; charset=utf-8 x-cache-hits 91
GET H3-Q050	200	analytics.js Show response www.google-analytics.com/	45 KB 18 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 09 Sep 2020 01:50:37 GMT server Golfe2 age 5802 date Thu, 24 Sep 2020 10:33:41 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18650 expires Thu, 24 Sep 2020 12:33:41 GMT
GET H3-Q050	200	ecommerce.js Show response www.google-analytics.com/plugins/ua/	1 KB 863 B	6ms 6ms	Script text/javascript	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/ecommerce.js Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:00:11 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 612 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=3600 accept-ranges bytes alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 738 x-xss-protection 0 expires Thu, 24 Sep 2020 13:00:11 GMT
GET H2	200	1028-1590365569.png uploads.pelcro.com/images/site/logo/	7 KB 8 KB	38ms 6ms	Image image/png	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://uploads.pelcro.com/images/site/logo/1028-1590365569.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE), Reverse DNS Software keycdn-engine / Resource Hash 26afa415e1221eefb1b5aeac203c50935a2fb77ad77589f509d90202cc617c6d Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:25 GMT x-amz-request-id CAEC5F6B043A853B x-edge-location defr x-cache HIT status 200 content-length 7383 x-amz-id-2 SZDWpPqhtRf221sJ+PfO5Lr9cpWG05qPup2olx8u1QkO7IJJCw3l3Jtn57hkA8Q3T1nOsnttGgE= last-modified Mon, 25 May 2020 00:12:51 GMT server keycdn-engine etag "4c7eb5b8728731b18c9f2043dd25b97b" content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://pelcro-uploads.s3-website-us-east-1.amazonaws.com/images/site/logo/1028-1590365569.png>; rel="canonical" expires Thu, 01 Oct 2020 12:10:25 GMT
GET H2	200	m-outer-6e6ed81584679d263bf5a2b0f15af9e1.html js.stripe.com/v3/ Frame 1765	0 0	23ms 23ms	Document text/html	151.101.112.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-6e6ed81584679d263bf5a2b0f15af9e1.html Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash Security Headers Name Value Content-Security-Policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers :method GET :authority js.stripe.com :scheme https :path /v3/m-outer-6e6ed81584679d263bf5a2b0f15af9e1.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Response headers status 200 x-amz-id-2 OcyS7X9KWPBQVxpHE1BmuYrieS9bhx96B7SarJepJywuJhN4AJryNB+t39c/1SsNgrv9zTCGECg= x-amz-request-id C4C6A83280D3EB35 last-modified Thu, 10 Sep 2020 22:19:50 GMT etag "6e6ed81584679d263bf5a2b0f15af9e1" cache-control public, max-age=300 content-type text/html; charset=utf-8 server AmazonS3 content-encoding gzip accept-ranges bytes date Thu, 24 Sep 2020 12:10:24 GMT via 1.1 varnish age 106 x-served-by cache-hhn4064-HHN x-cache HIT x-cache-hits 243 vary Accept-Encoding access-control-allow-origin * strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * content-security-policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline' content-length 185
GET H2	200	icon-arrow-right.svg g.newsweek.com/www/images/	328 B 345 B	25ms 25ms	Image image/svg+xml	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://g.newsweek.com/www/images/icon-arrow-right.svg Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash ec21da6e960bab474158649800a3c87e315353d3de7e08442097d6feea9f2704 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Origin https://www.newsweek.com Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:24 GMT content-encoding gzip last-modified Sun, 07 Jun 2020 12:28:02 GMT server Apache status 200 etag "1591532882" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949424.cds018.lo4.hn,1600949424.cds092.lo4.c content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=25920000 accept-ranges bytes content-length 227
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	2 B 99 B	13ms 13ms	XHR text/plain	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j86&a=302896412&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.newsweek.com%2Fgerman-hospital-ransomware-cyberattack-russia-hackers-1533752&dr=https%3A%2F%2Ft.co%2FsJVbuREl6X&ul=en-us&de=UTF-8&dt=Russian%20Cyber%20Gang%20Linked%20to%20Hospital%20Hack%20That%20Resulted%20in%20Woman%27s%20Death&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=article_meter&ea=meter_visible&el=5%20articles%20remaining&_u=aGDAAUITQAAAAG~&jid=1510364665&gjid=526520628&cid=1588910994.1600949423&tid=UA-44450862-1&_gid=1095434925.1600949423&_r=1&gtm=2wg9g1TVS8NW5&cd1=Jason%20Murdock&cd2=Tech%20%26%20Science&cd3=&cd4=US&cd5=en&cd6=article&cd7=1533752&cd8=20200923&cd9=202009&cd10=newsweek.com%2Ftech-science%2Farticle&cd12=N&cd13=N&cd14=Y&cd15=Y&cd17=Technology%20%26%20Computing&cd18=related&cd19=web&cd20=22&cd21=7&cd22=article&cd23=web&cd24=N&cd25=Germany%2C%20Hospital%2C%20Cyberattack%2C%20Ransomware%2C%20Russia&cd26=Y&cd27=nonpromoted&cd28=Breaking%20News%20-%20LON&cd30=Y&cd31=3&cd32=N&cd33=N&cd34=anon&cd35=724&cd36=Twitter&cd37=4g&z=58993213 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 24 Sep 2020 12:10:24 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type text/plain access-control-allow-origin https://www.newsweek.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-Q050	200	collect Show response stats.g.doubleclick.net/j/	4 B 433 B	40ms 15ms	XHR text/plain	2a00:1450:400c:c0c::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-44450862-1&cid=1588910994.1600949423&jid=1510364665&gjid=526520628&_gid=1095434925.1600949423&_u=aGDAAUITQAAAAG~&z=745790418 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Thu, 24 Sep 2020 12:10:24 GMT status 200 content-type text/plain access-control-allow-origin https://www.newsweek.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 379 B	18ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=496391994180701&ev=PageView&dl=https%3A%2F%2Fwww.newsweek.com%2Fgerman-hospital-ransomware-cyberattack-russia-hackers-1533752&rl=https%3A%2F%2Ft.co%2FsJVbuREl6X&if=false&ts=1600949424159&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=30&fbp=fb.1.1600949424158.191950064&it=1600949423678&coo=false&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:24 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Thu, 24 Sep 2020 12:10:24 GMT
GET H3-Q050	200	bridge3.411.1_en.html imasdk.googleapis.com/js/core/ Frame E11A	0 0	27ms 13ms	Document text/html	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.411.1_en.html Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority imasdk.googleapis.com :scheme https :path /js/core/bridge3.411.1_en.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 193074 date Tue, 22 Sep 2020 18:42:18 GMT expires Wed, 22 Sep 2021 18:42:18 GMT last-modified Tue, 22 Sep 2020 18:32:46 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 149286 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	client.js Show response s0.2mdn.net/instream/video/	26 KB 11 KB	65ms 45ms	Script text/javascript	2a00:1450:4001:819::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/instream/video/client.js Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:24 GMT content-encoding gzip x-content-type-options nosniff server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900 accept-ranges bytes alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10523 x-xss-protection 0 expires Thu, 24 Sep 2020 12:10:24 GMT
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 890 B	35ms 15ms	Script application/javascript	2a00:1450:4001:81e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.newsweek.com Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Thu, 24 Sep 2020 12:10:24 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET		ransomware-attack-1-1494941806.m3u8 video.newsweek.com/transcoder/480hls/127/	0 0
GET H2	200	5-things-you-should-know-about-ransomware.jpg dc.newsweek.com/en/full/6505/	62 KB 63 KB	101ms 45ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://dc.newsweek.com/en/full/6505/5-things-you-should-know-about-ransomware.jpg?w=790&h=444&f=7ca21cf49fe867bf81949f1fba1786c1 Requested by Host: www.newsweek.com URL: https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Apache / Resource Hash 296b24f4f34c6f6befde32f38ea3a13922281a5936804bd63453d8e80d1c473d Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:24 GMT last-modified Wed, 23 Sep 2020 09:00:09 GMT server Apache x-cacheable YES status 200 etag "1600851609" strict-transport-security max-age=86400; includeSubDomains x-hw 1600949424.cds045.lo4.hn,1600949424.cds065.lo4.c content-type image/jpeg access-control-allow-origin * x-cahce HIT cache-control max-age=25920000 accept-ranges bytes content-length 63981
GET DATA	200 OK	truncated /	4 KB 4 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308 Request headers Origin https://www.newsweek.com Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET H3-Q050	200	ga-audiences www.google.com/ads/	42 B 491 B	40ms 25ms	Image image/gif	2a00:1450:4001:824::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-44450862-1&cid=1588910994.1600949423&jid=1510364665&_u=aGDAAUITQAAAAG~&z=818646791 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 24 Sep 2020 12:10:24 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	ga-audiences www.google.de/ads/	42 B 491 B	41ms 26ms	Image image/gif	2a00:1450:4001:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-44450862-1&cid=1588910994.1600949423&jid=1510364665&_u=aGDAAUITQAAAAG~&z=818646791 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 24 Sep 2020 12:10:24 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ransomware-attack-1-1494941806.m3u8 Show response video.newsweek.com/transcoder/480hls/127/	459 B 754 B	81ms 51ms	XHR application/x-mpegurl	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://video.newsweek.com/transcoder/480hls/127/ransomware-attack-1-1494941806.m3u8 Requested by Host: g.newsweek.com URL: https://g.newsweek.com/sys/js/07bba1a9c30c8f01d28d980808d6b064.js?v=1600948734 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software AmazonS3 / Resource Hash c437aed0d34f59c68cf7b4c8b174d56a8cf6d31cc1ee5c46c9c6655279910183 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:24 GMT last-modified Wed, 20 Jun 2018 11:55:34 GMT server AmazonS3 x-amz-request-id 00A449C694F95303 etag "e58f7f6a85f62aa7ff76654d81043b9c" x-hw 1600949424.cds203.lo4.hn,1600949424.cds106.lo4.c content-type application/x-mpegURL status 200 cache-control max-age=2404611 accept-ranges bytes access-control-allow-origin * content-length 459 x-amz-id-2 qpDi3zXWbRmpmV3RcK3oUrSJFFnl7ZEwxjt/rOBfP3EVSBi/wTbfJbtv0fcd5P9RviG+FApLLUY=
GET BLOB	200 OK	e0fedb36-4811-4ff2-acfa-1d93d4614077 https://www.newsweek.com/	5 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.newsweek.com/e0fedb36-4811-4ff2-acfa-1d93d4614077 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 485d1e9597d74b48109f11c4bde59393d4a232d99a31a3c6989d5e56ff9a5fbf Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Length 5299 Content-Type application/javascript
POST H2	200	/ www.facebook.com/tr/	0 84 B	6ms 6ms	Other text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryAXYf47SjFpqtQg0I Response headers strict-transport-security max-age=31536000; includeSubDomains server proxygen-bolt date Thu, 24 Sep 2020 12:10:24 GMT status 200 content-type text/plain access-control-allow-origin https://www.newsweek.com access-control-allow-credentials true alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 0
GET H3-Q050	200	implement-r.js Show response fqtag.com/tag/	2 KB 2 KB	65ms 40ms	Script application/javascript	35.190.72.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fqtag.com/tag/implement-r.js?org=YQwTNw4Muk9XFo4QH9JJ&p=www.newsweek.com_article_risk_Y&a=article&cmp=none&rd=https%3A%2F%2Ft.co%2FsJVbuREl6X&rt=display&sl=1&fq=1 Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 161.72.190.35.bc.googleusercontent.com Software / Resource Hash 77f9ff8dead10bd1cabb59f9c990ea1fa243e6453d9de40588c89c6323979d39 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 24 Sep 2020 12:10:30 GMT via 1.1 google status 200 content-type application/javascript access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2059 x-xss-protection 0 expires 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	2 KB 814 B	185ms 185ms	XHR text/plain	172.217.23.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1826480093017969&correlator=4293522833379505&output=ldjh&impl=fifs&adsid=NT&eid=21067516%2C21067522%2C21066995&vrg=2020091702&rdp=1&us_privacy=1---&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200924&iu_parts=43459271%2Cnewsweek%2Ctop%2Cright1%2Coop1%2Coop2%2Coop3&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=970x250%2C320x50%7C300x250%7C300x600%7C300x1050%2C1x1%2C1x1%2C1x1&fluid=0%2Cheight%2C0%2C0%2C0&ists=7&prev_scp=pos%3Dtop%26amznbid%3D2%26amznp%3D2%7Cpos%3Dright1%26amznbid%3D2%26amznp%3D2%7Cpos%3Doop1%7Cpos%3Doop2%7Cpos%3Doop3&eri=1&cust_params=amp%3DN%26cat%3Dnwus-tech_science%26sitecat%3Dnwus-tech_science%26fq_refresh%3Dfalse%26fq_refresh_int%3D0%26article_id%3D1533752%26topics%3DGermany%252CHospital%252CCyberattack%252CRansomware%252CRussia%26content%3DIAB19%26video%3DY%26video_type%3Drelated%26layout%3Dweb%26paragraphs%3D22%26total_ads%3D0%26page_type%3Darticle%26adunit%3Dnewsweek.com%252Ftech-science%252Farticle%26focus%3DY%26refresh%3DN%26w1200%3DY%26referrer%3Dexternal%26ts%3Dnonpromoted%26trsource%3DTwitter%26abt%3D1%26NoPassFQ%3DY%26ids%3D0%26bsc%3D84031001%252C84111001%252C84242030%252C80012003%252C84122001%252C84211001%252C84242004%252C84212001%252C84092002%252C84081001%252C84121001%252C84032008%252C84112005%252C84112004%252C80011001%252C84091001%252C84241001%252C84082001%26adexclusion%3D%257Cnw%257C%2520Amobee_Eli%2520Lily%252C%257Cnw%257C%2520brand%2520safety%252C%257Cnw%257C%2520NoPassFQ%26iabgdprapplies%3D1%26excl_cat%3D%257Cnw%257C%2520Amobee_Eli%2520Lily%252C%257Cnw%257C%2520brand%2520safety%252C%257Cnw%257C%2520NoPassFQ&cookie_enabled=1&bc=31&abxe=1&lmt=1600949430&dt=1600949430686&dlt=1600949422542&idt=748&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C1060%2C800%2C800%2C800&adys=161%2C441%2C6845%2C6846%2C6847&adks=2154452299%2C3923213926%2C1914041524%2C1813964283%2C85176522&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newsweek.com%2Fgerman-hospital-ransomware-cyberattack-russia-hackers-1533752&ref=https%3A%2F%2Ft.co%2FsJVbuREl6X&dssz=88&icsg=8921088&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1180x270%7C300x250%7C1600x1%7C1600x1%7C1600x1&msz=1180x270%7C300x250%7C1600x1%7C1600x1%7C1600x1&ga_vid=1588910994.1600949423&ga_sid=1600949431&ga_hid=302896412&fws=4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s22-in-f162.1e100.net Software cafe / Resource Hash f99c561d313cf9429e06ee6d699ab2f4ef4fd1adf1a8699f33eb96ab47c2775a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:30 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2,-2,-2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 285 x-xss-protection 0 google-lineitem-id -2,-2,-2,-2,-2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2,-2,-2,-2,-2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.newsweek.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 8593a624afadbcc344a9c6402a383e74.safeframe.googlesyndication.com/safeframe/1-0-37/html/	0 0	72ms 39ms	Other text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://8593a624afadbcc344a9c6402a383e74.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/	0 0	25ms 6ms	Other text/html	2a00:1450:4001:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	pixel.js Show response cdn.fqtag.com/1.27.339-ccfb11a/	88 KB 30 KB	24ms 24ms	Script application/javascript	35.190.36.172 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.fqtag.com/1.27.339-ccfb11a/pixel.js Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.36.172 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 172.36.190.35.bc.googleusercontent.com Software UploadServer / Resource Hash e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 05 Sep 2020 15:41:37 GMT content-encoding gzip age 1628933 x-guploader-uploadid AAANsUlSANmq-ZlddI2bxKVlrki339ltgVS_LPaSzr8-J-GcdYbUFdadvuyvQtry26IPqlYAvbslzvoxwBQpsPXG6rzN6owhtg x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30765 last-modified Tue, 07 Jul 2020 15:17:55 GMT server UploadServer etag "c08f1e8b98a0a7459fd55bc14df717ef" x-goog-hash crc32c=P7hdeA==, md5=wI8ei5igp0Wf1VvBTfcX7w== content-language en x-goog-generation 1594135075752938 x-goog-expiration Sun, 03 Jan 2021 15:17:55 GMT cache-control public,max-age=31556926,no-transform x-goog-stored-content-length 30765 accept-ranges bytes content-type application/javascript expires Sun, 05 Sep 2021 15:41:37 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	8 KB 7 KB	38ms 18ms	XHR application/json	2a00:1450:4001:81e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020091702&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b02c352aa37fa639866a8735241f322be9ce85f08c62268f57d49c53a5b7c9dc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Thu, 24 Sep 2020 12:10:30 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 6470 x-xss-protection 0
GET H2	200	localstore.js Show response script.4dex.io/	450 B 744 B	30ms 15ms	Script application/javascript	2606:4700:e2::ac40:8620 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/localstore.js Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:30 GMT content-encoding br cf-cache-status HIT age 300 status 200 x-amz-request-id 0B90B7715831A5AD x-amz-id-2 v88X5wRwlBU6ykngh5SsxMoZuwzMfKBqWAJbtX0YIS8Oi+upGi4dkUaq92ZPYWKv22l7X2DiVmg= last-modified Mon, 14 Sep 2020 09:32:14 GMT server cloudflare etag W/"bfa52622781c173885812009122c3f7c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=1800 cf-request-id 05619ec2a100000ebbe794c200000001 cf-ray 5d7c67176a070ebb-FRA
GET H2	200	rid Show response match.adsrvr.org/track/	109 B 544 B	114ms 36ms	XHR application/json	63.34.98.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/rid?ttd_pid=ww6qwsf&fmt=json Requested by Host: g.newsweek.com URL: https://g.newsweek.com/www/js/prebid.js?v=4.8.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.34.98.13 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-34-98-13.eu-west-1.compute.amazonaws.com Software / Resource Hash 9703d4ee6d757f437d39c80fd41256f64e8d249e47389d1fe066ff7f41c21853 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Thu, 24 Sep 2020 12:10:31 GMT x-aspnet-version 4.0.30319 status 200 vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://www.newsweek.com cache-control private access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept content-length 109 expires Sat, 24 Oct 2020 12:10:31 GMT
GET H2	451	envelope Show response api.rlcdn.com/api/identity/	44 B 329 B	80ms 32ms	XHR text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.rlcdn.com/api/identity/envelope?pid=33 Requested by Host: g.newsweek.com URL: https://g.newsweek.com/www/js/prebid.js?v=4.8.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Thu, 24 Sep 2020 12:10:31 GMT via 1.1 google x-content-type-options nosniff access-control-allow-headers Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With status 451 access-control-allow-methods GET, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin https://www.newsweek.com access-control-allow-credentials true alt-svc clear content-length 44
GET H3-Q050	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	16 KB 6 KB	59ms 46ms	Script text/javascript	2a00:1450:4001:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1fcdc54759ab0ead6a9c0f35707e01926c8c4e13c6ce7ad59477a81a9e4acd47 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:30 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1600730918364481" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5975 x-xss-protection 0 expires Thu, 24 Sep 2020 12:10:30 GMT
GET H2	200	adagio.js Show response script.4dex.io/	64 KB 19 KB	47ms 33ms	Fetch application/javascript	2606:4700:e2::ac40:8620 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/adagio.js Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b7ad73139b27b21cca9b44cf9c3372a5e87d96a2733ea8b291226bb46df95bc3 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 24 Sep 2020 12:10:31 GMT content-encoding br vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT age 209 status 200 x-amz-request-id 28EB5E73B8383250 x-amz-id-2 yA7/5KN7fjGhur+U/2QHWvK0CxfX1Vm51D8Oa7MZ3mCMGXRGwFedFKUZPJ/j4vO4i7ZEYpGKB5A= last-modified Mon, 14 Sep 2020 09:32:12 GMT server cloudflare etag W/"71c0e5f7067bdadc5d565e8027f77ec3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=1800 cf-request-id 05619ec2c000009814f424a200000001 cf-ray 5d7c67179be39814-FRA
GET H3-Q050	200	runner.html tpc.googlesyndication.com/sodar/sodar2/216/ Frame 4A7F	0 0	9ms 7ms	Document text/html	2a00:1450:4001:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html Requested by Host: d275im4r3zngba.cloudfront.net URL: https://d275im4r3zngba.cloudfront.net/script.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/216/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 4674 date Thu, 24 Sep 2020 11:44:13 GMT expires Fri, 24 Sep 2021 11:44:13 GMT last-modified Mon, 21 Sep 2020 21:29:19 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 1578 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 713 B	87ms 29ms	XHR application/json	37.252.173.22 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: g.newsweek.com URL: https://g.newsweek.com/www/js/prebid.js?v=4.8.0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 24 Sep 2020 12:10:31 GMT X-Proxy-Origin 185.212.171.67; 185.212.171.67; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.40:80 AN-X-Request-Uuid 6c5749c1-1fa5-482b-8171-95fe7872a377 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.newsweek.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	auction Show response tlx.3lift.com/header/	19 B 296 B	106ms 49ms	XHR application/json	35.158.194.251 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tlx.3lift.com/header/auction?lib=prebid&v=4.8.0&referrer=https%3A%2F%2Fwww.newsweek.com%2Fgerman-hospital-ransomware-cyberattack-russia-hackers-1533752&tmax=3000&gdpr=false&us_privacy=1--- Requested by Host: g.newsweek.com URL: https://g.newsweek.com/www/js/prebid.js?v=4.8.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.158.194.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 24 Sep 2020 12:10:31 GMT x-auction-status 12, 12 status 200 content-type application/json; charset=utf-8 access-control-allow-origin https://www.newsweek.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 19 x-xss-protection 0 expires Thu, 15 Oct 1992 20:10:00 GMT
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 387 B	190ms 134ms	XHR application/json	52.28.203.152 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c3301747426e652272d52300029&pos=nw_desktop_dfp_ad_top_multi&cmd=bid&secure=1&us_privacy=1--- Requested by Host: g.newsweek.com URL: https://g.newsweek.com/www/js/prebid.js?v=4.8.0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software ATS/7.1.2.113 / Resource Hash 825bf3d14c3696ec5ebf4399e9398ed843c8af51a6d974933b82ed14b5ec1cc2 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Date Thu, 24 Sep 2020 12:10:31 GMT Server ATS/7.1.2.113 Age 0 Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://www.newsweek.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 387 B	215ms 159ms	XHR application/json	52.28.203.152 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c3301747426e652272d52300029&pos=nw_desktop_dfp_ad_right1_multi&cmd=bid&secure=1&us_privacy=1--- Requested by Host: g.newsweek.com URL: https://g.newsweek.com/www/js/prebid.js?v=4.8.0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software ATS/7.1.2.113 / Resource Hash fe0488a59f9aa248167d759bdfdd7a9f25bf3ae0e14f31daaef10849042e1409 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Date Thu, 24 Sep 2020 12:10:31 GMT Server ATS/7.1.2.113 Age 0 Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://www.newsweek.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
GET H2	200	cygnus Show response htlb.casalemedia.com/	6 KB 5 KB	219ms 163ms	XHR application/json	23.37.38.181 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=358245&v=7.2&r=%7B%22id%22%3A%2211e5fbf18306a98%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212b30db92fdb10c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22358245%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22130e81f6b0ef2a9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22358241%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2214bd352401726ab%22%2C%22ext%22%3A%7B%22siteID%22%3A%22358241%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2215cb4b5ef1ffab6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22358241%22%2C%22sid%22%3A%22300x1050%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ft.co%2FsJVbuREl6X%22%2C%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Fgerman-hospital-ransomware-cyberattack-russia-hackers-1533752%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1 Requested by Host: g.newsweek.com URL: https://g.newsweek.com/www/js/prebid.js?v=4.8.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.38.181 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS Software Apache / Resource Hash 3169d477c0d8ffae9c64681323aaef22b578d288b1d97d9749b668aafc6760de Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 24 Sep 2020 12:10:31 GMT content-encoding gzip server Apache status 200 vary Accept-Encoding content-type application/json access-control-allow-origin https://www.newsweek.com cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 4303 expires Thu, 24 Sep 2020 12:10:31 GMT
GET H2	200	cygnus Show response htlb.casalemedia.com/	25 B 420 B	163ms 107ms	XHR application/json	23.37.38.181 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=358245&v=8.1&r=%7B%22id%22%3A%2211e5fbf18306a98%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2216bf6135923ee8d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22422729%22%2C%22sid%22%3A%22640x360%22%7D%2C%22bidfloor%22%3A3%2C%22bidfloorcur%22%3A%22USD%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22startdelay%22%3A0%2C%22minduration%22%3A0%2C%22maxduration%22%3A60%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22api%22%3A%5B2%5D%2C%22w%22%3A640%2C%22h%22%3A360%2C%22placement%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ft.co%2FsJVbuREl6X%22%2C%22page%22%3A%22https%3A%2F%2Fwww.newsweek.com%2Fgerman-hospital-ransomware-cyberattack-russia-hackers-1533752%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&nf=1 Requested by Host: g.newsweek.com URL: https://g.newsweek.com/www/js/prebid.js?v=4.8.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.38.181 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS Software Apache / Resource Hash 9934581fc046ec0d88532354239cc7132682cb0f3a04036e72bba9f486a7ec4d Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 24 Sep 2020 12:10:31 GMT content-encoding gzip server Apache status 200 vary Accept-Encoding content-type application/json access-control-allow-origin https://www.newsweek.com cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 45 expires Thu, 24 Sep 2020 12:10:31 GMT
POST H2	200	auction Show response prebid-server.rubiconproject.com/openrtb2/	185 B 390 B	153ms 103ms	XHR application/json	52.59.8.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prebid-server.rubiconproject.com/openrtb2/auction Requested by Host: g.newsweek.com URL: https://g.newsweek.com/www/js/prebid.js?v=4.8.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.59.8.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 84f85c363cd9a5bdc00fa9af6ddea6db91ffee0cd36dc85e004dd0271d32da8f Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 24 Sep 2020 12:10:31 GMT content-encoding gzip status 200 content-type application/json access-control-allow-origin https://www.newsweek.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 175 expires 0
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	365 B 3 KB	141ms 68ms	XHR application/json	69.173.144.143 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9619&site_id=82236&zone_id=1085544%3B1085536&size_id=57%3B15&alt_size_ids=%3B10%2C54&gdpr=0&us_privacy=1---&tpid_tdid=72585a63-d845-476a-ad16-1e57c68b3649&rf=https%3A%2F%2Fwww.newsweek.com%2Fgerman-hospital-ransomware-cyberattack-russia-hackers-1533752&tg_i.content=IAB19&tk_flint=pbjs_lite_v4.8.0&x_source.tid=5c356ec4-4db3-4736-bd45-8e577804beaa%3B2d0429c6-cdea-48f4-ac22-e94f3196b070&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=2&rand=0.3530537008943462 Requested by Host: g.newsweek.com URL: https://g.newsweek.com/www/js/prebid.js?v=4.8.0 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 4f9d115083e0fb094b658ac4fcb76e51a7092b22f7faa1b808a71390f98f999a Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 24 Sep 2020 12:10:31 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.newsweek.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Keep-Alive timeout=5 Content-Length 365 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	arj Show response ibt-d.openx.net/w/1.0/	189 B 572 B	126ms 41ms	XHR application/json	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ibt-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.newsweek.com%2Fgerman-hospital-ransomware-cyberattack-russia-hackers-1533752&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5c356ec4-4db3-4736-bd45-8e577804beaa%2C2d0429c6-cdea-48f4-ac22-e94f3196b070&nocache=1600949431084&gdpr=0&us_privacy=1---&pubcid=8bb05c33-d5d4-434f-8032-c0396293d5f6&ttduuid=72585a63-d845-476a-ad16-1e57c68b3649&aus=970x250%7C300x250%2C300x600%2C300x1050&divIds=dfp-ad-top%2Cdfp-ad-right1&auid=540167324%2C540167329 Requested by Host: g.newsweek.com URL: https://g.newsweek.com/www/js/prebid.js?v=4.8.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software OXGW/16.193.0 / Resource Hash 8c94f3f879537a63a5a8fc1ba9e87c13b23b846dc38f69dd3b98c8924e9c2ad1 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 24 Sep 2020 12:10:31 GMT content-encoding gzip server OXGW/16.193.0 status 200 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://www.newsweek.com cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc clear content-length 174 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	avjp Show response ibt-d.openx.net/v/1.0/	92 B 286 B	129ms 45ms	XHR application/json	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ibt-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.newsweek.com%2Fgerman-hospital-ransomware-cyberattack-russia-hackers-1533752&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c24ce368-7e9c-4da2-a257-1e9312c5030f&nocache=1600949431085&gdpr=0&us_privacy=1---&pubcid=8bb05c33-d5d4-434f-8032-c0396293d5f6&ttduuid=72585a63-d845-476a-ad16-1e57c68b3649&mimes=video%2Fmp4%2Cvideo%2Fwebm%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6%2C7%2C8&api=2&playbackmethod=2%2C1%2C3&startdelay=0&minduration=0&maxduration=60&linearity=1&placement=1&prodq=1&aumfs=3000&auid=540564350&vwd=640&vht=360&vmimes=video%2Fmp4%2Cvideo%2Fwebm%2Capplication%2Fjavascript Requested by Host: g.newsweek.com URL: https://g.newsweek.com/www/js/prebid.js?v=4.8.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software OXGW/16.193.0 / Resource Hash 004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 24 Sep 2020 12:10:31 GMT via 1.1 google server OXGW/16.193.0 status 200 p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://www.newsweek.com cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc clear content-length 92 expires Mon, 26 Jul 1997 05:00:00 GMT
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 117 B	117ms 73ms	XHR text/plain	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: g.newsweek.com URL: https://g.newsweek.com/www/js/prebid.js?v=4.8.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers status 204 date Thu, 24 Sep 2020 12:10:31 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-origin https://www.newsweek.com
POST H/1.1	204 No content	header_bid Show response rtb.mfadsrvr.com/	0 746 B	100ms 25ms	XHR text/html	18.185.225.158 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rtb.mfadsrvr.com/header_bid Requested by Host: g.newsweek.com URL: https://g.newsweek.com/www/js/prebid.js?v=4.8.0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.185.225.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://www.newsweek.com Date Thu, 24 Sep 2020 12:10:31 GMT Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=UTF-8 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
POST H/1.1	204 No content	header_bid Show response rtb.mfadsrvr.com/	0 746 B	100ms 25ms	XHR text/html	18.185.225.158 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rtb.mfadsrvr.com/header_bid Requested by Host: g.newsweek.com URL: https://g.newsweek.com/www/js/prebid.js?v=4.8.0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.185.225.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://www.newsweek.com Date Thu, 24 Sep 2020 12:10:31 GMT Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=UTF-8 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
POST H2	200	prebid Show response mp.4dex.io/	66 B 559 B	203ms 152ms	XHR application/json	35.227.247.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://mp.4dex.io/prebid Requested by Host: g.newsweek.com URL: https://g.newsweek.com/www/js/prebid.js?v=4.8.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.247.230 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 230.247.227.35.bc.googleusercontent.com Software / Resource Hash d18e8c24f59632a3e5b2c01d6dc483f82b82ad4ca329af0d94e1f482a2321820 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 24 Sep 2020 12:10:31 GMT via 1.1 google x-warn Selecting bids. No selected bids status 200 vary Origin, Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://www.newsweek.com no-bid true cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc clear content-length 66 expires 0
POST H/1.1	204 No Content	267418 Show response search.spotxchange.com/openrtb/2.3/dados/	0 985 B	99ms 40ms	XHR application/json	185.94.180.124 SPOTX-AMS
General Check archive.org Show headers Download Go to Full URL https://search.spotxchange.com/openrtb/2.3/dados/267418 Requested by Host: g.newsweek.com URL: https://g.newsweek.com/www/js/prebid.js?v=4.8.0 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Date Thu, 24 Sep 2020 12:10:31 GMT X-SpotX-Timing-Transform 0.000298 X-SpotX-Timing-SpotMarket 0.016681 X-SpotX-Timing-Page-Mux 0.000294 X-SpotX-Timing-Page-Require 0.000400 X-fe 124 Connection keep-alive X-SpotX-Timing-Page-Cookie 0.000006 X-SpotX-Timing-Page 0.019954 Pragma no-cache X-SpotX-Timing-Page-Context 0.000400 Last-Modified Thu, 24 Sep 2020 12:10:31 GMT Server nginx Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0 X-SpotX-Timing-SpotMarket-Primary 0.016681 Access-Control-Allow-Methods POST, GET, PATCH, DELETE, OPTIONS Content-Type application/json Access-Control-Allow-Origin https://www.newsweek.com X-SpotX-Timing-Page-Misc 0.001861 X-SpotX-Timing-Page-Exception 0.000001 X-SpotX-Timing-SpotMarket-Secondary 0.000000 X-SpotX-Timing-Page-URI 0.000013 Access-Control-Allow-Credentials true Access-Control-Allow-Headers Expires Thu, 01 Jan 1970 00:00:00 GMT
POST H/1.1	204 No Content	openrtb Show response ads.adaptv.advertising.com/rtb/	0 217 B	103ms 30ms	XHR application/json	52.58.71.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Newsweek Requested by Host: g.newsweek.com URL: https://g.newsweek.com/www/js/prebid.js?v=4.8.0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.58.71.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-71-47.eu-central-1.compute.amazonaws.com Software adaptv/1.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.newsweek.com access-control-allow-credentials true server adaptv/1.0 Connection keep-alive content-length 0 content-type application/json
GET H3-Q050	204	gen_204 pagead2.googlesyndication.com/pagead/	0 223 B	40ms 40ms	Image image/gif	2a00:1450:4001:81e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=216&t=2&li=gpt_2020091702&jk=1826480093017969&bg=!OjmlOSFYQ0rSN_KxLtkCAAAAbVIAAAAUCgCio37O-44LNX59S2ZTJ1m3u4iZgL6nlMAyKrTC346dlfWCh0EiwtbrgJ2ORMnmPtRofZTCYbq3-XPUqwiHPsrzDisq_ofC6tdI_K9kGabKWi9g4do1XSGOv5C3Mcb8i49KoG6efnNQZ3CJ3YVFS6DEc0J_qtDw83GrJGKCrE10Eh9V9-eHjjLAaSDinphUmDkXcF9pHftUTIh_bQ_uMS8s24y5mQGpsjrp4RBb7EPmsHzMV0ijLCmH-hJ_4sX69CwznhyqVPg0XmAqatketOXZhYIhw_4ujQLrzn1dABJQCSYYWhu7xydAs8v_QB0YQfKOU35Nfs2XqYLC0QDNnvLWGvFollg7BDWomtOK2wbsvIDgI0pn-y2Me4RG20t9d1NBoNdjKrSVwaUZdPEVfMj3yQxH_ASpna5mbNSbppbClnTFnKqshiuzxjSzY39TIJqh9K60e43Y0OfaVmkOTjW8lsyS-s5NwA23x9ioDw29wEPWIB9XxFNO6YrgYRtmz3XqixHlimVwH35XhNRqOZK3IR0Y7u9P-fEvY78479-ypX6i0igj6py1U7EfszRpSAZgxFdkjZ9_VTvanVPEefbgf8Z_zfY7K4SpdRLSdJN9mtRi4R7jPqv7p1MXFJWg-luVJ083k-ARN5HBLepWucenv_EVS6BflqHg2NmGQB-2SegaHbASH0n19guKwktmWKD3SOFdkr1_KQoK-ld_vgCntVo0Ao7GnojDxoxoXV-ACjBhmeJMdUAWatAUWN2SE-D9tkHm8OocsJzFwtslZf8 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 24 Sep 2020 12:10:31 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	200	event prebid-a.rubiconproject.com/ Frame	0 0	84ms 24ms	Other	52.28.239.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prebid-a.rubiconproject.com/event Protocol H2 Server 52.28.239.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-28-239-129.eu-central-1.compute.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://www.newsweek.com Sec-Fetch-Mode cors Response headers status 200 date Thu, 24 Sep 2020 12:10:34 GMT content-length 0 vary Origin Access-Control-Request-Method Access-Control-Request-Headers access-control-allow-origin * access-control-allow-methods POST access-control-allow-headers content-type access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
POST H2	202	event Show response prebid-a.rubiconproject.com/	61 B 236 B	38ms 38ms	XHR application/json	52.28.239.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prebid-a.rubiconproject.com/event Requested by Host: g.newsweek.com URL: https://g.newsweek.com/www/js/prebid.js?v=4.8.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.28.239.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-28-239-129.eu-central-1.compute.amazonaws.com Software / Resource Hash edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c Request headers Referer https://www.newsweek.com/german-hospital-ransomware-cyberattack-russia-hackers-1533752 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers status 202 date Thu, 24 Sep 2020 12:10:34 GMT access-control-allow-origin * content-length 61 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

video.newsweek.com

URL

https://video.newsweek.com/transcoder/480hls/127/ransomware-attack-1-1494941806.m3u8