lifehacker.com Open in urlscan Pro
151.101.2.166 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Submission: On October 24 via manual (October 24th 2019, 8:38:23 pm UTC) from US

Summary HTTP 304 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 69 IPs in 9 countries across 73 domains to perform 304 HTTP transactions. The main IP is 151.101.2.166, located in United States and belongs to FASTLY - Fastly, US. The main domain is lifehacker.com.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on July 11th 2019. Valid for: a year.

This is the only time lifehacker.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
91	151.101.2.166 151.101.2.166	54113 (FASTLY) (FASTLY - Fastly)
2	159.180.84.2 159.180.84.2	33047 (INSTART) (INSTART - Instart Logic)
4 8	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 4	23.45.99.242 23.45.99.242	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.190.92.63 35.190.92.63	15169 (GOOGLE) (GOOGLE - Google LLC)
7	151.101.194.166 151.101.194.166	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
8	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY - Fastly)
7	13.225.86.250 13.225.86.250	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:200... 2600:9000:200c:a600:18:1fcd:349:ca21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	52.85.183.133 52.85.183.133	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	151.139.128.10 151.139.128.10	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	143.204.101.16 143.204.101.16	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	13.225.78.102 13.225.78.102	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2606:4700::68... 2606:4700::6810:4b33	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2606:4700:e2:... 2606:4700:e2::ac40:8e05	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 13	216.58.207.66 216.58.207.66	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	52.48.220.206 52.48.220.206	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	99.81.228.121 99.81.228.121	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	34.98.72.95 34.98.72.95	15169 (GOOGLE) (GOOGLE - Google LLC)
3	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.3.64.39 52.3.64.39	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	35.201.68.171 35.201.68.171	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
5 20	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
2	13.225.77.205 13.225.77.205	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4 4	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
4 4	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE - Google LLC)
7	199.166.0.26 199.166.0.26	7415 (ADSAFE-1) (ADSAFE-1 - Integral Ad Science)
1	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 5	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
8 14	152.199.21.89 152.199.21.89	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
3	69.173.144.142 69.173.144.142	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
3	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
3	178.250.2.152 178.250.2.152	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	151.101.13.181 151.101.13.181	54113 (FASTLY) (FASTLY - Fastly)
1	35.190.40.172 35.190.40.172	15169 (GOOGLE) (GOOGLE - Google LLC)
1	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2606:4700::68... 2606:4700::6810:4fa5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	52.33.92.11 52.33.92.11	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
8	72.21.206.141 72.21.206.141	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
3 3	63.33.115.128 63.33.115.128	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	147.75.102.200 147.75.102.200	54825 (PACKET) (PACKET - Packet Host)
1	35.201.81.77 35.201.81.77	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2600:9000:215... 2600:9000:2156:8600:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	18.185.154.43 18.185.154.43	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	69.173.144.136 69.173.144.136	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1 1	40.113.136.100 40.113.136.100	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2 2	185.29.135.42 185.29.135.42	30419 (MEDIAMATH...) (MEDIAMATH-INC - MediaMath Inc)
5	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY - Fastly)
2	37.252.172.249 37.252.172.249	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2 2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	54.154.201.99 54.154.201.99	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	35.165.120.69 35.165.120.69	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT - Bidtellect Inc.)
1	130.211.13.252 130.211.13.252	15169 (GOOGLE) (GOOGLE - Google LLC)
3 3	52.28.115.40 52.28.115.40	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	35.205.46.65 35.205.46.65	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	217.79.188.2 217.79.188.2	24961 (MYLOC-AS) (MYLOC-AS)
1	80.85.204.245 80.85.204.245	16378 (OTTO-NET ...) (OTTO-NET IP-NETWORK)
1	213.254.244.19 213.254.244.19	36062 (DOUBLE-VE...) (DOUBLE-VERIFY - DoubleVerify)
1	64.158.223.157 64.158.223.157	25751 (VALUECLICK) (VALUECLICK - Conversant)
7	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY - Fastly)
2 2	34.252.37.207 34.252.37.207	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
7	2a04:4e42:1b:... 2a04:4e42:1b::729	54113 (FASTLY) (FASTLY - Fastly)
4	52.46.128.194 52.46.128.194	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	52.94.233.131 52.94.233.131	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	23.99.128.52 23.99.128.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	2606:4700::68... 2606:4700::6810:50a5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:2800:133... 2606:2800:133:9a:24ed:9b6:1020:2655	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:81e::2006	15169 (GOOGLE) (GOOGLE - Google LLC)
13	2a04:4e42:3::729 2a04:4e42:3::729	54113 (FASTLY) (FASTLY - Fastly)
2	13.225.78.93 13.225.78.93	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	34.206.108.72 34.206.108.72	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	54.172.119.91 54.172.119.91	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
304	69

91 151.101.2.166 (United States)

ASN54113 (FASTLY - Fastly, US)

lifehacker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kinja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.kinja-img.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.kinja-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
deadspin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gizmodo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jalopnik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jezebel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kotaku.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
theroot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clickhole.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
theinventory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
theonion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
thetakeout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kinjadeals.theinventory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.180.84.2 (United States)

ASN33047 (INSTART - Instart Logic, Inc, US)

cdn.digitru.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:819::200e (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.45.99.242 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-99-242.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.92.63 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 63.92.190.35.bc.googleusercontent.com

tag.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.194.166 (United States)

ASN54113 (FASTLY - Fastly, US)

f.kinja-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

static.scroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prd.jwpltx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.225.86.250 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-86-250.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200c:a600:18:1fcd:349:ca21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.183.133 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-183-133.fra50.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.16 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-16.fra50.r.cloudfront.net

kinja-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.102 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-102.fra2.r.cloudfront.net

tag.mtrcs.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:4b33 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8e05 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 216.58.207.66 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.220.206 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-220-206.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.228.121 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-99-81-228-121.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.72.95 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.64.39 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-3-64-39.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.68.171 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 171.68.201.35.bc.googleusercontent.com

connect.scroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 151.101.114.2 (Frankfurt am Main, Germany) 5 redirects

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.77.205 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-77-205.fra2.r.cloudfront.net

z-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::9b (Brussels, Belgium) 4 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.59.101 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 199.166.0.26 (United States)

ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US)
PTR: anycast.pixel.adsafeprotected.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.235.93 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

fusion-media-group-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 152.199.21.89 (United States) 8 redirects

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.142 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.152 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.40.172 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 172.40.190.35.bc.googleusercontent.com

api.skimlinks.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.67.47 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:4fa5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.33.92.11 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-33-92-11.us-west-2.compute.amazonaws.com

pixel.mtrcs.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 72.21.206.141 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: 206-141.amazon.com

aax-us-east.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.33.115.128 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-63-33-115-128.eu-west-1.compute.amazonaws.com

x.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.102.200 (Central, Hong Kong) 2 redirects

ASN54825 (PACKET - Packet Host, Inc., US)

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.81.77 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 77.81.201.35.bc.googleusercontent.com

api.rollbar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:8600:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.154.43 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-154-43.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.136 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.113.136.100 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

px.powerlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.135.42 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.249 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.201.99 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-201-99.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.165.120.69 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-165-120-69.us-west-2.compute.amazonaws.com

www.storygize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT - Bidtellect Inc., US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.13.252 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 252.13.211.130.bc.googleusercontent.com

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.115.40 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-115-40.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.205.46.65 (Ascension Island) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 65.46.205.35.bc.googleusercontent.com

ads.programattik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.2 (Germany) 1 redirects

ASN24961 (MYLOC-AS, DE)
PTR: ad1.adfarm1.adition.com

ad1.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.85.204.245 (Germany)

ASN16378 (OTTO-NET IP-NETWORK, DE)
PTR: ats.otto.de

ats.otto.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.254.244.19 (Ireland)

ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.158.223.157 (Amsterdam, Netherlands)

ASN25751 (VALUECLICK - Conversant, Inc., US)
PTR: 157.vip.crm-node2.ams5.cnvr.net

altfarm.mediaplex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.37.207 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-252-37-207.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a04:4e42:1b::729 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

ssl.p.jwpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ping-meta-prd.jwpltx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.128.194 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

ir-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.94.233.131 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

fls-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.99.128.52 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: waws-prod-dm1-001.cloudapp.net

lightboxapi2.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:50a5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

api1.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:9a:24ed:9b6:1020:2655 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

entitlements.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a04:4e42:3::729 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

videos-fms.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.93 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-93.fra2.r.cloudfront.net

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.108.72 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-206-108-72.compute-1.amazonaws.com

cluster-na.cdnjquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.172.119.91 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-172-119-91.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	kinja-static.com x.kinja-static.com f.kinja-static.com	1 MB
33	taboola.com 5 redirects cdn.taboola.com trc.taboola.com match.taboola.com cds.taboola.com images.taboola.com	205 KB
25	amazon-adsystem.com c.amazon-adsystem.com z-na.amazon-adsystem.com aax-us-east.amazon-adsystem.com ir-na.amazon-adsystem.com fls-na.amazon-adsystem.com	72 KB
19	doubleclick.net 7 redirects pubads.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	102 KB
15	lifehacker.com lifehacker.com	243 KB
14	jwpsrv.com g.jwpsrv.com videos-fms.jwpsrv.com	2 MB
14	advertising.com 8 redirects adserver-us.adtech.advertising.com	2 KB
14	kinja-img.com i.kinja-img.com	2 MB
11	skimresources.com 4 redirects s.skimresources.com p.skimresources.com r.skimresources.com t.skimresources.com x.skimresources.com	18 KB
8	adsafeprotected.com cdn.adsafeprotected.com pixel.adsafeprotected.com	14 KB
8	google-analytics.com 4 redirects www.google-analytics.com	19 KB
7	jwpltx.com prd.jwpltx.com ping-meta-prd.jwpltx.com	434 B
6	facebook.com www.facebook.com	989 B
6	lightboxcdn.com www.lightboxcdn.com api1.lightboxcdn.com	131 KB
6	google.de ampcid.google.de adservice.google.de www.google.de	2 KB
6	google.com 4 redirects ampcid.google.com adservice.google.com www.google.com	2 KB
5	jwpcdn.com ssl.p.jwpcdn.com	822 KB
5	openx.net 1 redirects fusion-media-group-d.openx.net eu-u.openx.net us-u.openx.net	2 KB
5	kinja.com kinja.com	3 KB
4	rubiconproject.com 1 redirects fastlane.rubiconproject.com pixel.rubiconproject.com	5 KB
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	jwplayer.com cdn.jwplayer.com entitlements.jwplayer.com	37 KB
3	criteo.com bidder.criteo.com	432 B
3	casalemedia.com as-sec.casalemedia.com	3 KB
3	media.net prebid.media.net	852 B
3	fastly.net confiant-integrations.global.ssl.fastly.net	67 KB
3	adsrvr.org 2 redirects insight.adsrvr.org match.adsrvr.org	1 KB
3	samba.tv tag.mtrcs.samba.tv pixel.mtrcs.samba.tv	5 KB
3	facebook.net connect.facebook.net	154 KB
3	scroll.com static.scroll.com connect.scroll.com	23 KB
3	bounceexchange.com tag.bounceexchange.com assets.bounceexchange.com	90 KB
2	ad-delivery.net ad-delivery.net	1 KB
2	googleapis.com imasdk.googleapis.com	92 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	programattik.com 2 redirects ads.programattik.com	1 KB
2	adnxs.com ib.adnxs.com	1 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	exelator.com 2 redirects loadeu.exelator.com	2 KB
2	perfectmarket.com widget.perfectmarket.com	33 KB
2	theinventory.com theinventory.com kinjadeals.theinventory.com
2	chartbeat.net ping.chartbeat.net	336 B
2	imrworldwide.com 1 redirects secure-us.imrworldwide.com	840 B
2	npttech.com www.npttech.com	5 KB
2	tinypass.com cdn.tinypass.com	231 KB
2	digitru.st cdn.digitru.st	14 KB
1	cdnjquery.com cluster-na.cdnjquery.com	356 B
1	2mdn.net s0.2mdn.net	11 KB
1	criteo.net static.criteo.net	14 KB
1	azurewebsites.net lightboxapi2.azurewebsites.net	509 B
1	mediaplex.com altfarm.mediaplex.com	562 B
1	doubleverify.com tps.doubleverify.com	441 B
1	otto.de ats.otto.de	514 B
1	adition.com 1 redirects ad1.adfarm1.adition.com	944 B
1	bttrack.com bttrack.com	380 B
1	storygize.net 1 redirects www.storygize.net	450 B
1	powerlinks.com 1 redirects px.powerlinks.com	402 B
1	rollbar.com api.rollbar.com	287 B
1	consensu.org api.skimlinks.mgr.consensu.org	636 B
1	googlesyndication.com tpc.googlesyndication.com
1	thetakeout.com thetakeout.com
1	theonion.com theonion.com
1	clickhole.com clickhole.com
1	avclub.com avclub.com
1	theroot.com theroot.com
1	kotaku.com kotaku.com
1	jezebel.com jezebel.com
1	jalopnik.com jalopnik.com
1	gizmodo.com gizmodo.com
1	deadspin.com deadspin.com
1	videoplayerhub.com kinja-com.videoplayerhub.com	24 KB
1	chartbeat.com static.chartbeat.com	14 KB
304	73

	Domain	Requested by
45	x.kinja-static.com	lifehacker.com x.kinja-static.com
15	trc.taboola.com	5 redirects cdn.taboola.com lifehacker.com
15	lifehacker.com	lifehacker.com x.kinja-static.com
14	adserver-us.adtech.advertising.com	8 redirects lifehacker.com
14	i.kinja-img.com	lifehacker.com
13	videos-fms.jwpsrv.com	ssl.p.jwpcdn.com
10	securepubads.g.doubleclick.net	lifehacker.com securepubads.g.doubleclick.net
8	aax-us-east.amazon-adsystem.com	z-na.amazon-adsystem.com lifehacker.com
8	www.google-analytics.com	4 redirects lifehacker.com
7	pixel.adsafeprotected.com	cdn.adsafeprotected.com
7	c.amazon-adsystem.com	lifehacker.com c.amazon-adsystem.com
7	f.kinja-static.com	lifehacker.com www.npttech.com
6	prd.jwpltx.com
6	images.taboola.com	lifehacker.com
6	www.facebook.com	lifehacker.com connect.facebook.net
6	cdn.taboola.com	x.kinja-static.com cdn.taboola.com lifehacker.com
5	ssl.p.jwpcdn.com	cdn.jwplayer.com
5	match.taboola.com	lifehacker.com
5	www.lightboxcdn.com	lifehacker.com www.lightboxcdn.com
5	kinja.com	lifehacker.com x.kinja-static.com
4	fls-na.amazon-adsystem.com	lifehacker.com
4	ir-na.amazon-adsystem.com	lifehacker.com
4	www.google.de	lifehacker.com
4	www.google.com	4 redirects
4	stats.g.doubleclick.net	4 redirects
4	p.skimresources.com	lifehacker.com
4	sb.scorecardresearch.com	1 redirects lifehacker.com
3	x.bidswitch.net	3 redirects
3	x.skimresources.com	3 redirects
3	bidder.criteo.com	lifehacker.com
3	as-sec.casalemedia.com	lifehacker.com
3	fastlane.rubiconproject.com	lifehacker.com
3	fusion-media-group-d.openx.net	lifehacker.com
3	prebid.media.net	lifehacker.com
3	confiant-integrations.global.ssl.fastly.net	lifehacker.com confiant-integrations.global.ssl.fastly.net
3	pubads.g.doubleclick.net	1 redirects lifehacker.com
3	connect.facebook.net	lifehacker.com connect.facebook.net
2	ad-delivery.net	kinja-com.videoplayerhub.com
2	imasdk.googleapis.com	cdn.jwplayer.com imasdk.googleapis.com
2	sync.crwdcntrl.net	2 redirects
2	ads.programattik.com	2 redirects
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	ib.adnxs.com	lifehacker.com
2	sync.mathtag.com	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	cdn.jwplayer.com	x.kinja-static.com ssl.p.jwpcdn.com
2	loadeu.exelator.com	2 redirects
2	pixel.mtrcs.samba.tv	tag.mtrcs.samba.tv lifehacker.com
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	r.skimresources.com	1 redirects lifehacker.com
2	z-na.amazon-adsystem.com	x.kinja-static.com
2	ping.chartbeat.net	lifehacker.com
2	assets.bounceexchange.com	tag.bounceexchange.com assets.bounceexchange.com
2	secure-us.imrworldwide.com	1 redirects lifehacker.com
2	www.npttech.com	lifehacker.com
2	cdn.tinypass.com	lifehacker.com
2	static.scroll.com	lifehacker.com
2	cdn.digitru.st	lifehacker.com cdn.digitru.st
1	us-u.openx.net
1	eu-u.openx.net	1 redirects
1	cluster-na.cdnjquery.com	kinja-com.videoplayerhub.com
1	ping-meta-prd.jwpltx.com
1	s0.2mdn.net	imasdk.googleapis.com
1	g.jwpsrv.com	ssl.p.jwpcdn.com
1	static.criteo.net	lifehacker.com
1	entitlements.jwplayer.com	cdn.jwplayer.com
1	api1.lightboxcdn.com	www.lightboxcdn.com
1	lightboxapi2.azurewebsites.net	www.lightboxcdn.com
1	altfarm.mediaplex.com	lifehacker.com
1	tps.doubleverify.com	lifehacker.com
1	ats.otto.de	lifehacker.com
1	ad1.adfarm1.adition.com	1 redirects
1	cds.taboola.com	lifehacker.com
1	bttrack.com	lifehacker.com
1	www.storygize.net	1 redirects
1	px.powerlinks.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	api.rollbar.com	cdn.digitru.st
1	t.skimresources.com	s.skimresources.com
1	api.skimlinks.mgr.consensu.org	s.skimresources.com
1	tpc.googlesyndication.com	securepubads.g.doubleclick.net
1	kinjadeals.theinventory.com	x.kinja-static.com
1	thetakeout.com	x.kinja-static.com
1	theonion.com	x.kinja-static.com
1	theinventory.com	x.kinja-static.com
1	clickhole.com	x.kinja-static.com
1	avclub.com	x.kinja-static.com
1	theroot.com	x.kinja-static.com
1	kotaku.com	x.kinja-static.com
1	jezebel.com	x.kinja-static.com
1	jalopnik.com	x.kinja-static.com
1	gizmodo.com	x.kinja-static.com
1	deadspin.com	x.kinja-static.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	connect.scroll.com	static.scroll.com
1	ampcid.google.de	www.google-analytics.com
1	insight.adsrvr.org	lifehacker.com
1	tag.mtrcs.samba.tv	lifehacker.com
1	kinja-com.videoplayerhub.com	lifehacker.com
1	s.skimresources.com	lifehacker.com
1	cdn.adsafeprotected.com	lifehacker.com
1	static.chartbeat.com	lifehacker.com
1	ampcid.google.com	www.google-analytics.com
1	tag.bounceexchange.com	lifehacker.com
304	106

This site contains links to these domains. Also see Links.

Domain
avclub.com
deadspin.com
gizmodo.com
jalopnik.com
jezebel.com
kotaku.com
theroot.com
thetakeout.com
clickhole.com
theonion.com
theinventory.com
skillet.lifehacker.com
twocents.lifehacker.com
vitals.lifehacker.com
offspring.lifehacker.com
kinja.com
facebook.com
twitter.com
threatpost.com
popup.taboola.com
ad1.adfarm1.adition.com
altfarm.mediaplex.com
www.holzkern.com
t1.tkzio.com
ad13.adfarm1.adition.com
www.outfittery.de
legal.kinja.com

Subject Issuer	Validity	Valid
univision.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-11` - `2020-07-11`	a year	crt.sh
cdn.digitru.st Sectigo RSA Organization Validation Secure Server CA	`2019-05-09` - `2021-05-08`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
*.scorecardresearch.com COMODO RSA Organization Validation Secure Server CA	`2018-11-28` - `2019-12-26`	a year	crt.sh
tag.bounceexchange.com Let's Encrypt Authority X3	`2019-08-25` - `2019-11-23`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
b2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-10-21` - `2020-08-23`	10 months	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2019-04-10` - `2020-04-10`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-09-22` - `2019-12-20`	3 months	crt.sh
*.adsafeprotected.com COMODO RSA Domain Validation Secure Server CA	`2018-08-20` - `2020-09-17`	2 years	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2018-09-13` - `2020-10-07`	2 years	crt.sh
*.videoplayerhub.com Amazon	`2019-07-18` - `2020-08-18`	a year	crt.sh
*.samba.tv Amazon	`2019-08-07` - `2020-09-07`	a year	crt.sh
*.tinypass.com DigiCert SHA2 Secure Server CA	`2019-01-31` - `2020-03-20`	a year	crt.sh
sni101653.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-06` - `2020-03-14`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2019-02-25` - `2020-02-25`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
assets.bounceexchange.com Let's Encrypt Authority X3	`2019-10-13` - `2020-01-11`	3 months	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-01-02` - `2020-01-03`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2018-12-20` - `2020-01-01`	a year	crt.sh
*.scroll.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-06` - `2021-03-02`	2 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-30` - `2020-07-25`	a year	crt.sh
z-na.amazon-adsystem.com Amazon	`2019-06-12` - `2020-06-07`	a year	crt.sh
www.google.de GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2018-12-30` - `2020-03-30`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.adtech.advertising.com DigiCert SHA2 High Assurance Server CA	`2018-05-22` - `2020-05-26`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-03-28` - `2020-04-01`	a year	crt.sh
p.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-09-03` - `2021-02-22`	a year	crt.sh
api.skimlinks.mgr.consensu.org DigiCert SHA2 Secure Server CA	`2019-10-04` - `2021-10-07`	2 years	crt.sh
ssl516460.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-24` - `2020-03-01`	6 months	crt.sh
aax-us-east.amazon-adsystem.com Amazon	`2019-02-04` - `2020-02-04`	a year	crt.sh
api.rollbar.com DigiCert SHA2 Secure Server CA	`2017-04-19` - `2020-07-15`	3 years	crt.sh
jwplayer.com Amazon	`2019-03-28` - `2020-04-28`	a year	crt.sh
g2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-03` - `2019-11-19`	7 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
*.taboola.com DigiCert ECC Secure Server CA	`2019-09-03` - `2020-09-10`	a year	crt.sh
ats.otto.de DigiCert Global CA G2	`2019-09-17` - `2020-07-17`	10 months	crt.sh
*.doubleverify.com Network Solutions OV Server CA 2	`2016-12-13` - `2019-12-13`	3 years	crt.sh
*.mediaplex.com GlobalSign Organization Validation CA - SHA256 - G2	`2019-02-04` - `2021-03-25`	2 years	crt.sh
a3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-10-23` - `2020-09-10`	a year	crt.sh
www.assoc-amazon.com Amazon	`2019-03-09` - `2020-02-19`	a year	crt.sh
fls-na.amazon-adsystem.com Amazon	`2019-02-12` - `2020-01-26`	a year	crt.sh
*.azurewebsites.net Microsoft IT TLS CA 5	`2019-09-24` - `2021-09-24`	2 years	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
s2.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2018-08-31` - `2020-04-23`	2 years	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-03-26` - `2020-03-30`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
ad-delivery.net Amazon	`2019-03-07` - `2020-04-07`	a year	crt.sh
*.assetbucket.net Amazon	`2019-09-11` - `2020-10-11`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Frame ID: 2CBFB8A1BE9454ACB9A07A984223127E
Requests: 238 HTTP requests in this frame

Frame: https://deadspin.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Frame ID: 42B2B9E411EF4C924564089BA0D751A5
Requests: 1 HTTP requests in this frame

Frame: https://gizmodo.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Frame ID: 4B74BBD1D45735372BC4FCA90B891F08
Requests: 1 HTTP requests in this frame

Frame: https://jalopnik.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Frame ID: FFEE1481D4B53F3D91C8ACBD5F639088
Requests: 1 HTTP requests in this frame

Frame: https://jezebel.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Frame ID: 80EF9F58AB90781738BC5C35E3770D5F
Requests: 1 HTTP requests in this frame

Frame: https://kotaku.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Frame ID: 9505FE6D9418DD4DADBC8DEDADDAFABC
Requests: 1 HTTP requests in this frame

Frame: https://lifehacker.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Frame ID: 8ADA583D772E448686B48F3530DCD0B0
Requests: 1 HTTP requests in this frame

Frame: https://theroot.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Frame ID: D97D49B9E4774C1B647AC46856D100BF
Requests: 1 HTTP requests in this frame

Frame: https://avclub.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Frame ID: 7E5ACEF3B790BEFA6CD9DF90DEF516EC
Requests: 1 HTTP requests in this frame

Frame: https://clickhole.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Frame ID: 52A73DBF0B0ACAC47E59F0EB699AA14A
Requests: 1 HTTP requests in this frame

Frame: https://theinventory.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Frame ID: 09194914B02330F7B68F60A106E1C744
Requests: 1 HTTP requests in this frame

Frame: https://theonion.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Frame ID: 2CE2AB58FAEA2F6922C916CC5593817A
Requests: 1 HTTP requests in this frame

Frame: https://thetakeout.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Frame ID: BA915BDF484883DB96F574E9C3EBC0C1
Requests: 1 HTTP requests in this frame

Frame: https://kinjadeals.theinventory.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Frame ID: C940FA34FA52F6AA3311AB11724E8F67
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame10.min.html
Frame ID: 985CC92E9E1F3DB23E396DBF496C44D7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.digitru.st/prod/1.4.4.beta/dt.html
Frame ID: 1312F98F95DE212275F9191E84415F59
Requests: 1 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/915a8e9b-430c-47ad-9809-4249fbeacffe/lightbox.js?mb=1571949483459&lv=1
Frame ID: 26768DFE3E3B7F89C318928264A5D588
Requests: 2 HTTP requests in this frame

Frame: https://p.skimresources.com/?provider_id=13fc1a183e46ea1ff1b80bff9417a707&skim_mapping=true
Frame ID: DCA34B9EF285CC68BC688D58FC5B47E1
Requests: 2 HTTP requests in this frame

Frame: https://lifehacker.com/embed/comments/magma/1839331632
Frame ID: 2AF2B3A7BF22CA889794983557C39CCF
Requests: 30 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/lclst/915a8e9b-430c-47ad-9809-4249fbeacffe/ls.html?purl=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&vid=915a8e9b-430c-47ad-9809-4249fbeacffe&se=0&prev=0&cb=637048872363467176
Frame ID: B759E96DF2F292F289165B3C00525166
Requests: 1 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=87656714-813f-4c6a-911e-1ed70c42e5a4
Frame ID: E3DF5B14B509F5ABA605C916ECF82548
Requests: 12 HTTP requests in this frame

Frame: https://ats.otto.de/px/p/adt?ait=6751471624754234578&kw=&bid=10526397&cuid=3913979&cpid=3365486&wid=79800&uid=&curl=https%3A%2F%2Fwww.otto.de%2Fextern%2F%3Fpage%3D%252Fwohnen%252F%253Fthema%253Dthmn123nol_andas_morten_georgsen%26AffiliateID%3DLD445065%26campid%3DLD445065%26IWL%3D018
Frame ID: 28F858C47BBD82C54D901F274E36F4B6
Requests: 3 HTTP requests in this frame

Frame: https://g.jwpsrv.com/g/gcid-0.1.2.html?aid=AD1z1CobEeO%2BuCIACusDuQ&id=rD2UK3wV&emi=1yaph3211fuh&pli=1oyjssy1w9bn&pv=8.11.5&tv=3.21.0
Frame ID: D404E798AA1D73D37438B07C45411F08
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.345.0_en.html
Frame ID: 662029C310541FF1F1655C76C726BC09
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

304
Requests

99 %
HTTPS

25 %
IPv6

73
Domains

106
Subdomains

69
IPs

9
Countries

8205 kB
Transfer

17195 kB
Size

0
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://avclub.com/
Title: The A.V. Club

Search URL Search Domain Scan URL

URL: https://deadspin.com/
Title: Deadspin

Search URL Search Domain Scan URL

URL: https://gizmodo.com/
Title: Gizmodo

Search URL Search Domain Scan URL

URL: https://jalopnik.com/
Title: Jalopnik

Search URL Search Domain Scan URL

URL: https://jezebel.com/
Title: Jezebel

Search URL Search Domain Scan URL

URL: https://kotaku.com/
Title: Kotaku

Search URL Search Domain Scan URL

URL: https://theroot.com/
Title: The Root

Search URL Search Domain Scan URL

URL: https://thetakeout.com/
Title: The Takeout

Search URL Search Domain Scan URL

URL: https://clickhole.com/
Title: Clickhole

Search URL Search Domain Scan URL

URL: https://theonion.com/
Title: The Onion

Search URL Search Domain Scan URL

URL: https://theinventory.com/
Title: The Inventory

Search URL Search Domain Scan URL

URL: https://skillet.lifehacker.com/
Title: Skillet

Search URL Search Domain Scan URL

URL: https://twocents.lifehacker.com/
Title: Two Cents

Search URL Search Domain Scan URL

URL: https://vitals.lifehacker.com/
Title: Vitals

Search URL Search Domain Scan URL

URL: https://offspring.lifehacker.com/
Title: Offspring

Search URL Search Domain Scan URL

URL: https://kinja.com/joelkahn
Title: Joel Kahn

Search URL Search Domain Scan URL

URL: https://vitals.lifehacker.com/if-you-deadlift-get-deadlift-socks-1839329323

Search URL Search Domain Scan URL

URL: https://skillet.lifehacker.com/how-to-make-your-cinnamon-rolls-taste-like-cinnabons-1839326463

Search URL Search Domain Scan URL

URL: https://kinja.com/emilyprice123
Title: Emily Price

Search URL Search Domain Scan URL

URL: https://facebook.com/sharer.php?u=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632%3Futm_medium%3Dsharefromsite%26utm_source%3D_facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Make%20Sure%20You%20Didn%27t%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps&url=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632%3Futm_medium%3Dsharefromsite%26utm_source%3D_twitter

Search URL Search Domain Scan URL

URL: https://threatpost.com/click-fraud-malware-apple-app-store/149496/
Title: Threatpost reports

Search URL Search Domain Scan URL

URL: https://twitter.com/emily
Title: Twitter

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=gomedia-lifehacker&utm_medium=referral&utm_content=thumbnails-a:Below%20Article%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://ad1.adfarm1.adition.com/redi?sid=3913979&kid=3365486&bid=10526397&utm_source=taboola&utm_medium=referral
Title: OTTO

Search URL Search Domain Scan URL

URL: https://altfarm.mediaplex.com/ad/ck/2399-250440-59374-8?utm_source=taboola&utm_medium=referral
Title: DELL

Search URL Search Domain Scan URL

URL: https://www.holzkern.com/de/handgefertigt-aus-holz-und-stein-warum-diese-uhren-so-besonders-sind/?utm_source=taboola&utm_medium=gomedia-lifehacker&utm_campaign=2739518
Title: Holzkern

Search URL Search Domain Scan URL

URL: http://t1.tkzio.com/027aa335-6400-4556-9315-9633d80152d9?site=gomedia-lifehacker&title=Mit+dieser+KFZ+Versicherung+sparen+Deutsche+Hunderte+Euro&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fcb4e875bb1d2e915c95202b364799edb.jpg&campaign=DE_ERGO_KFZ_Desktop1a&utm_content=267692257&conversionname=ERGOKFZ&click_id=CjBmN2EzZDMwZC02NDExLTQ4NDktYWViYi0xZTc3NTNkMTYyNWItdHVjdDRhYjkxMmISKW1ibWVkaWFwZXJmb3JtYW5jZWdtYmgtdWtsaWZlaW5zdXJhbmNlLXNj
Title: Produkt Fuchs | ERGO

Search URL Search Domain Scan URL

URL: https://ad13.adfarm1.adition.com/redi?sid=4430072&kid=3352045&bid=10406658&prf[system]=TABOOLA&prf[campaignitemid]=278833191&prf[clickid]=CjBmN2EzZDMwZC02NDExLTQ4NDktYWViYi0xZTc3NTNkMTYyNWItdHVjdDRhYjkxMmISHmRlZXBtZWRpYXRlY2hub2xvZ2llcy12ZXJ0aS1zYw&prf[timestamp]=2019-10-24+20%3A38%3A03&clickurl=https://www.verti.de/lp/jeg/irre/mpfk/?utm_source=taboola&utm_medium=cpc&utm_campaign=display_prospecting_dap&utm_content=native
Title: Verti Autoversicherung

Search URL Search Domain Scan URL

URL: https://www.outfittery.de/lp/ob-011?utm_source=taboola&utm_medium=display&utm_term=gomedia-lifehacker&utm_content=2842328225&utm_campaign=DE_DE_20191023_Taboola_UnbounceLP011_RON_Desktop&spef=1
Title: OUTFITTERY

Search URL Search Domain Scan URL

URL: https://legal.kinja.com/kinja-terms-of-use-1793094100
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://legal.kinja.com/privacy-policy-1793094625
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://sb.scorecardresearch.com/b?c1=2&c2=6770184&ns__t=1571949482627&ns_c=UTF-8&cv=3.1&c8=Did%20You%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%3F&c7=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&ns__t=1571949482627&ns_c=UTF-8&cv=3.1&c8=Did%20You%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%3F&c7=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&c9=

Request Chain 60

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-803450h&cg=0&cc=1&si=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&rp=&ts=compact&rnd=1571949482656 HTTP 302
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-803450h&cg=0&cc=1&si=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&rp=&ts=compact&rnd=1571949482656&ja=1

Request Chain 112

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=530738705&t=pageview&_s=1&dl=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&ul=en-us&de=UTF-8&dt=Did%20You%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%3F&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDACEABFAQC~&jid=1812683289&gjid=639794603&cid=1646358791.1571949483&tid=UA-142218-1&_gid=1964647908.1571949483&_r=1&cd38=computer&cd39=none&cd40=-2&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=1839331632&cd75=Logged%20out&cd76=none&cd78=standard&cd80=2019-10-24&cd82=Make%20Sure%20You%20Didn%27t%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps&cd83=article&cd94=appstore&cd97=249&cd99=Emily%20Price&cd101=lifehacker&cd103=appstore%2Cmalware%2Cmalwareremoval&cd105=Lifehacker&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=200%20-%20400&cd117=Downloads&cd123=scroll&cd124=not%20truncated&cd126=adblock%20off&cd130=none&cd37=d&z=1133943209 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-142218-1&cid=1646358791.1571949483&jid=1812683289&_gid=1964647908.1571949483&gjid=639794603&_v=j79&z=1133943209 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-1&cid=1646358791.1571949483&jid=1812683289&_v=j79&z=1133943209 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-1&cid=1646358791.1571949483&jid=1812683289&_v=j79&z=1133943209&slf_rd=1&random=3680975738

Request Chain 113

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=530738705&t=pageview&_s=1&dl=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&ul=en-us&de=UTF-8&dt=Did%20You%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%3F&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDACEABFAQC~&jid=1264323842&gjid=1591843175&cid=1646358791.1571949483&tid=UA-142218-33&_gid=1964647908.1571949483&_r=1&cd38=computer&cd39=none&cd40=-2&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=1839331632&cd75=Logged%20out&cd76=none&cd78=standard&cd80=2019-10-24&cd82=Make%20Sure%20You%20Didn%27t%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps&cd83=article&cd94=appstore&cd97=249&cd99=Emily%20Price&cd101=lifehacker&cd103=appstore%2Cmalware%2Cmalwareremoval&cd105=Lifehacker&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=200%20-%20400&cd117=Downloads&cd123=scroll&cd124=not%20truncated&cd126=adblock%20off&cd130=none&cd37=d&z=1533652980 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-142218-33&cid=1646358791.1571949483&jid=1264323842&_gid=1964647908.1571949483&gjid=1591843175&_v=j79&z=1533652980 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-33&cid=1646358791.1571949483&jid=1264323842&_v=j79&z=1533652980 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-33&cid=1646358791.1571949483&jid=1264323842&_v=j79&z=1533652980&slf_rd=1&random=894583965

Request Chain 114

https://r.skimresources.com/api/ HTTP 307
https://r.skimresources.com/api/?xguid=01DQZQV55MVMKB9QE0HAM07CQ6&persistence=1&checksum=7abbbfadca8e772ef2e8f898fc6fbf94895345c06768878fdf93bb4d03072f0e

Request Chain 126

https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/3946172/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=17c9feb43c18198;misc=1571949483383; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/3946172/0/0/ADTECH;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=17c9feb43c18198;misc=1571949483383 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/3946172/0/0/ADTECH;apid=1A2d4a7240-f69e-11e9-a70e-12783854d8e0;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=17c9feb43c18198;misc=1571949483383

Request Chain 127

https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762255/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=18589039213e72c;misc=1571949483383; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762255/0/0/ADTECH;cfp=1;rndc=1571949482;v=2;cmd=bid;cors=yes;alias=18589039213e72c;misc=1571949483383 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762255/0/0/ADTECH;apid=1A2d4a6962-f69e-11e9-99d5-12ddab465c88;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=18589039213e72c;misc=1571949483383

Request Chain 128

https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762262/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1980f998232ebb3;misc=1571949483383; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762262/0/0/ADTECH;cfp=1;rndc=1571949482;v=2;cmd=bid;cors=yes;alias=1980f998232ebb3;misc=1571949483383 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762262/0/0/ADTECH;apid=1A2d4a830c-f69e-11e9-a7f0-1245d65848a4;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=1980f998232ebb3;misc=1571949483383

Request Chain 139

https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762260/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=3213c171da39985;misc=1571949483394; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762260/0/0/ADTECH;cfp=1;rndc=1571949482;v=2;cmd=bid;cors=yes;alias=3213c171da39985;misc=1571949483394 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762260/0/0/ADTECH;apid=1A2d4a558a-f69e-11e9-9b70-12ddab465c88;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=3213c171da39985;misc=1571949483394

Request Chain 164

https://x.skimresources.com/?provider=exelate HTTP 302
https://loadeu.exelator.com/load/?p=787&g=001&j=0& HTTP 302
https://loadeu.exelator.com/load/?p=787&g=001&j=0&&xl8blockcheck=1 HTTP 302
https://x.skimresources.com/?provider=exelate&skim_mapping=true&provider_id=13fc1a183e46ea1ff1b80bff9417a707 HTTP 302
https://p.skimresources.com/?provider_id=13fc1a183e46ea1ff1b80bff9417a707&skim_mapping=true

Request Chain 203

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=87656714-813f-4c6a-911e-1ed70c42e5a4

Request Chain 204

https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=

Request Chain 205

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D HTTP 302
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=8_XBKUrZ6pYHF5QHgFgUz-aeJZqiF0Qh_db07tegC5k%3D

Request Chain 206

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID] HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&mm_bnc&mm_bct&UUID=95185db2-04b1-4a00-ae62-abc42bfae687 HTTP 302
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=95185db2-04b1-4a00-ae62-abc42bfae687 HTTP 302
https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=95185db2-04b1-4a00-ae62-abc42bfae687&tbid=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&query=taboola_hm%3D95185db2-04b1-4a00-ae62-abc42bfae687

Request Chain 208

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJyIrbO5yzCrFsEF6gorXVA&google_cver=1 HTTP 302
https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEJyIrbO5yzCrFsEF6gorXVA&tbid=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&query=taboola_hm%3DCAESEJyIrbO5yzCrFsEF6gorXVA%26google_cver%3D1

Request Chain 210

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cb18a76d-6814-4a44-a208-11239fb5b121 HTTP 302
https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=cb18a76d-6814-4a44-a208-11239fb5b121&tbid=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&query=taboola_hm%3Dcb18a76d-6814-4a44-a208-11239fb5b121

Request Chain 211

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b HTTP 302
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=8b43e75c-bedf-4de8-9df2-65f7b6291c96 HTTP 302
https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=8b43e75c-bedf-4de8-9df2-65f7b6291c96&tbid=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&query=taboola_hm%3D8b43e75c-bedf-4de8-9df2-65f7b6291c96

Request Chain 214

https://x.bidswitch.net/sync?ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola HTTP 302
https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=3bd750fe-d4e6-41c5-af22-be24966a904a&ssp=taboola HTTP 302
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=dc801542-8dfe-4514-a1a4-912d2e0fd88f HTTP 302
https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=dc801542-8dfe-4514-a1a4-912d2e0fd88f&tbid=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&query=taboola_hm%3Ddc801542-8dfe-4514-a1a4-912d2e0fd88f

Request Chain 215

https://ad1.adfarm1.adition.com/banner?sid=3913979&kid=3365486&bid=10526397&ts=[1] HTTP 302
https://ats.otto.de/px/p/adt?ait=6751471624754234578&kw=&bid=10526397&cuid=3913979&cpid=3365486&wid=79800&uid=&curl=https%3A%2F%2Fwww.otto.de%2Fextern%2F%3Fpage%3D%252Fwohnen%252F%253Fthema%253Dthmn123nol_andas_morten_georgsen%26AffiliateID%3DLD445065%26campid%3DLD445065%26IWL%3D018

Request Chain 232

https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=f7134e1c79bc2521fbbfb8f35f332b7a HTTP 302
https://p.skimresources.com/?provider_id=f7134e1c79bc2521fbbfb8f35f332b7a&skim_mapping=true

Request Chain 249

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=530738705&t=event&ni=1&_s=1&dl=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&ul=en-us&de=UTF-8&dt=Did%20You%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%3F&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Video&ea=Video%20Load&el=kinjavideo-174199&_u=aGDACEABFAQC~&jid=1397511375&gjid=1178644494&cid=1646358791.1571949483&tid=UA-142218-33&_gid=1964647908.1571949483&_r=1&cd39=none&cd40=none&cd42=174199&cd48=none&cd50=JWP%208.11.5&cd83=article&cd101=lifehacker&cd105=Lifehacker&cd111=0&cd16=article&cd22=none&cd41=clip&cd44=none&cd45=How%20to%20Clean%20a%20Couch&cd62=none&cd63=lifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&cd65=0&cd89=none&cd120=lifehacker&cd121=outstream&cd122=none&cd129=JWP&z=1185065944 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-142218-33&cid=1646358791.1571949483&jid=1397511375&_gid=1964647908.1571949483&gjid=1178644494&_v=j79&z=1185065944 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-33&cid=1646358791.1571949483&jid=1397511375&_v=j79&z=1185065944 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-33&cid=1646358791.1571949483&jid=1397511375&_v=j79&z=1185065944&slf_rd=1&random=2913240337

Request Chain 250

https://pubads.g.doubleclick.net/gampad/ad?iu=/4246/gm.lifehacker&c=1571949484&sz=401x301 HTTP 302
https://pubads.g.doubleclick.net/gampad/ad?iu=/4246/gm.lifehacker&c=1571949484&sz=401x301&pre=1

Request Chain 295

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76539a53-5c43-4ed5-9383-0170d0baf4f8&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPOzubJjDz-PPO8jsnelp_M&google_cver=1

Request Chain 297

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=530738705&t=event&ni=1&_s=5&dl=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&ul=en-us&de=UTF-8&dt=Did%20You%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%3F&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Video&ea=Video%20Content%203s&el=kinjavideo-174199&_u=aHDACEABFAQC~&jid=341069852&gjid=147321088&cid=1646358791.1571949483&tid=UA-142218-33&_gid=1964647908.1571949483&_r=1&cd39=none&cd40=none&cd42=174199&cd48=none&cd50=JWP%208.11.5&cd83=article&cd101=lifehacker&cd105=Lifehacker&cd111=0&cd16=article&cd22=none&cd41=clip&cd44=106-110&cd45=How%20to%20Clean%20a%20Couch&cd62=none&cd63=lifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&cd65=3&cd89=none&cd120=lifehacker&cd121=outstream&cd122=Autoplay&cd129=JWP&z=2134835694 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-142218-33&cid=1646358791.1571949483&jid=341069852&_gid=1964647908.1571949483&gjid=147321088&_v=j79&z=2134835694 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-33&cid=1646358791.1571949483&jid=341069852&_v=j79&z=2134835694 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-33&cid=1646358791.1571949483&jid=341069852&_v=j79&z=2134835694&slf_rd=1&random=1440478970

304 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request make-sure-you-didnt-download-one-of-these-17-malicious-1839331632 Show response
lifehacker.com/ 574 KB
99 KB 105ms
89ms Document
text/html 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

/ Express

Resource Hash

07adf9f6eae9b5056f5a2cfdbfb0246664e9e44832a335c837161314452093a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: lifehacker.com
:scheme: https
:path: /make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
etag: W/"8f6fa-3I1u+Q2f6X4AdmhJwLzBaAAVUaY"
x-kinja: kinja-mantle-kube02-6977d6c947-4m96g #259
content-type: text/html; charset=utf-8
x-powered-by: Express
cache-control: stale-if-error=86400, stale-while-revalidate=300
x-kinja-build: 259
x-kinja-server: kinja-mantle-kube02-6977d6c947-4m96g
x-frame-options: deny
content-encoding: gzip
x-googlenews-bot: false
x-kinja-revision: 900f28194722c8af0f47626fa5348020c5a8d28e
x-xss-protection: 1; mode=block
x-kinja-server-push: /x-kinja-static/assets/new-client/trackers.8eff1606388428485926.js
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish 1.1 varnish
x-cdn-fetch: mantle-default
accept-ranges: bytes
date: Thu, 24 Oct 2019 20:38:02 GMT
age: 0
x-served-by: cache-jfk8123-JFK, cache-fra19179-FRA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1571949482.447787,VS0,VE82
x-feature-hash: eu_disabled=on
set-cookie: geocc=DE;path=/; KinjaBucket=d;path=/;Max-Age=31536000;domain=lifehacker.com; KinjaSetBucket=d|1571949300|ivorHHro/znZWWFc7qfCoZN7gJ527B+melTd4OVnl60=;path=/;Max-Age=300;
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, Cookie, X-GoogleNews-Bot, X-Exp-Id, X-Exp-Variant, Authorization
content-length: 100620

GET
H2 200 accountwithtoken Show response
kinja.com/api/profile/ 197 B
852 B 95ms
94ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja.com/api/profile/accountwithtoken?jsonp=_fasttoken&newFollows=true

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

1a0d71ab6f48ec8e156bc3368d1a1a9bc84f1e876c4d46643270516508f99dc1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cache: MISS, MISS
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
status: 200
x-cdn-fetch: mantle-setcookie
content-length: 197
x-xss-protection: 1; mode=block
x-served-by: cache-jfk8151-JFK, cache-fra19179-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1571949483.540742,VS0,VE89
x-frame-options: DENY
date: Thu, 24 Oct 2019 20:38:02 GMT
vary: Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, no-store, private
x-feature-hash: eu_disabled=on
accept-ranges: bytes, bytes
x-cache-hits: 0, 0

GET
H2 200 digitrust.min.js Show response
cdn.digitru.st/prod/1.4.4.beta/ 40 KB
14 KB 26ms
10ms Script
application/javascript 159.180.84.2
Instart Logic

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.digitru.st/prod/1.4.4.beta/digitrust.min.js
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.180.84.2 , United States, ASN33047 (INSTART - Instart Logic, Inc, US),
Reverse DNS
Software: DTOrigin /
Resource Hash: c1fe635f8f93fdd031eac7378c190f3c86c460fe3a0946673c8387000e1c1212

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 23 Oct 2019 11:02:27 GMT
content-encoding: gzip
last-modified: Tue, 09 Oct 2018 17:17:21 GMT
server: DTOrigin
etag: "bf43bc16ca953eb6a974f2a4f5c8827a"
status: 200
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: max-age=86400
x-instart-request-id: 12056635021596108456:SEN01-CPVNPPRY12:1571949482:0
x-instart-cache-id: 9:1905377984457093203::1571310146
accept-ranges: bytes
content-type: application/javascript
content-length: 13548
expires: Thu, 24 Oct 2019 11:02:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 3808
date: Thu, 24 Oct 2019 19:34:34 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Thu, 24 Oct 2019 21:34:34 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 37ms
22ms Script
application/x-javascript 23.45.99.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.99.242 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-99-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Fri, 25 Oct 2019 20:38:02 GMT

GET
H2 200 i.js Show response
tag.bounceexchange.com/3646/ 7 KB
3 KB 35ms
8ms Script
text/plain 35.190.92.63
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.bounceexchange.com/3646/i.js
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.92.63 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 63.92.190.35.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: f145258b3e2233b15e58df3760ad9a5bd9f08e73c5be540aa34a289eb9378045

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:01 GMT
content-encoding: gzip
server: fasthttp
etag: 0b58841b96a212
content-type: text/plain; charset=utf-8
status: 200
cache-control: no-cache, must-revalidate
x-region: europe-west3
alt-svc: clear
content-length: 3262
via: 1.1 google

GET
H2 200 wogdbwzlwxs9fx8dh133.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_264,q_80,w_470/ 36 KB
37 KB 34ms
7ms Image
image/webp 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_264,q_80,w_470/wogdbwzlwxs9fx8dh133.jpg

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

kinja /

Resource Hash

49a48ba7152e4f9335e24afc52dd9919df7fcc6f3e5cd7eda443a141eca0a86f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 21103
edge-cache-tag: 309671554919277357138371221846046458374,321397973001206479435384937382533601359,e658e1d7ab596d92a7343d60946f3015
status: 200, 200 OK
x-image-request-allowed: lifehacker.com yes
content-disposition: inline; filename="wogdbwzlwxs9fx8dh133.webp"
content-length: 37302
x-request-id: 8c18a4efa8b61ce02887ad60f82f6b2f
x-served-by: cache-jfk8146-JFK, cache-jfk8151-JFK, cache-fra19179-FRA
x-cache: MISS, HIT, HIT
last-modified: Thu, 24 Oct 2019 14:46:20 GMT
server: kinja
x-timer: S1571949483.612352,VS0,VE1
etag: "5bfc5d4c0adadbe02f67e5b05323066a"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-max-age=0, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-cache-hits: 0, 1, 1

GET
H2 200 w8oqa4ftwz5gvrzzmevg.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_264,q_80,w_470/ 13 KB
13 KB 34ms
6ms Image
image/webp 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_264,q_80,w_470/w8oqa4ftwz5gvrzzmevg.jpg

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

kinja /

Resource Hash

e6209adccdba9b8c1db2800a765b8ac37decbd7e6014b19432934eaeb402afd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 7661
edge-cache-tag: 295868983776792935285466212783490223368,321397973001206479435384937382533601359,e658e1d7ab596d92a7343d60946f3015
status: 200, 200 OK
x-image-request-allowed: lifehacker.com yes
content-disposition: inline; filename="w8oqa4ftwz5gvrzzmevg.webp"
content-length: 13032
x-request-id: 09e3c16a71baa055f993bd47fca7833d
x-served-by: cache-jfk8128-JFK, cache-jfk8142-JFK, cache-fra19179-FRA
x-cache: MISS, HIT, HIT
last-modified: Thu, 24 Oct 2019 18:30:21 GMT
server: kinja
x-timer: S1571949483.612204,VS0,VE1
etag: "918a210060a3ee2c761c20becab1ac1c"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-max-age=0, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-cache-hits: 0, 4, 1

GET
H2 200 t4wydzjpa7kaaebgnqj1.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_264,q_80,w_470/ 8 KB
9 KB 34ms
7ms Image
image/webp 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_264,q_80,w_470/t4wydzjpa7kaaebgnqj1.jpg

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

kinja /

Resource Hash

676610cf5c37630e2690d039e8f240ee7fbedbf27b1a9fc1b5d000070562a060

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 16650
edge-cache-tag: 483453818964381226337190360153306795357,321397973001206479435384937382533601359,e658e1d7ab596d92a7343d60946f3015
status: 200, 200 OK
x-image-request-allowed: lifehacker.com yes
content-disposition: inline; filename="t4wydzjpa7kaaebgnqj1.webp"
content-length: 8468
x-request-id: 44ed9233a8f8160a11df16b2d1eb2bb1
x-served-by: cache-jfk8132-JFK, cache-jfk8140-JFK, cache-fra19179-FRA
x-cache: MISS, HIT, HIT
last-modified: Thu, 24 Oct 2019 16:00:33 GMT
server: kinja
x-timer: S1571949483.612358,VS0,VE1
etag: "e7767fd96a220bee5ef88130ceece910"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-max-age=0, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-cache-hits: 0, 2, 1

GET
H2 200 pcobq8ot83f3jb3dvy3z.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_264,q_80,w_470/ 27 KB
27 KB 37ms
10ms Image
image/webp 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_264,q_80,w_470/pcobq8ot83f3jb3dvy3z.jpg

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

kinja /

Resource Hash

6d944bebb25ed7fd73f679b45d906d29efb65aced31035970af6c7affe816ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 175955
edge-cache-tag: 476773643704720150813538803019901618552,321397973001206479435384937382533601359,e658e1d7ab596d92a7343d60946f3015
status: 200, 200 OK
x-image-request-allowed: lifehacker.com yes
content-disposition: inline; filename="pcobq8ot83f3jb3dvy3z.webp"
content-length: 27666
x-request-id: b11e202b6861565a990f69a8370f1dee
x-served-by: cache-jfk8122-JFK, cache-jfk8130-JFK, cache-fra19179-FRA
x-cache: MISS, HIT, HIT
last-modified: Tue, 22 Oct 2019 19:45:28 GMT
server: kinja
x-timer: S1571949483.612417,VS0,VE1
etag: "962ac614355ee713a8a3f0382a703e8b"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-max-age=0, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-cache-hits: 0, 2, 1

GET
H2 200 ow3759shw2byawhd4s79.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_264,q_80,w_470/ 45 KB
45 KB 37ms
10ms Image
image/webp 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_264,q_80,w_470/ow3759shw2byawhd4s79.jpg

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

kinja /

Resource Hash

e7a94fb0d453c6e0f6363a5b2f930dcea3a7b9468c1d9e7336813d89f77f9d5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 329320
edge-cache-tag: 277799059044363586120324681493912875720,321397973001206479435384937382533601359,e658e1d7ab596d92a7343d60946f3015
status: 200, 200 OK
x-image-request-allowed: lifehacker.com yes
content-disposition: inline; filename="ow3759shw2byawhd4s79.webp"
content-length: 45584
x-request-id: 2bc3d7b766bedc8b1d23ee56adce667e
x-served-by: cache-jfk8148-JFK, cache-jfk8144-JFK, cache-fra19179-FRA
x-cache: MISS, HIT, HIT
last-modified: Mon, 21 Oct 2019 01:09:22 GMT
server: kinja
x-timer: S1571949483.612387,VS0,VE1
etag: "53e61bd3de8af267f77e1d0665b72e6f"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-max-age=0, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-cache-hits: 0, 3, 1

GET
H2 200 hcp3g71brjajjbjrobar.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_264,q_80,w_470/ 12 KB
12 KB 34ms
7ms Image
image/webp 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_264,q_80,w_470/hcp3g71brjajjbjrobar.jpg

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

kinja /

Resource Hash

4e2e17a36eccdb07cd30cbd81593cf4f1492b336a79b2fe2768afc917cc09cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 336201
edge-cache-tag: 258834612830142926197962382066580529976,321397973001206479435384937382533601359,e658e1d7ab596d92a7343d60946f3015
status: 200, 200 OK
x-image-request-allowed: lifehacker.com yes
content-disposition: inline; filename="hcp3g71brjajjbjrobar.webp"
content-length: 11778
x-request-id: 51289c86d8ae3e3519db7a15695020ef
x-served-by: cache-jfk8142-JFK, cache-jfk8147-JFK, cache-fra19179-FRA
x-cache: MISS, HIT, HIT
last-modified: Sun, 20 Oct 2019 23:14:42 GMT
server: kinja
x-timer: S1571949483.612353,VS0,VE0
etag: "efb0f38057528bec1db71bffbacb18f9"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-max-age=0, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-cache-hits: 0, 1, 1

GET
H2 200 ftpvgykl9q0xvb8qto2c.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ 2 KB
2 KB 9ms
9ms Image
image/webp 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_80,q_80,w_80/ftpvgykl9q0xvb8qto2c.jpg

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

kinja /

Resource Hash

a3d3dcc4d1786c79f5d01663b9bfd7009db2f8554329f403dfa750c21489eb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 9023309
edge-cache-tag: 568557240046577082090192233191836566124,459964070155708088631028234589179437065,e658e1d7ab596d92a7343d60946f3015
status: 200
x-image-request-allowed: lifehacker.com yes
content-disposition: inline; filename="ftpvgykl9q0xvb8qto2c.webp"
content-length: 2032
x-served-by: cache-jfk8128-JFK, cache-jfk8139-JFK, cache-fra19179-FRA
x-cache: HIT, HIT, HIT
last-modified: Fri, 31 May 2019 10:00:41 GMT
server: kinja
x-timer: S1571949483.615929,VS0,VE0
etag: "24a4749777ca938172dffc023c823123"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-max-age=0, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-cache-hits: 1, 1, 1

GET
H2 200 b1j4s0blkpremzeyoivg.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_264,q_80,w_470/ 21 KB
22 KB 7ms
6ms Image
image/webp 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_264,q_80,w_470/b1j4s0blkpremzeyoivg.jpg

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

kinja /

Resource Hash

daefc5546911c7d9107f0f0e058eaa82e8b09255fbbfaa26e1948baf2f8992a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 2504670
edge-cache-tag: 501679330910825129017239982726773519417,321397973001206479435384937382533601359,e658e1d7ab596d92a7343d60946f3015
status: 200
x-image-request-allowed: lifehacker.com yes
content-disposition: inline; filename="b1j4s0blkpremzeyoivg.webp"
content-length: 21766
x-served-by: cache-jfk8147-JFK, cache-jfk8128-JFK, cache-fra19179-FRA
x-cache: MISS, HIT, HIT
last-modified: Fri, 26 Jul 2019 13:07:57 GMT
server: kinja
x-timer: S1571949483.620858,VS0,VE1
etag: "40953a9fe22be93d7b2d6113d83937c1"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-max-age=0, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-cache-hits: 0, 1, 1

GET
H2 200 18fc5hsjhksifpng.png
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_264,q_80,w_470/ 12 KB
12 KB 7ms
7ms Image
image/webp 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_264,q_80,w_470/18fc5hsjhksifpng.png

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

kinja /

Resource Hash

f431236c7fc64078423fccd1a6abf56bdf510c54fdee60fe66196fecca955c04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 4902
edge-cache-tag: 348045160028286289549980464962432863772,360249631126010237838512226941734516403,e658e1d7ab596d92a7343d60946f3015
status: 200, 200 OK
x-image-request-allowed: lifehacker.com yes
content-disposition: inline; filename="18fc5hsjhksifpng.webp"
content-length: 12064
x-request-id: cbc9d801a52c77cb331ab28f8e129fd2
x-served-by: cache-jfk8135-JFK, cache-jfk8145-JFK, cache-fra19179-FRA
x-cache: HIT, HIT, HIT
last-modified: Mon, 14 Oct 2019 19:13:29 GMT
server: kinja
x-timer: S1571949483.621152,VS0,VE1
etag: "8e98b527bde6837cb6e3e359509d73c1"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-max-age=0, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-cache-hits: 1, 5, 1

GET
H2 200 vrnewekqna96savktoh1.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_264,q_80,w_470/ 13 KB
13 KB 7ms
6ms Image
image/webp 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_264,q_80,w_470/vrnewekqna96savktoh1.jpg

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

kinja /

Resource Hash

5f2421151c2d15a4542bf9a3ba74eafbf64972e344315de003e89815b331d928

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 1228306
edge-cache-tag: 578882681707165405953787565906769179301,321397973001206479435384937382533601359,e658e1d7ab596d92a7343d60946f3015
status: 200, 200 OK
x-image-request-allowed: lifehacker.com yes
content-disposition: inline; filename="vrnewekqna96savktoh1.webp"
content-length: 13250
x-request-id: f8beb3b9257e5cc499ef9cb8e1b17dec
x-served-by: cache-jfk8120-JFK, cache-jfk8140-JFK, cache-fra19179-FRA
x-cache: MISS, HIT, HIT
last-modified: Thu, 10 Oct 2019 15:26:17 GMT
server: kinja
x-timer: S1571949483.624368,VS0,VE1
etag: "06e4199a7194e4425aa98e01e055e361"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-max-age=0, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-cache-hits: 0, 1, 1

GET
H2 200 ftpvgykl9q0xvb8qto2c.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_200,q_80,w_200/ 7 KB
8 KB 7ms
6ms Image
image/webp 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_200,q_80,w_200/ftpvgykl9q0xvb8qto2c.jpg

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

kinja /

Resource Hash

56b3374f0cd4d89ebe025d5a6515a02005c7a5fc172a427dd58dee84262643bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 2960342
edge-cache-tag: 568557240046577082090192233191836566124,515572748103209154759035336811864552388,e658e1d7ab596d92a7343d60946f3015
status: 200
x-image-request-allowed: lifehacker.com yes
content-disposition: inline; filename="ftpvgykl9q0xvb8qto2c.webp"
content-length: 7414
x-served-by: cache-jfk8137-JFK, cache-jfk8132-JFK, cache-fra19179-FRA
x-cache: MISS, HIT, HIT
last-modified: Sat, 27 Jul 2019 19:04:45 GMT
server: kinja
x-timer: S1571949483.625791,VS0,VE1
etag: "2a7f645e80382c2855109da31af3b434"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-max-age=0, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-cache-hits: 0, 1, 1

GET
H2 200 runtime~ads.54484ea6a0a90bf7d28d.js Show response
lifehacker.com/x-kinja-static/assets/new-client/ 1 KB
996 B 8ms
6ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://lifehacker.com/x-kinja-static/assets/new-client/runtime~ads.54484ea6a0a90bf7d28d.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ef6e5da10e3c0be8049df7f4f8e50fa12172dda0d2719c083383330b124c7d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 496406
x-cache: HIT, HIT
status: 200
x-cdn-fetch: mantle-origin-cache
content-length: 674
x-amz-id-2: 4WaKjBr4XwxpsQ1svp8Gzc+1G1i/WEVs/qDzKthhKDA+me5ql/DE5aqXILZpUCWzV5DWa9umF4w=
x-served-by: cache-fra19142-FRA, cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Fri, 18 Oct 2019 21:18:27 GMT
server: AmazonS3
x-timer: S1571949483.587954,VS0,VE0
etag: "b3816538dcbf0728d4be3ab7d4c169ee"
vary: Accept-Encoding, Authorization
x-amz-request-id: 021A00F59B6B2ACE
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
x-feature-hash: eu_disabled=on
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 6

GET
H2 200 vendors~ads.bbd1c98eb9684ebd4e66.js Show response
lifehacker.com/x-kinja-static/assets/new-client/ 10 KB
3 KB 9ms
7ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://lifehacker.com/x-kinja-static/assets/new-client/vendors~ads.bbd1c98eb9684ebd4e66.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

27b449b19411540ad9de8b321e987573c7132402f0310f455e8708dc3df2fe71

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1279243
x-cache: HIT, HIT
status: 200
x-cdn-fetch: mantle-origin-cache
content-length: 2838
x-amz-id-2: e73VFH9ojjiuaTdSUV0SqgDa17qdDpt3nTlPTWVe4P8cWr5X2p+1zwItKcd/3Vn/rkVLHp/odIM=
x-served-by: cache-fra19124-FRA, cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Wed, 09 Oct 2019 17:53:33 GMT
server: AmazonS3
x-timer: S1571949483.588284,VS0,VE0
etag: "014aa9f7c1f236d4dc630d26265dbe21"
vary: Accept-Encoding, Authorization
x-amz-request-id: 3D2C42E7C11C1079
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
x-feature-hash: eu_disabled=on
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 7

GET
H2 200 ads.d55c919fead71a11fb7b.js Show response
lifehacker.com/x-kinja-static/assets/new-client/ 424 KB
76 KB 9ms
7ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://lifehacker.com/x-kinja-static/assets/new-client/ads.d55c919fead71a11fb7b.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3acc13a46de6bc4f2de12302ef2487c581c50c6781f0835f2d94922d74047ae1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16869
x-cache: HIT, HIT
status: 200
x-cdn-fetch: mantle-origin-cache
content-length: 77424
x-amz-id-2: 4jt6FeFOxlCutvAwvKMeJfkfC2ZuldgxTMC+yyrCA5zguyt/jHuXiKu2NHYgPVg+S7WqXo1YCR0=
x-served-by: cache-fra19176-FRA, cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 15:54:01 GMT
server: AmazonS3
x-timer: S1571949483.588260,VS0,VE0
etag: "df6d76aa389474a7fb51e2be3f9e0443"
vary: Accept-Encoding, Authorization
x-amz-request-id: D718B9CBDF048308
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
x-feature-hash: eu_disabled=on
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 7

GET
H2 200 runtime~trackers.83877260061b4d6ce009.js Show response
lifehacker.com/x-kinja-static/assets/new-client/ 1 KB
1020 B 8ms
7ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://lifehacker.com/x-kinja-static/assets/new-client/runtime~trackers.83877260061b4d6ce009.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ac33700a7969bcf5931efdb1d994407ef4bbbf2c9bebf824349ad9caacdc12f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62627
x-cache: HIT, HIT
status: 200
x-cdn-fetch: mantle-origin-cache
content-length: 675
x-amz-id-2: AqGeWu3N+NtEu2xEdoO6NzGpGj7HzyM/jKT7R+TGvLKSfs82A/gQvyZsY9EdMeRzBPhQycifPS8=
x-served-by: cache-fra19172-FRA, cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Wed, 23 Oct 2019 19:58:30 GMT
server: AmazonS3
x-timer: S1571949483.588235,VS0,VE0
etag: "712e88acb10eb338498c5e0061273a7d"
vary: Accept-Encoding, Authorization
x-amz-request-id: 91AC28023E35E63E
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
x-feature-hash: eu_disabled=on
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 7

GET
H2 200 vendors~categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~46a29c46.84bd2e5a3c384cb1ec2d.js Show response
lifehacker.com/x-kinja-static/assets/new-client/ 64 KB
17 KB 8ms
6ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://lifehacker.com/x-kinja-static/assets/new-client/vendors~categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~46a29c46.84bd2e5a3c384cb1ec2d.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f0501575b22c02d63f881d26e2d59279c9f0a9f75af27a8e7fbbc118f8d15ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12683
x-cache: HIT, HIT
status: 200
x-cdn-fetch: mantle-origin-cache
content-length: 16833
x-amz-id-2: yi+POLWAcVrp1zK6WYQDI74amUTOX5yYi1YqnMQpfc0n/av0ON1Rf32mh3n3wuLBS5UDBhzu6I4=
x-served-by: cache-fra19150-FRA, cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 17:03:39 GMT
server: AmazonS3
x-timer: S1571949483.588216,VS0,VE0
etag: "ac23dcd822ede70127eb3b9bf8efc748"
vary: Accept-Encoding, Authorization
x-amz-request-id: 0C196FDE7AA82068
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
x-feature-hash: eu_disabled=on
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 7

GET
H2 200 categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~searchP~94dff803.ed8f3976f7e00f833744.js Show response
lifehacker.com/x-kinja-static/assets/new-client/ 14 KB
4 KB 12ms
10ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://lifehacker.com/x-kinja-static/assets/new-client/categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~searchP~94dff803.ed8f3976f7e00f833744.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b57f0069e1300da061b0a607acae9b5a679c14867fbcb709e9cae9691ebf643f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12683
x-cache: HIT, HIT
status: 200
x-cdn-fetch: mantle-origin-cache
content-length: 4050
x-amz-id-2: 6CsOjJE9G/KVcjsCOS7xfmLrT312Gt2SdsvFauFGhhsnXvcGKFs1uldtQsOS2s/USC63WISnbBQ=
x-served-by: cache-fra19136-FRA, cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 17:03:38 GMT
server: AmazonS3
x-timer: S1571949483.588304,VS0,VE0
etag: "565f08b54c108f0bcaa26c43648cbfd9"
vary: Accept-Encoding, Authorization
x-amz-request-id: AF97DE33879E37E3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
x-feature-hash: eu_disabled=on
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 7

GET
H2 200 trackers.8eff1606388428485926.js Show response
lifehacker.com/x-kinja-static/assets/new-client/ 50 KB
14 KB 2ms
0ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://lifehacker.com/x-kinja-static/assets/new-client/trackers.8eff1606388428485926.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a26fb2e6620540faf9520157b1713f8b70758512ae8cd2d3f6e24b1012ddb2fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12683
x-cache: HIT, HIT
status: 200
x-cdn-fetch: mantle-origin-cache
content-length: 13620
x-amz-id-2: IUpeLmJrvWuZ174JVQDcw1IYyDG5vZIkjw2eNP4BJK4Key5MjS3egfas/8+UpRvrjNLOlZXTO2c=
x-served-by: cache-fra19155-FRA, cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 17:03:39 GMT
server: AmazonS3
x-timer: S1571949483.530443,VS0,VE0
etag: "5cb2d9951a884b7f830ee41d5ad8397b"
vary: Accept-Encoding, Authorization
x-amz-request-id: 622E3D461DCCEFDA
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
x-feature-hash: eu_disabled=on
x-http2-push: pushed
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 7

GET
H2 200 runtime~permalinkPage.340ea00a61fa23aa5d63.js Show response
x.kinja-static.com/assets/new-client/ 5 KB
2 KB 57ms
7ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.340ea00a61fa23aa5d63.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

746fbf5c4fc50ae5eacd47e60c1098a3ba2db446127ecad1444d45bb5c6ad3c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 96
x-cache: HIT
status: 200
content-length: 1802
x-amz-id-2: fF5JLDW+8FHT6/sD/ruqb/rhNNkqlDxcjobtXpHo9Gzrz2i864Q3oGmHiFiJZwYyCvPrjFQ6lGI=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 19:34:13 GMT
server: AmazonS3
x-timer: S1571949483.637564,VS0,VE0
etag: "7b091439e36e590caff572f3f0e19f9f"
vary: Accept-Encoding
x-amz-request-id: 9D2CA85BBE34B5B8
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~ed35fe7a.304e73272c6dba7971d0.js Show response
x.kinja-static.com/assets/new-client/ 215 KB
61 KB 56ms
7ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~ed35fe7a.304e73272c6dba7971d0.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2744f88bfa4efd40366aa4c3fca4651589686608c059f6b7b63cfa4cc2530d69

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: HIT
status: 200
content-length: 62292
x-amz-id-2: zB2TBlQDv0m3WjmxH9nvq7reWGoqOL3GWUH5fCynqeuFtLXmrn/17sDfzaN3JIZNezWb4y3p3JE=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 17:03:40 GMT
server: AmazonS3
x-timer: S1571949483.637528,VS0,VE1
etag: "815aa6e41e4b73d3c4541f17a1b04c87"
vary: Accept-Encoding
x-amz-request-id: 04392239A0937347
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~ca8305fc.6ded6ad3c7790e5ea3e7.js Show response
x.kinja-static.com/assets/new-client/ 44 KB
14 KB 29ms
7ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~ca8305fc.6ded6ad3c7790e5ea3e7.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2c2626ad020ab01dc512e3d7500fe403d474a05531c3890f0749e61b1b7d8e4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: HIT
status: 200
content-length: 13740
x-amz-id-2: c17h75kH16/ZHifEN+TjXgEINfdDNWw3wHxye/PZYtOv1jsko39hCHCsxUaTZauPzraaUCCHdAA=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 17:03:39 GMT
server: AmazonS3
x-timer: S1571949483.637662,VS0,VE0
etag: "55db783c83cc4ea99f8c241a9971d4f7"
vary: Accept-Encoding
x-amz-request-id: 007D8F259351BE44
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~categoryPage~featuredPermalinkPage~frontPage~header~permalinkPage~profilePage~special-sectio~3cdb0c67.ae3fdc054b072f349745.js Show response
x.kinja-static.com/assets/new-client/ 11 KB
3 KB 29ms
7ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~categoryPage~featuredPermalinkPage~frontPage~header~permalinkPage~profilePage~special-sectio~3cdb0c67.ae3fdc054b072f349745.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c0b51b9cf933bb7a58ddf6bd20224f38e9f96e570b074ea6cd9a54f9d244b33c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50
x-cache: HIT
status: 200
content-length: 3090
x-amz-id-2: +rFcOfNbB00sulLycNPolPk4Zpvr9YCJEfEdGHitm2A3kn1vcoN8D45Z5jf6WqrKE214s/7JLPQ=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 17:03:40 GMT
server: AmazonS3
x-timer: S1571949483.637631,VS0,VE0
etag: "a974490adecdd187c4324e8a21565e23"
vary: Accept-Encoding
x-amz-request-id: 421948859873D879
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~categoryPage~featuredPermalinkPage~frontPage~lunchbox-read-only-component~permalinkPage~prof~2d440c6a.829d3f8ba1b91a88e2b9.js Show response
x.kinja-static.com/assets/new-client/ 27 KB
8 KB 28ms
6ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~categoryPage~featuredPermalinkPage~frontPage~lunchbox-read-only-component~permalinkPage~prof~2d440c6a.829d3f8ba1b91a88e2b9.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b93c643aedf4f7b281451fc4ac71a9cf04902afe79bd91a88285aa0161fee831

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18
x-cache: HIT
status: 200
content-length: 7888
x-amz-id-2: TPVNIt4f/2V1e795ceFsbe13KpRVkZ47z5ZG39aWCuYjN2kLo0GYNB0Q0BeKgrIngRmPuT3DfP8=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Wed, 02 Oct 2019 20:48:14 GMT
server: AmazonS3
x-timer: S1571949483.637590,VS0,VE0
etag: "64063efb7dbf2e51685e27188dd54363"
vary: Accept-Encoding
x-amz-request-id: E51046ACEB252D51
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~categoryPage~featuredPermalinkPage~frontPage~lunchbox-read-only-component~permalinkPage~prof~91e5afa6.87cb65792d63c68487bf.js Show response
x.kinja-static.com/assets/new-client/ 16 KB
5 KB 15ms
6ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~categoryPage~featuredPermalinkPage~frontPage~lunchbox-read-only-component~permalinkPage~prof~91e5afa6.87cb65792d63c68487bf.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

055f330096633280430b15a6dcabadb62caad174612659e9f59b38a73e9ae29c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22
x-cache: HIT
status: 200
content-length: 5246
x-amz-id-2: MSue+2VzrvV6sWQazrabNGZjlH8ugymVum007iDAAyzkZFg66jH7lNwpuaZuyozLTrCtpVYyznk=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 17:03:40 GMT
server: AmazonS3
x-timer: S1571949483.637547,VS0,VE0
etag: "3abc177efc09c723e72eccae2572c077"
vary: Accept-Encoding
x-amz-request-id: E09B1724358BA957
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~categoryPage~featuredPermalinkPage~frontPage~login~permalinkPage~profilePage~special-section~1d7e32df.b821660e75df1a75df98.js Show response
x.kinja-static.com/assets/new-client/ 16 KB
4 KB 9ms
6ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~categoryPage~featuredPermalinkPage~frontPage~login~permalinkPage~profilePage~special-section~1d7e32df.b821660e75df1a75df98.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0204a22aad3ad913018d9f2a1d77cbed8582c9cefc74ba4a539a908fa480abc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24
x-cache: HIT
status: 200
content-length: 4094
x-amz-id-2: 2l0pQVATCij99OffLHbFxoY2r432BgK0HA84aBk5XHWAz4a9r3+bKpOQzD5x/JO6er6A+t9U3t8=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 17:03:40 GMT
server: AmazonS3
x-timer: S1571949483.648146,VS0,VE0
etag: "4c30805cd7511e0745e89ece3fd0f9b8"
vary: Accept-Encoding
x-amz-request-id: AFC85EA84748B2BE
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~categoryPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~tagPage~v~f8830c3c.106859632f7cb8e69478.js Show response
x.kinja-static.com/assets/new-client/ 136 KB
31 KB 9ms
6ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~categoryPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~tagPage~v~f8830c3c.106859632f7cb8e69478.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8388a16242e9e9d5d6e341048baae65ed4a001b99c9f363f261c3bdc297570f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82
x-cache: HIT
status: 200
content-length: 31848
x-amz-id-2: z7392r7gdeBB6Avnukgtrz0Wndwh9eRO+LtBCGuj9vpb2FUfmo5reNfqj6xZIfOT9eCFFqr2gZo=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Fri, 18 Oct 2019 15:42:28 GMT
server: AmazonS3
x-timer: S1571949483.648161,VS0,VE1
etag: "0ead5af44a2fd594802b47c968c7f0de"
vary: Accept-Encoding
x-amz-request-id: 254BB9ED6B539345
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~categoryPage~featuredPermalinkPage~frontPage~permalinkPage~profilePage~search~tagPage~videoP~8659f1ad.5d0fa2ac281f328a6172.js Show response
x.kinja-static.com/assets/new-client/ 6 KB
2 KB 9ms
6ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~categoryPage~featuredPermalinkPage~frontPage~permalinkPage~profilePage~search~tagPage~videoP~8659f1ad.5d0fa2ac281f328a6172.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

35d042b76b10bd24015088915482025a9e129c8e42c4bc41bbea56d8a4f7a53d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118
x-cache: HIT
status: 200
content-length: 2264
x-amz-id-2: bMVifv9ZqhI9RUH2kg/6o8mYh9xMN9Fnzt4v7SoU8pp1QFP51NglKUtzgnay5FFzkW8YeXrqxeQ=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Fri, 18 Oct 2019 21:18:27 GMT
server: AmazonS3
x-timer: S1571949483.648127,VS0,VE0
etag: "f5ae1863bfdac8d60d964edf147ae00a"
vary: Accept-Encoding
x-amz-request-id: 9133A7A4C8352D2F
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~categoryPage~featuredPermalinkPage~frontPage~permalinkPage~profilePage~searchPage~tagPage~vi~97c61673.3cc6916f8f0d3783020c.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
1 KB 9ms
8ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~categoryPage~featuredPermalinkPage~frontPage~permalinkPage~profilePage~searchPage~tagPage~vi~97c61673.3cc6916f8f0d3783020c.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9fec1a88f669866c1d1b38746e9ae5d7a68c47fd5d524202e642eceed738d4a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82
x-cache: HIT
status: 200
content-length: 963
x-amz-id-2: /ziZOl9Dd8ihCwAzNqPrZ7Okj11CwYlmnzIXddyhfD0FLUDz54hOt47Yp4YUfHzJSwXsjX0tXTA=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Fri, 27 Sep 2019 16:03:34 GMT
server: AmazonS3
x-timer: S1571949483.649110,VS0,VE0
etag: "b61c94080598714042009dba35ba5bc6"
vary: Accept-Encoding
x-amz-request-id: F9B5FA557B5E7C74
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~categoryPage~featuredPermalinkPage~frontPage~permalinkPage~searchPage~tagPage~videoPermalink~0eda234a.bed6988a5fc77d4a625f.js Show response
x.kinja-static.com/assets/new-client/ 17 KB
6 KB 8ms
7ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~categoryPage~featuredPermalinkPage~frontPage~permalinkPage~searchPage~tagPage~videoPermalink~0eda234a.bed6988a5fc77d4a625f.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1c0ea88c41880d4fc85293e58e1d226c10af9453cba40b6568197b37f8fe8dd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50
x-cache: HIT
status: 200
content-length: 5860
x-amz-id-2: uExf9lxe3Y6FwCq3SzdZqLoP6XpmnhMgNXNjnz18tSGBGhM3K19cL7SAt2DIiX9+Pj9PbhmGJJ8=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Fri, 04 Oct 2019 20:53:28 GMT
server: AmazonS3
x-timer: S1571949483.649100,VS0,VE0
etag: "9ef05d8353c06e3adcb9055cc9cd1ff0"
vary: Accept-Encoding
x-amz-request-id: 266652471BB17BC9
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 categoryPage~experiments~featuredPermalinkPage~footer~frontPage~header~login~lunchbox-read-only-comp~e669ac2b.a3bb34626c27249ed1f8.js Show response
x.kinja-static.com/assets/new-client/ 7 KB
2 KB 8ms
8ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/categoryPage~experiments~featuredPermalinkPage~footer~frontPage~header~login~lunchbox-read-only-comp~e669ac2b.a3bb34626c27249ed1f8.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

07f1fde0834d398c8b8c414a23c01b9074205992474b57511f1a41f95e09377b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101
x-cache: HIT
status: 200
content-length: 1982
x-amz-id-2: 6YEFnFv2VOC5NQSykudnmVnwi1J+fLs0ovsyfn1TJ3SMMu505qU2Q1IICWck+3PU/SJ6zkAvteE=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 19:34:12 GMT
server: AmazonS3
x-timer: S1571949483.649184,VS0,VE0
etag: "b54170afbe57d2ce731ea6eff4a7550e"
vary: Accept-Encoding
x-amz-request-id: 00A2936524A426E1
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 categoryPage~experiments~featuredPermalinkPage~frontPage~header~login~lunchbox-read-only-component~p~dc07fc11.b015fdb4fe8aedc19e0b.js Show response
x.kinja-static.com/assets/new-client/ 9 KB
3 KB 6ms
6ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/categoryPage~experiments~featuredPermalinkPage~frontPage~header~login~lunchbox-read-only-component~p~dc07fc11.b015fdb4fe8aedc19e0b.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

96962befe6be5a1818af198e162ecc61a0b9f5d489ed2dbee1adfb6a9fbd16c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: HIT
status: 200
content-length: 2522
x-amz-id-2: V19donAfwnckHvjBE30ma0DYPkYSfUzT+pk2ciabc3A9IHwieLo+8Cn+8qselwRf5Q8bfdslObg=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 17:03:38 GMT
server: AmazonS3
x-timer: S1571949483.655547,VS0,VE0
etag: "6b595af3826af0d346fd18503a2b61f4"
vary: Accept-Encoding
x-amz-request-id: 26BDD6DDF6AF6A9B
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~resetTo~fcbaa32e.3cd763757c07f7915d0b.js Show response
x.kinja-static.com/assets/new-client/ 68 KB
12 KB 6ms
6ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~resetTo~fcbaa32e.3cd763757c07f7915d0b.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

74cf2ed413b01801dc114aca93edde3dd7a32dbbe721b41fc5e2cf5778ee9a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22
x-cache: HIT
status: 200
content-length: 12304
x-amz-id-2: MqzT7maS4J3C/MOSFoxnNLLcDc3aCBSbeZtEAJXJTxAZLt9P1hYOPsAiy4nJnBPPxz7yjXpSXb4=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 17:03:38 GMT
server: AmazonS3
x-timer: S1571949483.655716,VS0,VE0
etag: "11e8192e97a06fecba851c51215bada3"
vary: Accept-Encoding
x-amz-request-id: 6BB48C1CD83E361A
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 categoryPage~experiments~featuredPermalinkPage~frontPage~header~permalinkPage~profilePage~search~spe~6c3d5ff5.74bc65d13d946708091e.js Show response
x.kinja-static.com/assets/new-client/ 7 KB
2 KB 11ms
10ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/categoryPage~experiments~featuredPermalinkPage~frontPage~header~permalinkPage~profilePage~search~spe~6c3d5ff5.74bc65d13d946708091e.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

36b93e9d04f7932d689aaa39f880647f706ca7cdf1fc78746311f35997b99e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: HIT
status: 200
content-length: 1570
x-amz-id-2: ZEvyDCAxrwv5CuoglPqnaPBVgWJf/PDd5cJpuJBsASRIX+84DBPrMFkP4MVbhgeKxzUgs5tw2y4=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 17:03:38 GMT
server: AmazonS3
x-timer: S1571949483.658489,VS0,VE0
etag: "7ec28d7a6356f2c92bbe7a74b4e3f139"
vary: Accept-Encoding
x-amz-request-id: 8DD1390EFE59ADD8
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~searchP~ff3ba05b.866821854c358d755194.js Show response
x.kinja-static.com/assets/new-client/ 415 KB
80 KB 10ms
9ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~searchP~ff3ba05b.866821854c358d755194.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5c3cb8e671a930fa5fb70990f3cc1f88cb2f1221bff84c077165e3c4a6027974

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109
x-cache: HIT
status: 200
content-length: 81594
x-amz-id-2: zL/O3BvyVk0DP3mgy5o+xfWorZknzWfgt5sPxXWq3iTxZWN+FzA9ipTYY004H+XFKlfUGjT1m9Y=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 19:34:12 GMT
server: AmazonS3
x-timer: S1571949483.658488,VS0,VE1
etag: "e1d003c4b3d68891ad5db3edb1aaec38"
vary: Accept-Encoding
x-amz-request-id: 500496A0A14C5250
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 experiments~featuredPermalinkPage~frontPage~header~permalinkPage~profilePage~special-sections-editor~04c348b4.0020c170abd398f54bbc.js Show response
x.kinja-static.com/assets/new-client/ 23 KB
5 KB 10ms
10ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/experiments~featuredPermalinkPage~frontPage~header~permalinkPage~profilePage~special-sections-editor~04c348b4.0020c170abd398f54bbc.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

aba7a7abc0810f97a439e5734452fdfd6d6dd86086b01ade08df7b878653e6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: HIT
status: 200
content-length: 4832
x-amz-id-2: /1rX1ruJLRn7PMV/uBO93Nll5PRjJwKWL8cHUKc7YkIk/Bgm4X3XAcOFOea1JRvfPhaTpDgfmws=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 17:03:38 GMT
server: AmazonS3
x-timer: S1571949483.658471,VS0,VE0
etag: "7efe1e62e39eddfc1d09827f177ae8a5"
vary: Accept-Encoding
x-amz-request-id: 96DA0806055EDEF9
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 featuredPermalinkPage~lunchbox-read-only-component~permalinkPage~profilePage~search~special-sections~7d7ebb8d.cf6095b748e11ac3a580.js Show response
x.kinja-static.com/assets/new-client/ 265 KB
53 KB 6ms
6ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/featuredPermalinkPage~lunchbox-read-only-component~permalinkPage~profilePage~search~special-sections~7d7ebb8d.cf6095b748e11ac3a580.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3c87983458bd8604b7741ce7612045aa0b04d862cec7921dda047e471d19c16f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11
x-cache: HIT
status: 200
content-length: 54157
x-amz-id-2: dAObh2qijJqe7bi6KjOg7T0KYOjR2DKV54m2vxALdPua4UUywA0eqOeQoeGGk84oXKvk3YW4BTI=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 17:03:38 GMT
server: AmazonS3
x-timer: S1571949483.658457,VS0,VE0
etag: "aa2be599cca704788902e827f3af68ef"
vary: Accept-Encoding
x-amz-request-id: 0C9BEDE17E2B1763
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 permalinkPage.2fa490f1cc8edccdb631.js Show response
x.kinja-static.com/assets/new-client/ 510 KB
74 KB 9ms
9ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/permalinkPage.2fa490f1cc8edccdb631.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4ac2e6dfb13ae41e118a0625585e6eeb4da03e2d37c34aae43d2ff9524075193

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64
x-cache: HIT
status: 200
content-length: 75775
x-amz-id-2: 3xrDnH9Wdw/1IienCib4VHfe4Jy4qmjFPwkofmZCaOyrwNaMQOiTA0nl2LZqZ5Q9q9HcC835MCE=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 17:03:39 GMT
server: AmazonS3
x-timer: S1571949483.662661,VS0,VE1
etag: "73659562548172357d3f277a3a7434df"
vary: Accept-Encoding
x-amz-request-id: 67D7D73B8F2DE541
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 proxima_nova_cond_reg-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ 27 KB
28 KB 47ms
14ms Font
binary/octet-stream 151.101.194.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_reg-webfont.woff2?08252015

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8fe5f0c4bdaf3e031a6172679193e88d3a24c7deb6e3c7e2b2a477061cc1ad81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Origin: https://lifehacker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 84
x-cache: HIT
status: 200
content-length: 28044
x-amz-id-2: 0/jt0a36z/Q9bNT0kmROSWbwE4n2JwkGWGVdZaFbyjjXzfclkqsmcSz1GPDkuUdHSpaOdix18gg=
x-served-by: cache-hhn4073-HHN
last-modified: Thu, 17 Oct 2019 20:45:14 GMT
server: AmazonS3
x-timer: S1571949483.627014,VS0,VE0
etag: "94cbaf403b2922fd6858c812dae091fb"
x-amz-request-id: 012DDF7330DE3343
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: binary/octet-stream
x-cache-hits: 4

GET
H2 200 proxima_nova_cond_sbold-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ 27 KB
28 KB 38ms
6ms Font
binary/octet-stream 151.101.194.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_sbold-webfont.woff2?08252015

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

63125723c148b0c5391dea8c827d96958a6706a542f8b45822904aaefe10c4ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Origin: https://lifehacker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 91
x-cache: HIT
status: 200
content-length: 28136
x-amz-id-2: Byc/VdZOjO5k3wHw+pDlCKR/lVdaDFOoNxLjXYyNMOJxRiTr4bGSpmP+Zif36/8XYhnK6olO5V4=
x-served-by: cache-hhn4073-HHN
last-modified: Wed, 25 Sep 2019 15:25:01 GMT
server: AmazonS3
x-timer: S1571949483.626966,VS0,VE0
etag: "7ac1e4b7ab03f256e831e00e3b5618a6"
x-amz-request-id: F2476240E460D38A
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: binary/octet-stream
x-cache-hits: 4

GET
H2 200 elizabethserif-light-webfont.woff2
f.kinja-static.com/assets/fonts/elizabeth-serif/ 30 KB
31 KB 50ms
17ms Font
binary/octet-stream 151.101.194.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/elizabeth-serif/elizabethserif-light-webfont.woff2?09162015

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

99486805226925c8956af4060209f84d8069fae36333d280a88afa276aecdd97

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Origin: https://lifehacker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 16
x-cache: HIT
status: 200
content-length: 31076
x-amz-id-2: b/QRPl+KgNak597VxOx3jzljOjkyAoO5zfE+9ZzPRyMUf9wXnqqgU1oheWbR0AgfdGJJg558o64=
x-served-by: cache-hhn4073-HHN
last-modified: Tue, 24 Sep 2019 22:04:52 GMT
server: AmazonS3
x-timer: S1571949483.627058,VS0,VE0
etag: "acb4f13c9cdae79df0e584c0a18e6ab3"
x-amz-request-id: 8C06AB3793E1B64C
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: binary/octet-stream
x-cache-hits: 1

GET
H2 200 elizabethserif-bold-webfont.woff2
f.kinja-static.com/assets/fonts/elizabeth-serif/ 30 KB
30 KB 47ms
14ms Font
binary/octet-stream 151.101.194.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/elizabeth-serif/elizabethserif-bold-webfont.woff2?09162015

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d4ace6292bd23af6fe7411fcdd2f1dcbb4be573f6b70ed73dd7bc00e8c480f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Origin: https://lifehacker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 101
x-cache: HIT
status: 200
content-length: 30388
x-amz-id-2: V1kW7Vd061VbLfZovRXVi6194wEcLn0+GGvAov0AaekBWsBGK0Z9c3NK8QZKhLMdLXbFD6d/x18=
x-served-by: cache-hhn4073-HHN
last-modified: Tue, 08 Oct 2019 21:25:09 GMT
server: AmazonS3
x-timer: S1571949483.627021,VS0,VE0
etag: "2b1ea7511974a8a484583bd7cf88edfe"
x-amz-request-id: CBEC745DCC7957D9
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: binary/octet-stream
x-cache-hits: 2

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6770184&ns__t=1571949482627&ns_c=UTF-8&cv=3.1&c8=Did%20You%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%3F&c7=https%3A%2F%2Flifehacker.com%...
https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&ns__t=1571949482627&ns_c=UTF-8&cv=3.1&c8=Did%20You%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%3F&c7=https%3A%2F%2Flifehacker.com...

0
248 B

7ms
7ms

Image
text/plain

23.45.99.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&ns__t=1571949482627&ns_c=UTF-8&cv=3.1&c8=Did%20You%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%3F&c7=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&c9=
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.99.242 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-99-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Oct 2019 20:38:02 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&ns__t=1571949482627&ns_c=UTF-8&cv=3.1&c8=Did%20You%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%3F&c7=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&c9=
Pragma: no-cache
Date: Thu, 24 Oct 2019 20:38:02 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
484 B 27ms
14ms XHR
application/json 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://lifehacker.com
access-control-expose-headers: content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 scroll.js Show response
static.scroll.com/js/ 32 KB
12 KB 66ms
6ms Script
application/javascript 151.101.114.217
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scroll.com/js/scroll.js
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/trackers.8eff1606388428485926.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7761cb0b5bc6c17c2c583966e964398507ac882a020c4fe858cfb0c28bafbd1f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: gzip
age: 610
x-guploader-uploadid: AEnB2UrkjmySoP1CSuZONPY3Nxglsb5CoJC7Lb5_ins6wobofCsOh-9aolvA3zcc_31RmX4rksjnaOw3SWvUcluQt7I_S7etNjl-kR5ibLwc1BDdQK4uSu4
x-cache: HIT
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 11455
x-served-by: cache-hhn4054-HHN
last-modified: Wed, 23 Oct 2019 23:27:43 GMT
server: UploadServer
x-timer: S1571949483.711555,VS0,VE0
etag: "4b72fcb823a3e8eb83e031d77c903e9f"
vary: Accept-Encoding
x-goog-hash: crc32c=/hbBRw==, md5=S3L8uCOj6OuD4DHXfJA+nw==
x-goog-generation: 1571873263220663
via: 1.1 varnish
expires: Thu, 24 Oct 2019 00:27:45 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 11455
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 79

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 77 KB
22 KB 28ms
8ms Script
application/javascript 13.225.86.250
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/trackers.8eff1606388428485926.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 320fbafd7a6d83d1926e7d58351b51e518f821d496831257459728e5967be7e2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 18:08:35 GMT
content-encoding: gzip
server: Server
age: 8967
etag: f1f87e821f3480c3474c81fb3e8c7a81
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: SmgePqciCyXX_J9mcCwT5qPFNw69dEs_B_mPqfl-CevnBT_UOEBcdg==
via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 35 KB
14 KB 26ms
7ms Script
application/x-javascript 2600:9000:200c:a600:18:1fcd:349:ca21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/trackers.8eff1606388428485926.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:a600:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 99fd27cd410417b5633d3fc37196751afc4b3f9ffa5853dedb73cfcb3e810d7c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 18:47:26 GMT
content-encoding: gzip
last-modified: Thu, 01 Aug 2019 01:56:46 GMT
server: nginx
age: 6636
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA2
x-amz-cf-id: 48-oyElnBhhIkA_EIdfSyQjBHrAyqbKt_IhIzW_qSxnxynXaQq_Dkw==
via: 1.1 7c2d73d3cd46e357090188fa2946f746.cloudfront.net (CloudFront)
expires: Thu, 24 Oct 2019 20:47:26 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 105 KB
23 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/trackers.8eff1606388428485926.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

4a20573a119be08423ad723eee0545a7de9d7aa82c70d901056e68db1c390539

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 23572
x-xss-protection: 0
pragma: public
x-fb-debug: ulQRA5/23NQRsZ1OJeCpMdR6PBhbxPdlS7jXdeRuXS3iiv9u+oODkZvH/WRfjcBHWGnpEJkH6VLMKfDBlPySDA==
x-fb-trip-id: 1850256238
x-frame-options: DENY
date: Thu, 24 Oct 2019 20:38:02 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 19 KB
6 KB 26ms
8ms Script
application/javascript 52.85.183.133
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/trackers.8eff1606388428485926.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.183.133 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-183-133.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e9324325e7bad86597c91ee8cf9e7f6bc0b83c6e03f29415e48511d19e64856

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 17:06:05 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 21 Oct 2019 17:06:03 GMT
Server: AmazonS3
Age: 271918
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 017ee4b2e5ba6b7a7dd1443f39b6e832.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50
X-Amz-Cf-Id: J_s9OtpMzPYCoNr99mFDLuNUn-J_L7uPGkNgnhShxtb_7lD6lHho_Q==

GET
H2 200 33330X911647.skimlinks.js Show response
s.skimresources.com/js/ 38 KB
15 KB 27ms
9ms Script
application/octet-stream 151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/33330X911647.skimlinks.js
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/trackers.8eff1606388428485926.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4128833648b0ffd9e7192aff7c6081be634ec23dd06a9fafdd7d4fd00dfee531

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: gzip
last-modified: Thu, 24 Oct 2019 10:25:04 GMT
server: AmazonS3
x-amz-request-id: 333ABD30EA4D7840
etag: "0def8554a6a9342ac562bf573b83ca6d"
x-hw: 1571949482.cds085.fr8.hn,1571949482.cds053.fr8.c
content-type: application/octet-stream
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 14781
x-amz-id-2: jF/WOnvS72O6RoayhJGxJnyKATLqQE6Bxdtja1LqRCqtgnDn6lOmHsTHErakZTUpyACeya8sj1w=

GET
H/1.1 200
OK gallery.js Show response
kinja-com.videoplayerhub.com/ 97 KB
24 KB 65ms
7ms Script
application/javascript 143.204.101.16
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://kinja-com.videoplayerhub.com/gallery.js
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/trackers.8eff1606388428485926.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.16 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-16.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dc37302d38cff6f27868f9a6fb4898ab989987ac3cb25a8c048e70256b074d3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: O4RGIHITc0bJG7ELQWtl.x4mivab7y7o
Content-Encoding: gzip
Last-Modified: Thu, 24 Oct 2019 16:33:24 GMT
Server: AmazonS3
Age: 60
Date: Thu, 24 Oct 2019 20:37:03 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 9xXiaOcH9LK30z9Z5y8Yt0Ha3fjbmdcz3yRasUw1dwLoDM2E4d4N0w==

GET
H/1.1 200
OK sambaTag.js Show response
tag.mtrcs.samba.tv/v3/tag/fmg/homepage/ 3 KB
4 KB 83ms
16ms Script
application/javascript 13.225.78.102
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.mtrcs.samba.tv/v3/tag/fmg/homepage/sambaTag.js
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/trackers.8eff1606388428485926.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.102 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-102.fra2.r.cloudfront.net
Software: gunicorn/19.9.0 /
Resource Hash: 5e0623b057ba1f3f6d51959f1cc3d71029410f7f336bbf758cc66d6c750bd896

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 17:03:53 GMT
Via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
Server: gunicorn/19.9.0
Age: 12849
X-Cache: Hit from cloudfront
P3P: CP="This is not a P3P policy! See https://samba.tv/legal/privacy-policy/ for more info."
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Amz-Cf-Pop: FRA2-C2
Content-Type: application/javascript
Access-Control-Allow-Headers: Content-Type
Content-Length: 3046
X-Amz-Cf-Id: UGiG0XrO-EhJHR7XC62dJcEO6rwA6UJDpL4ca9RLsIZJQSpBfvUI7Q==

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 366 KB
116 KB 65ms
22ms Script
application/javascript 2606:4700::6810:4b33
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tinypass.com/api/tinypass.min.js
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/trackers.8eff1606388428485926.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4b33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46e39eae2a2d0baacdb5e6ff588d14c31219dc8b00a1a113872cf3633c24ea72

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
cf-cache-status: HIT
age: 205
p3p: CP="NON DSP COR OUR IND"
status: 200
wn: prod-dash-10-0-2-198
last-modified: Thu, 24 Oct 2019 01:55:22 GMT
server: cloudflare
etag: W/"374409-1571882122000-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 52aec08afe66cb98-VIE
expires: Thu, 24 Oct 2019 20:43:02 GMT

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 31ms
12ms Script
application/javascript 2606:4700:e2::ac40:8e05
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/trackers.8eff1606388428485926.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8e05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
cf-cache-status: HIT
age: 6160
status: 200
x-amz-request-id: 2F019AAC25A8CEA8
x-amz-id-2: nY3Hx29aKBdeKNA1fZ/bXvJAoY/pUOgFH0xoBhlQkCZrOqDQphq3HBpLw8YYRqJ8QX9Z875bJWM=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=28800
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray: 52aec08adc579814-FRA
expires: Fri, 25 Oct 2019 04:38:02 GMT

GET
H2 200 DFP_Audience_Pixel;dc_seg=22540930;blog=lifehacker;ord=1
pubads.g.doubleclick.net/activity;dc_iu=/4246/ 42 B
394 B 165ms
146ms Image
image/gif 216.58.207.66
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/4246/DFP_Audience_Pixel;dc_seg=22540930;blog=lifehacker;ord=1?

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-803450h&cg=0&cc=1&si=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&rp=&ts=compact&rnd=157194948...
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-803450h&cg=0&cc=1&si=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&rp=&ts=compact&rnd=157194948...

44 B
332 B

200ms
200ms

Image
image/gif

52.48.220.206
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-803450h&cg=0&cc=1&si=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&rp=&ts=compact&rnd=1571949482656&ja=1
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.220.206 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-48-220-206.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
server: nginx
status: 200
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:02 GMT
server: nginx
status: 302
location: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-803450h&cg=0&cc=1&si=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&rp=&ts=compact&rnd=1571949482656&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
260 B 115ms
57ms Image
image/gif 99.81.228.121
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=5zq9nmk&ct=0:ngtk7da&fmt=3
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.228.121 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-81-228-121.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Thu, 24 Oct 2019 20:38:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 ijs_all_modules_d69e5cee1bb28009159dc29dcdf2cad4.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 347 KB
87 KB 35ms
6ms Script
text/javascript 34.98.72.95
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_d69e5cee1bb28009159dc29dcdf2cad4.js
Requested by: Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/3646/i.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.98.72.95 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 61d6331496619d60a04b895636cc2db8fd1cf3f42d84721b8632f938648a0d71

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 03:31:37 GMT
content-encoding: gzip
age: 61585
x-guploader-uploadid: AEnB2Up78eEVu49_etYRL2ctlIGq0QHPeVe-RB5gnJsqrW2KNbRoCieM0sKY1y0SuBsRCibi6NpYuOZm2jrfNeotM7BHE1Gxmg
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 88597
last-modified: Tue, 08 Oct 2019 17:56:42 GMT
server: UploadServer
etag: "5fe788842e5fc3a77266e32ae5d6002a"
vary: Accept-Encoding
x-goog-hash: crc32c=LEthAA==, md5=X+eIhC5fw6dyZuMq5dYAKg==
x-goog-generation: 1570557402368012
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-goog-stored-content-length: 88597
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 23 Oct 2020 03:31:37 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 47 KB
15 KB 15ms
14ms Script
text/javascript 216.58.207.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/ads.d55c919fead71a11fb7b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

sffe /

Resource Hash

8c3a9972cace87cc133ca8ac1222fde007104d758534a9bbecef3a0bf31f8012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "317 / 847 of 1000 / last-modified: 1571936626"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14902
x-xss-protection: 0
expires: Thu, 24 Oct 2019 20:38:02 GMT

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/azlGdEo2ybypaicXgYmCPl0PYzY/gpt_and_prebid/ 112 KB
27 KB 19ms
6ms Script
text/javascript 151.101.113.194
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/azlGdEo2ybypaicXgYmCPl0PYzY/gpt_and_prebid/config.js
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/ads.d55c919fead71a11fb7b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01b56a4fafc76f5e789b0a139e63df462020e7a67c4d5155fe9917ef890bf1dd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:02 GMT
Content-Encoding: gzip
Age: 3147
X-Cache: HIT
Connection: keep-alive
Content-Length: 27177
x-amz-id-2: +P2W5p2cYSmPpH3oVYm6tAdyUeN/tsxI252UFDuuteyFIDN/71DV/9Oft6RCDVij3NiVIu99E0A=
X-Served-By: cache-hhn4071-HHN
Last-Modified: Thu, 24 Oct 2019 19:42:41 GMT
Server: AmazonS3
X-Timer: S1571949483.728972,VS0,VE0
ETag: "dcc66fca90d2c2d803bcd53a22650430"
x-amz-request-id: 208A3C07790E11A1
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 71

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
413 B 28ms
14ms XHR
application/json 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://lifehacker.com
access-control-expose-headers: content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 217700348616695 Show response
connect.facebook.net/signals/config/ 282 KB
66 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/217700348616695?v=2.9.8&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

ac07b4658c23dff21b79605198b44f0bee09246e4541f0cbbc80bf34258f9d2b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 66725
x-xss-protection: 0
pragma: public
x-fb-debug: t7rqjfUyObRM00PLDOxfp9IKFKZpbJGtU/lmxd3RSYgBScqB+0/PXVq7HzpAVBIaHqs6HRHYYW7hoHgjinKcag==
x-fb-trip-id: 1850256238
x-frame-options: DENY
date: Thu, 24 Oct 2019 20:38:02 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 297ms
120ms Image
image/gif 52.3.64.39
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=lifehacker.com&p=%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&u=DL5NniDyN_9FDff_BL&d=lifehacker.com&g=3012&g0=lifehacker.com&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=2807&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=331&t=Bws83cwcoNlBCThHQBKkEtLCQ33zK&V=116&i=Make%20Sure%20You%20Didn%27t%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps&tz=-120&sn=1&sv=CIIbShDzf4cCBDPF1dDujPImBTfEAZ&sd=1&im=067b0ff3&_
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.64.39 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-3-64-39.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Thu, 24 Oct 2019 20:38:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 px.gif
p.skimresources.com/ 43 B
472 B 13ms
12ms Image
image/gif 151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=3.444632667020376
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: UploadServer /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-goog-hash: crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
date: Thu, 24 Oct 2019 20:38:02 GMT
x-guploader-uploadid: AEnB2UplLt0pkvaL8QZMLq8-BThzYhWoGcvMPHT1E8miCSQHdDp6kfmNLib8uEjPGRSn_RSaBpvrvesAFbV8u_6GwqqwO1Z2Ng
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Tue, 23 Oct 2018 13:19:28 GMT
server: UploadServer
etag: "f837aa60b6fe83458f790db60d529fc9"
x-hw: 1571949482.cds085.fr8.hn,1571949482.cds054.fr8.c
x-goog-generation: 1540300768038458
cache-control: public, max-age=7200
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
107 B 15ms
13ms Image
image/gif 151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=3.444632667020376
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: UploadServer /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-goog-hash: crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
date: Thu, 24 Oct 2019 20:38:02 GMT
x-guploader-uploadid: AEnB2UplLt0pkvaL8QZMLq8-BThzYhWoGcvMPHT1E8miCSQHdDp6kfmNLib8uEjPGRSn_RSaBpvrvesAFbV8u_6GwqqwO1Z2Ng
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Tue, 23 Oct 2018 13:19:28 GMT
server: UploadServer
etag: "f837aa60b6fe83458f790db60d529fc9"
x-hw: 1571949482.cds085.fr8.hn,1571949482.cds054.fr8.c
x-goog-generation: 1540300768038458
cache-control: public, max-age=7200
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 21ms
7ms XHR
application/javascript 13.225.86.250
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 18:18:07 GMT
content-encoding: gzip
vary: Origin
age: 8396
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Sat, 19 Oct 2019 18:03:24 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: N_d6GPdl23VrvES3wXFbtvpMnhUGQe8Eje3Te11Slbg1lqecZ0fZ6w==

POST
H2 200 check Show response
connect.scroll.com/embed/ 0
194 B 158ms
116ms XHR
application/json 35.201.68.171
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.scroll.com/embed/check

Requested by

Host: static.scroll.com
URL: https://static.scroll.com/js/scroll.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.201.68.171 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

171.68.201.35.bc.googleusercontent.com

Software

Jetty(9.4.z-SNAPSHOT) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https: http:;

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 google
server: Jetty(9.4.z-SNAPSHOT)
status: 200
content-type: application/json;charset=utf-8
access-control-allow-origin: https://lifehacker.com
access-control-allow-credentials: true
content-security-policy: frame-ancestors https: http:;
alt-svc: clear
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
656 B 27ms
15ms Script
application/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=lifehacker.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
656 B 27ms
14ms Script
application/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=lifehacker.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019101701.js Show response
securepubads.g.doubleclick.net/gpt/ 157 KB
57 KB 14ms
14ms Script
text/javascript 216.58.207.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

sffe /

Resource Hash

ee9b85b63056ee85dac06408a3c33c0765f827efb47bfedf10fe266ee4566e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Oct 2019 13:06:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 58640
x-xss-protection: 0
expires: Thu, 24 Oct 2019 20:38:02 GMT

GET
H2 200 initSubscribePopover.7a607e87588f651c686f.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
1 KB 6ms
6ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/initSubscribePopover.7a607e87588f651c686f.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.340ea00a61fa23aa5d63.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0f2baecff40f7dee3e8433e6a050cc0343b82232578904959fcb4c19a1388d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117
x-cache: HIT
status: 200
content-length: 1040
x-amz-id-2: rbxI+4MJqk0Gvq7jzcVekw33JgJwgFUUV/XRdxpKjcaV8YUmKooEDF519/g49Kcd/NkIILHmhP4=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 01:33:35 GMT
server: AmazonS3
x-timer: S1571949483.955766,VS0,VE0
etag: "ab273235b128752f98518ff5c4ed1652"
vary: Accept-Encoding
x-amz-request-id: 6BB55161545D1D66
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 header~second-scroll~special-sections-editor~subscribe~videoAdminPage.84613ede4b3cd795c294.js Show response
x.kinja-static.com/assets/new-client/ 17 KB
4 KB 6ms
6ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/header~second-scroll~special-sections-editor~subscribe~videoAdminPage.84613ede4b3cd795c294.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.340ea00a61fa23aa5d63.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a0e4915c21a39353fed9f698e5d1453941e7cd39bd0ec2ec622dbada67de4ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117
x-cache: HIT
status: 200
content-length: 4068
x-amz-id-2: yDaHO9cdTrCTyOnqPs3HzTotWS0BJOKPG/ezhGGuSf4LyKmP2sFTQC1kUdgIoeWEQ0cg2jydcns=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 17:03:39 GMT
server: AmazonS3
x-timer: S1571949483.956080,VS0,VE0
etag: "dd8c308e64464229d96b10207f9408fc"
vary: Accept-Encoding
x-amz-request-id: 5C0454FE0DFA6434
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 header~second-scroll~subscribe.51900aba1809ccba1753.js Show response
x.kinja-static.com/assets/new-client/ 14 KB
4 KB 7ms
7ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/header~second-scroll~subscribe.51900aba1809ccba1753.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.340ea00a61fa23aa5d63.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

de5d79ff10b655d17e4025c752678fe84831ab8781ca423011abe027ef2f3a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16
x-cache: HIT
status: 200
content-length: 4042
x-amz-id-2: k1+KacwgoRgYARWQ+kfDw8YuE+/8osOaVmPpaiqfXKTg+PAj8w3DGKB28p5e8OROLKd4YaVz78A=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 01:33:35 GMT
server: AmazonS3
x-timer: S1571949483.956453,VS0,VE0
etag: "3f10b826110efa43afd4048311665f67"
vary: Accept-Encoding
x-amz-request-id: 67B1396BEB847CDE
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 subscribe.e435302c00289765bf13.js Show response
x.kinja-static.com/assets/new-client/ 11 KB
3 KB 6ms
6ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/subscribe.e435302c00289765bf13.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.340ea00a61fa23aa5d63.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2ce2a8d145c332d391a775c5d2a42c653453c2049e863c1a425b23cfca229996

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117
x-cache: HIT
status: 200
content-length: 2808
x-amz-id-2: adLx8+490k8w2hqcgTgaIOPfIDo/iso3pCv3Lhh2wHRH7AuDfn/Xc9b/jFpHd9VbgsmPevE8dcA=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 17:03:39 GMT
server: AmazonS3
x-timer: S1571949483.956461,VS0,VE0
etag: "fc2179aa147807dd8268c6cb8bc38470"
vary: Accept-Encoding
x-amz-request-id: 5D1C601FBE04B6D7
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 setbucket
deadspin.com/ Frame 42B2 0
0 7ms
6ms Document
text/html 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://deadspin.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~ed35fe7a.304e73272c6dba7971d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

:method: GET
:authority: deadspin.com
:scheme: https
:path: /setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Response headers

status: 200
server: Varnish
retry-after: 0
content-type: text/html; charset=utf-8
x-robots-tag: noindex
set-cookie: KinjaBucket=d;path=/;Max-Age=31536000;domain=deadspin.com; geocc=DE;path=/;
accept-ranges: bytes
date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish
x-served-by: cache-fra19179-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1571949483.965515,VS0,VE0
x-feature-hash: eu_disabled=on
content-length: 0

GET
H2 200 setbucket
gizmodo.com/ Frame 4B74 0
0 8ms
7ms Document
text/html 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://gizmodo.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~ed35fe7a.304e73272c6dba7971d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

:method: GET
:authority: gizmodo.com
:scheme: https
:path: /setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Response headers

status: 200
server: Varnish
retry-after: 0
content-type: text/html; charset=utf-8
x-robots-tag: noindex
set-cookie: KinjaBucket=d;path=/;Max-Age=31536000;domain=gizmodo.com; geocc=DE;path=/;
accept-ranges: bytes
date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish
x-served-by: cache-fra19179-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1571949483.965507,VS0,VE0
x-feature-hash: eu_disabled=on
content-length: 0

GET
H2 200 setbucket
jalopnik.com/ Frame FFEE 0
0 7ms
6ms Document
text/html 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://jalopnik.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~ed35fe7a.304e73272c6dba7971d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

:method: GET
:authority: jalopnik.com
:scheme: https
:path: /setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Response headers

status: 200
server: Varnish
retry-after: 0
content-type: text/html; charset=utf-8
x-robots-tag: noindex
set-cookie: KinjaBucket=d;path=/;Max-Age=31536000;domain=jalopnik.com; geocc=DE;path=/;
accept-ranges: bytes
date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish
x-served-by: cache-fra19179-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1571949483.966611,VS0,VE0
x-feature-hash: eu_disabled=on
content-length: 0

GET
H2 200 setbucket
jezebel.com/ Frame 80EF 0
0 7ms
6ms Document
text/html 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://jezebel.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~ed35fe7a.304e73272c6dba7971d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

:method: GET
:authority: jezebel.com
:scheme: https
:path: /setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Response headers

status: 200
server: Varnish
retry-after: 0
content-type: text/html; charset=utf-8
x-robots-tag: noindex
set-cookie: KinjaBucket=d;path=/;Max-Age=31536000;domain=jezebel.com; geocc=DE;path=/;
accept-ranges: bytes
date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish
x-served-by: cache-fra19179-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1571949483.968394,VS0,VE0
x-feature-hash: eu_disabled=on
content-length: 0

GET
H2 200 setbucket
kotaku.com/ Frame 9505 0
0 7ms
6ms Document
text/html 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://kotaku.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~ed35fe7a.304e73272c6dba7971d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

:method: GET
:authority: kotaku.com
:scheme: https
:path: /setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Response headers

status: 200
server: Varnish
retry-after: 0
content-type: text/html; charset=utf-8
x-robots-tag: noindex
set-cookie: KinjaBucket=d;path=/;Max-Age=31536000;domain=kotaku.com; geocc=DE;path=/;
accept-ranges: bytes
date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish
x-served-by: cache-fra19179-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1571949483.969780,VS0,VE0
x-feature-hash: eu_disabled=on
content-length: 0

GET
H2 200 setbucket Show response
lifehacker.com/ Frame 8ADA 0
103 B 6ms
6ms Document
text/html 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://lifehacker.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~ed35fe7a.304e73272c6dba7971d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: lifehacker.com
:scheme: https
:path: /setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
accept-encoding: gzip, deflate, br
cookie: geocc=DE; KinjaBucket=d; KinjaSetBucket=d|1571949300|ivorHHro/znZWWFc7qfCoZN7gJ527B+melTd4OVnl60=; AMP_TOKEN=%24RETRIEVING; pageDepth=1; _cb_ls=1; _cb=DL5NniDyN_9FDff_BL; _chartbeat2=.1571949482749.1571949482749.1.CIIbShDzf4cCBDPF1dDujPImBTfEAZ.1; _cb_svref=null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Response headers

status: 200
server: Varnish
retry-after: 0
content-type: text/html; charset=utf-8
x-robots-tag: noindex
set-cookie: KinjaBucket=d;path=/;Max-Age=31536000;domain=lifehacker.com;
accept-ranges: bytes
date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish
x-served-by: cache-fra19179-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1571949483.969273,VS0,VE0
x-feature-hash: eu_disabled=on
content-length: 0

GET
H2 200 setbucket
theroot.com/ Frame D97D 0
0 12ms
5ms Document
text/html 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://theroot.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~ed35fe7a.304e73272c6dba7971d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

:method: GET
:authority: theroot.com
:scheme: https
:path: /setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Response headers

status: 200
server: Varnish
retry-after: 0
content-type: text/html; charset=utf-8
x-robots-tag: noindex
set-cookie: KinjaBucket=d;path=/;Max-Age=31536000;domain=theroot.com; geocc=DE;path=/;
accept-ranges: bytes
date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish
x-served-by: cache-fra19179-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1571949483.977117,VS0,VE0
x-feature-hash: eu_disabled=on
content-length: 0

GET
H2 200 setbucket
avclub.com/ Frame 7E5A 0
0 94ms
6ms Document
text/html 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://avclub.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~ed35fe7a.304e73272c6dba7971d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

:method: GET
:authority: avclub.com
:scheme: https
:path: /setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Response headers

status: 200
server: Varnish
retry-after: 0
content-type: text/html; charset=utf-8
x-robots-tag: noindex
set-cookie: KinjaBucket=d;path=/;Max-Age=31536000;domain=avclub.com; geocc=DE;path=/;
accept-ranges: bytes
date: Thu, 24 Oct 2019 20:38:03 GMT
via: 1.1 varnish
x-served-by: cache-fra19179-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1571949483.061283,VS0,VE0
x-feature-hash: eu_disabled=on
content-length: 0

GET
H2 200 setbucket
clickhole.com/ Frame 52A7 0
0 7ms
6ms Document
text/html 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://clickhole.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~ed35fe7a.304e73272c6dba7971d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

:method: GET
:authority: clickhole.com
:scheme: https
:path: /setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Response headers

status: 200
server: Varnish
retry-after: 0
content-type: text/html; charset=utf-8
x-robots-tag: noindex
set-cookie: KinjaBucket=d;path=/;Max-Age=31536000;domain=clickhole.com; geocc=DE;path=/;
accept-ranges: bytes
date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish
x-served-by: cache-fra19179-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1571949483.977478,VS0,VE0
x-feature-hash: eu_disabled=on
content-length: 0

GET
H2 200 setbucket
theinventory.com/ Frame 0919 0
0 7ms
6ms Document
text/html 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://theinventory.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~ed35fe7a.304e73272c6dba7971d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

:method: GET
:authority: theinventory.com
:scheme: https
:path: /setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Response headers

status: 200
server: Varnish
retry-after: 0
content-type: text/html; charset=utf-8
x-robots-tag: noindex
set-cookie: KinjaBucket=d;path=/;Max-Age=31536000;domain=theinventory.com; geocc=DE;path=/;
accept-ranges: bytes
date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish
x-served-by: cache-fra19179-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1571949483.977467,VS0,VE0
x-feature-hash: eu_disabled=on
content-length: 0

GET
H2 200 setbucket
theonion.com/ Frame 2CE2 0
0 7ms
6ms Document
text/html 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://theonion.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~ed35fe7a.304e73272c6dba7971d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

:method: GET
:authority: theonion.com
:scheme: https
:path: /setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Response headers

status: 200
server: Varnish
retry-after: 0
content-type: text/html; charset=utf-8
x-robots-tag: noindex
set-cookie: KinjaBucket=d;path=/;Max-Age=31536000;domain=theonion.com; geocc=DE;path=/;
accept-ranges: bytes
date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish
x-served-by: cache-fra19179-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1571949483.979491,VS0,VE0
x-feature-hash: eu_disabled=on
content-length: 0

GET
H2 200 setbucket
thetakeout.com/ Frame BA91 0
0 81ms
6ms Document
text/html 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://thetakeout.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~ed35fe7a.304e73272c6dba7971d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

:method: GET
:authority: thetakeout.com
:scheme: https
:path: /setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Response headers

status: 200
server: Varnish
retry-after: 0
content-type: text/html; charset=utf-8
x-robots-tag: noindex
set-cookie: KinjaBucket=d;path=/;Max-Age=31536000;domain=thetakeout.com; geocc=DE;path=/;
accept-ranges: bytes
date: Thu, 24 Oct 2019 20:38:03 GMT
via: 1.1 varnish
x-served-by: cache-fra19179-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1571949483.061316,VS0,VE0
x-feature-hash: eu_disabled=on
content-length: 0

GET
H2 200 setbucket
kinjadeals.theinventory.com/ Frame C940 0
0 69ms
67ms Document
text/html 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://kinjadeals.theinventory.com/setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~ed35fe7a.304e73272c6dba7971d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

:method: GET
:authority: kinjadeals.theinventory.com
:scheme: https
:path: /setbucket?signature=d%7C1571949300%7CivorHHro%2FznZWWFc7qfCoZN7gJ527B%2BmelTd4OVnl60%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
accept-encoding: gzip, deflate, br
cookie: KinjaBucket=d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Response headers

status: 200
server: Varnish
retry-after: 0
content-type: text/html; charset=utf-8
x-robots-tag: noindex
set-cookie: KinjaBucket=d;path=/;Max-Age=31536000;domain=theinventory.com; geocc=DE;path=/;
accept-ranges: bytes
date: Thu, 24 Oct 2019 20:38:02 GMT
via: 1.1 varnish
x-served-by: cache-fra19179-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1571949483.990202,VS0,VE0
x-feature-hash: eu_disabled=on
content-length: 0

GET
H2 200 header~second-scroll~top-bar.8ad4dbb62171dea6b6b7.js Show response
x.kinja-static.com/assets/new-client/ 10 KB
3 KB 70ms
67ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/header~second-scroll~top-bar.8ad4dbb62171dea6b6b7.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.340ea00a61fa23aa5d63.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2123bab9d264a14db1468cd737bfa7a634283dbf90dbb7b9c740b252e6dde592

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1
x-cache: HIT
status: 200
content-length: 3253
x-amz-id-2: zEnboi1CQQ2b586cvBbtHun01r0ZrFXOul4mJCH+r9J11DyYdurJZ9VDIPZolMiaxGIrFqrd3IU=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Wed, 09 Oct 2019 09:33:54 GMT
server: AmazonS3
x-timer: S1571949483.987175,VS0,VE0
etag: "eefeb58cb6980ffa3c967f0baf08309e"
vary: Accept-Encoding
x-amz-request-id: 55228ED65052F8EF
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 top-bar.59ce8378bba798b2a99d.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
1 KB 72ms
68ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/top-bar.59ce8378bba798b2a99d.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.340ea00a61fa23aa5d63.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0896770e642d7cbc933fc31e274f332179f05a61418bd7ed0eb9df91bcd4dcd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109
x-cache: HIT
status: 200
content-length: 919
x-amz-id-2: e36dojGAGDO3cn4GK1ELyo7fSWwLZsZ0qCfj/r6DRqpQpnX77w1ffj7W/+CNQMs7StJg2tLWDY0=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 01:33:36 GMT
server: AmazonS3
x-timer: S1571949483.987217,VS0,VE0
etag: "73446a916462f98ee1de4f91a84b0ae3"
vary: Accept-Encoding
x-amz-request-id: 9A8FF08B475076C8
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 vendors~header.26d05940b8ca7a6b178d.js Show response
x.kinja-static.com/assets/new-client/ 5 KB
2 KB 71ms
68ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~header.26d05940b8ca7a6b178d.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.340ea00a61fa23aa5d63.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4ad586a287d58a0e1ef9347b92a3bd57622d8a08d98b0304d181f54e23d6837a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117
x-cache: HIT
status: 200
content-length: 2058
x-amz-id-2: nZ4+LMDs55lrwluOVEoR+lFkMFQx3TxsYbIJTZqCPqdyCELbKAYHECFZnr1tewgQbAB02tnktq0=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 17:03:40 GMT
server: AmazonS3
x-timer: S1571949483.987215,VS0,VE0
etag: "31c973703ce62fc8e9d1a31ef4e910cf"
vary: Accept-Encoding
x-amz-request-id: 943EBFE72D129D53
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 footer~header~special-sections-editor.d4a25ee7bb3f0f1c38f7.js Show response
x.kinja-static.com/assets/new-client/ 75 KB
19 KB 72ms
69ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/footer~header~special-sections-editor.d4a25ee7bb3f0f1c38f7.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.340ea00a61fa23aa5d63.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0db44590a2862777e5d7426a6b7132f5141c8f96514d97126507b363a504c98c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117
x-cache: HIT
status: 200
content-length: 19145
x-amz-id-2: 0l91P4DRHktY4Lw2McA9Y4rCRMSrb1lOHQrKzTyCa7++/A5+0Uf6oTSe6SDxlw5pKLbZI3XKDpU=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Wed, 09 Oct 2019 14:28:51 GMT
server: AmazonS3
x-timer: S1571949483.987328,VS0,VE1
etag: "7efd42ab06bcc9e5d31b8e901cc0b70f"
vary: Accept-Encoding
x-amz-request-id: 5AE7B7E47A8786FC
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 header~second-scroll.2414e29116d51ae1e717.js Show response
x.kinja-static.com/assets/new-client/ 15 KB
3 KB 72ms
69ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/header~second-scroll.2414e29116d51ae1e717.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.340ea00a61fa23aa5d63.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6536179e59dd752b710ca18dd5e7f60f19e9a9f2539b59a83a658047eea0aa1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81
x-cache: HIT
status: 200
content-length: 2415
x-amz-id-2: MtrBTBWh52qtq61IDCh/M7zdES48Qxt59ksmdxKJc+pA7bjBKu08m5vbIHsEbQ7pfukfqL0UgYU=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 17 Oct 2019 20:43:34 GMT
server: AmazonS3
x-timer: S1571949483.987297,VS0,VE1
etag: "d136bc1201241e42569a5f762842935c"
vary: Accept-Encoding
x-amz-request-id: 10BCA19389E01095
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 footer~header.983edc3bc649e11a6800.js Show response
x.kinja-static.com/assets/new-client/ 12 KB
3 KB 70ms
68ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/footer~header.983edc3bc649e11a6800.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.340ea00a61fa23aa5d63.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6c8c19fe5d9f5d4663735ec950cbe194a1c0dbfb5b708ffbc2c5a28e784d71cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1
x-cache: HIT
status: 200
content-length: 3182
x-amz-id-2: px3s538oh4++72/3u1bt0kNA2Qeaw4KDI6LxEgOTpYKRYlV60Km+QxTlMjwQGKRgrv0yt9dV9cQ=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 17 Oct 2019 20:43:34 GMT
server: AmazonS3
x-timer: S1571949483.987309,VS0,VE0
etag: "8c480d79a8f937ae30baf2326655e132"
vary: Accept-Encoding
x-amz-request-id: 394937C5B7C5D8C6
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 header~search.dd01c3142b0709ee0534.js Show response
x.kinja-static.com/assets/new-client/ 12 KB
3 KB 8ms
7ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/header~search.dd01c3142b0709ee0534.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.340ea00a61fa23aa5d63.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8022232d98174fcda53732d2a26b2c01dc5e377336172a0cbdab397a69afedeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87
x-cache: HIT
status: 200
content-length: 2684
x-amz-id-2: sLF5w3nqLD2B9NiE1fftEoVWMgqIMCv3oTG2y9d7tL9bpyUaTADrJW3qbF01DiWNxFV9WfXps0Y=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 13:23:30 GMT
server: AmazonS3
x-timer: S1571949483.061271,VS0,VE0
etag: "37641d79c0c0c58edb70f0479e167be2"
vary: Accept-Encoding
x-amz-request-id: E8DCAC9AEA934619
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 customHeader~header.74c2cd9677144a189c28.js Show response
x.kinja-static.com/assets/new-client/ 9 KB
2 KB 9ms
7ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/customHeader~header.74c2cd9677144a189c28.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.340ea00a61fa23aa5d63.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

38141a7f0041a7e0cdedc4da1a1040cf1b1a48e82f2202d6e44d8bf8377ca319

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95
x-cache: HIT
status: 200
content-length: 2331
x-amz-id-2: j6bTJlctE6TDyvlGkBkoiXARttzZo9tv5gS5avPd7L8H++J3tnFx60TsKPfbfIF6/nKMNVwguII=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 19:34:12 GMT
server: AmazonS3
x-timer: S1571949483.061257,VS0,VE0
etag: "9806d7bb329015910edee18bde7d00f6"
vary: Accept-Encoding
x-amz-request-id: 9B3550C273237D1C
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 header.c2f4f7c25d9da27390d3.js Show response
x.kinja-static.com/assets/new-client/ 104 KB
19 KB 9ms
7ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/header.c2f4f7c25d9da27390d3.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.340ea00a61fa23aa5d63.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

af496f77aba3b32a7ba3625bb02d7d085f25b404b202e6a1bf1428146674c58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95
x-cache: HIT
status: 200
content-length: 19313
x-amz-id-2: WENvCmhuwiyPGk4uT1N/zridqh3iCcM/Qncm30YvpuhBOQC4/42LR8wQHr91G14tF/JLwY28HQE=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 19:34:13 GMT
server: AmazonS3
x-timer: S1571949483.061418,VS0,VE1
etag: "315f436378e32dca9d563b24e2fffea1"
vary: Accept-Encoding
x-amz-request-id: D32275DF4D0D9503
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 ads-outstreamNativeView~specialSection.b93f2d62e8cd944be9f0.js Show response
x.kinja-static.com/assets/new-client/ 11 KB
4 KB 6ms
6ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/ads-outstreamNativeView~specialSection.b93f2d62e8cd944be9f0.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.340ea00a61fa23aa5d63.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5e1c539257dbe9f77a102caef70038abe0f3fb0372f9fb6821db84c692e3f57a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117
x-cache: HIT
status: 200
content-length: 3505
x-amz-id-2: KIGaBfbcbBeU8xlY7rJzyfF0M+ZtWKtXUoXtPDhfaiProM+/Q1Jv6e+nviEMNPNK4ZtrFZP05N0=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 01:33:35 GMT
server: AmazonS3
x-timer: S1571949483.075493,VS0,VE0
etag: "2e0ca5ab18fffc3b7bdbde16e2d2448c"
vary: Accept-Encoding
x-amz-request-id: F7F9F5F8820C1F66
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 ads-outstreamNativeView.81366877f91bcac8a46c.js Show response
x.kinja-static.com/assets/new-client/ 27 KB
8 KB 106ms
106ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/ads-outstreamNativeView.81366877f91bcac8a46c.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.340ea00a61fa23aa5d63.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e6e0439235d5319584af372f9b4575df851a999143885b40a46dc05f48bb046e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
x-cache: HIT
status: 200
content-length: 7624
x-amz-id-2: 9u8NhkjeibeB47JNHN8sFYYOqPI1nHnZSVUICPTwtwS0X/LOSlmA2DNi5mjIKhZyrb3NqSeDVlg=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Wed, 23 Oct 2019 19:58:29 GMT
server: AmazonS3
x-timer: S1571949483.075553,VS0,VE100
etag: "47493fde4aae677b252249386431dafa"
vary: Accept-Encoding
x-amz-request-id: FB97085977FBF8AF
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 tag-dropdown.8ff5e5fe5d932554dd32.js Show response
x.kinja-static.com/assets/new-client/ 5 KB
2 KB 6ms
6ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/tag-dropdown.8ff5e5fe5d932554dd32.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.340ea00a61fa23aa5d63.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8a760eea6fceef45c0f6c635a259aa7cdeee28065a19941bb0fee122fb6d0427

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101
x-cache: HIT
status: 200
content-length: 1722
x-amz-id-2: /nK4pClpXT+NS1dQmQOXw9TX8pUNvNf92pD9Vz+e4Bm9ITvpp72i8G0AkXZdhrmK86iPY6fPiws=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 17 Oct 2019 20:43:35 GMT
server: AmazonS3
x-timer: S1571949483.079957,VS0,VE0
etag: "6de992ebbc86f6a0558f250aed64bb6b"
vary: Accept-Encoding
x-amz-request-id: ECEAE99A6267D756
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

POST
H2 200 event.js
kinja.com/api/kala/t/ 0
0 98ms
97ms Other
application/json 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://kinja.com/api/kala/t/event.js?e=eyJibG9nSWQiOiIxNyIsImNvbnRleHRJZCI6IjE4MzkzMzE2MzIiLCJ0YXJnZXRJZCI6IjE4MzkzMzE2MzIiLCJjb250ZXh0VHlwZSI6IlBFUk1BTElOSyIsImV2ZW50VHlwZSI6IlBFUk1BTElOS19WSUVXIiwidGFyZ2V0VHlwZSI6IlBPU1QiLCJldmVudEF0dHJpYnV0ZXMiOnsiYmxvZ05hbWUiOiJsaWZlaGFja2VyLmNvbSIsImlzTG9nZ2VkSW4iOjAsImF1dGhvcklkIjoiMTU1MDM2ODc3NyIsInVuaXF1ZSI6dHJ1ZX0sImV2ZW50QXR0cmlidXRlc0V4dGVuZGVkIjp7InJlc3BvbnNpdmVWZXJzaW9uIjoiMTM2NCsiLCJkZXZpY2VDYXRlZ29yeSI6ImRlc2t0b3AiLCJhZEJsb2NrIjoiYWRibG9jayBvZmYiLCJzY3JvbGxQb3NpdGlvbiI6MCwidGFncyI6WyJhcHBzdG9yZSIsIm1hbHdhcmUiLCJtYWx3YXJlcmVtb3ZhbCJdLCJyZWNpcmNHcm91cCI6ImZtZ05vblNhdGlyZSJ9fQ==&cb=377
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/permalinkPage.2fa490f1cc8edccdb631.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://lifehacker.com
access-control-allow-credentials: true

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/gomedianetwork/ 91 KB
20 KB 20ms
6ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/gomedianetwork/loader.js
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/permalinkPage.2fa490f1cc8edccdb631.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2556fa6177e6c2d5123ce1e92eb097d0f35f2ddf45736896be0c4bca872e104

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: PygVEKIe0G1D7BNztnT7u6UqIiPGOPG_
content-encoding: gzip
etag: "9ba07c83938451a5ee27cf9b9aabe552"
age: 89
x-cache: HIT
status: 200
content-length: 19900
x-amz-id-2: 38EMgUKvQIx45eHUHUHdDAiRrHYGbJAenFJSSR0Z0sA+zYpZ1ui8P2pO7dlgzkc6NSmm9zXfuOU=
x-served-by: cache-hhn4081-HHN
last-modified: Tue, 22 Oct 2019 12:55:39 GMT
server: AmazonS3
x-timer: S1571949483.112585,VS0,VE1
date: Thu, 24 Oct 2019 20:38:03 GMT
vary: Accept-Encoding
x-amz-request-id: 570F12D4F83E2675
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 28
x-cache-hits: 1

GET
H2 200 onejs Show response
z-na.amazon-adsystem.com/widgets/ 22 KB
8 KB 26ms
11ms Script
application/javascript 13.225.77.205
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=45b86f08-d576-450f-b812-4e928421e266
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/permalinkPage.2fa490f1cc8edccdb631.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.77.205 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-77-205.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 47c46c56931dfacea9cd225466aa746ec7e8053245b87fb67f2c8a47c447e364

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 01:33:51 GMT
content-encoding: gzip
age: 67343
x-cache: Hit from cloudfront
status: 200
cneonction: close
content-length: 7312
pragma: Public
access-control-allow-origin: *
server: Server
content-type: application/javascript;charset=UTF-8
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
charset: UTF-8
cache-control: public,max-age=300,s-maxage=300,no-transform
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: FNs2vWcck8Wm1gkEvij2zvl88nvO6YOJS8n8twT1HXUg7nyT1uDM1w==
expires: Thu, 24 Oct 2019 01:38:51 GMT

GET
H2 200 vendors~commentsIframe.6556a8173ab2bbd3d492.js Show response
x.kinja-static.com/assets/new-client/ 25 KB
5 KB 7ms
7ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendors~commentsIframe.6556a8173ab2bbd3d492.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.340ea00a61fa23aa5d63.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e666457e3e1dfe91bdbc4f8057e11898e640ae0e5481646d54a0f7298853e2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16
x-cache: HIT
status: 200
content-length: 4791
x-amz-id-2: S8dsKjg1FlwGXtk7hJTzhBHd5J3fKT6GkRFOrYx4F/EqYjWBxxpKLT/hNFP2/Ovb8sA7q1he4v4=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Tue, 08 Oct 2019 21:23:50 GMT
server: AmazonS3
x-timer: S1571949483.102207,VS0,VE0
etag: "52289879de565f9cdb1a3759d38298bd"
vary: Accept-Encoding
x-amz-request-id: E3468B2751867057
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 commentsIframe.d3db6257b1fd7655234f.js Show response
x.kinja-static.com/assets/new-client/ 10 KB
3 KB 6ms
6ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/commentsIframe.d3db6257b1fd7655234f.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.340ea00a61fa23aa5d63.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5447c4d9c91e76792ea435dffad1fa12fdf89040bfb281e0e903f91ebc76be3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12
x-cache: HIT
status: 200
content-length: 3042
x-amz-id-2: B2TPPBUjBbdPp4nV9R6TLdhslCUAnhm4Nc/Pqt8FYi29VZbMfJXSj9d0nn3uOX+GJEWDU8wDOeY=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 01:33:35 GMT
server: AmazonS3
x-timer: S1571949483.102199,VS0,VE0
etag: "4e6054aca759efb17aa3319356bd0033"
vary: Accept-Encoding
x-amz-request-id: C2BEDAE44518D1D3
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt/201910221235/ 83 KB
29 KB 6ms
5ms Script
application/javascript 151.101.113.194
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gpt/201910221235/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/azlGdEo2ybypaicXgYmCPl0PYzY/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1632f47c01494f594d96c356b5e3066f8261b89a9bcf9cd5409af2a88448bb16

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:03 GMT
Content-Encoding: gzip
Age: 531
X-Cache: HIT
Connection: keep-alive
Content-Length: 29126
x-amz-id-2: i0QFDl6CfWqOGM10SeE3R0HYjCne1wY313MV7DEgAUQOOk6oa6QOMuIiGbU7jwlAAN5FToOpk3c=
X-Served-By: cache-hhn4071-HHN
Last-Modified: Tue, 22 Oct 2019 16:35:57 GMT
Server: AmazonS3
X-Timer: S1571949483.113815,VS0,VE0
ETag: "06cd57f5791b45f2b5d8cb62622e5fd0"
x-amz-request-id: 7334A205E9F5DD30
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 133

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/prebid/201910171256/ 28 KB
11 KB 12ms
6ms Script
application/javascript 151.101.113.194
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/prebid/201910171256/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/azlGdEo2ybypaicXgYmCPl0PYzY/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51fbe136f28f60bc09b2a92ec09f109e560fb76b14d564e46fbd39cc6020f425

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:03 GMT
Content-Encoding: gzip
Age: 38
X-Cache: HIT
Connection: keep-alive
Content-Length: 10727
x-amz-id-2: H3hiFpPQwhEr6WsxB5NI4Ks7EFNhR8e4AJkFYmlaPm0CA8SXAYYjgz5mlgqfViLhAJES1cBa4Uo=
X-Served-By: cache-hhn4071-HHN
Last-Modified: Thu, 17 Oct 2019 18:13:36 GMT
Server: AmazonS3
X-Timer: S1571949483.120784,VS0,VE0
ETag: "084deea6f314d94436d69a233e4af5e3"
x-amz-request-id: 55F7D1EC2D314E0D
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 52

GET
H2 200 local_storage_frame10.min.html
assets.bounceexchange.com/assets/bounce/ Frame 985C 0
0 31ms
31ms Document
text/html 34.98.72.95
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame10.min.html
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_d69e5cee1bb28009159dc29dcdf2cad4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.98.72.95 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

:method: GET
:authority: assets.bounceexchange.com
:scheme: https
:path: /assets/bounce/local_storage_frame10.min.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Response headers

status: 200
x-guploader-uploadid: AEnB2Uqv_e1aLawLXY_3za7EH5RAC0RcORNcxrfSufO8d0Z-FHViW4dKGZAN-FHDTE9-Dt3VRYH40tHcQRr-An9njbb9OlBf0A
date: Thu, 24 Oct 2019 10:00:08 GMT
expires: Fri, 23 Oct 2020 10:00:08 GMT
last-modified: Thu, 25 Jul 2019 15:10:57 GMT
etag: "55fccc7bc73db2181e976f1ccec90e2c"
x-goog-generation: 1564067457180148
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 995
content-type: text/html
content-encoding: gzip
x-goog-hash: crc32c=z+risA== md5=VfzMe8c9shgel28czskOLA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 995
access-control-allow-origin: *
server: UploadServer
cache-control: public, max-age=31536000
age: 38275
alt-svc: clear

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=530738705&t=pageview&_s=1&dl=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&ul=en-us&de=UTF...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-142218-1&cid=1646358791.1571949483&jid=1812683289&_gid=1964647908.1571949483&gjid=639794603&_v=j79&z=1133943209
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-1&cid=1646358791.1571949483&jid=1812683289&_v=j79&z=1133943209
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-1&cid=1646358791.1571949483&jid=1812683289&_v=j79&z=1133943209&slf_rd=1&random=3680975738

42 B
109 B

30ms
30ms

Image
image/gif

2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-1&cid=1646358791.1571949483&jid=1812683289&_v=j79&z=1133943209&slf_rd=1&random=3680975738

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-1&cid=1646358791.1571949483&jid=1812683289&_v=j79&z=1133943209&slf_rd=1&random=3680975738
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=530738705&t=pageview&_s=1&dl=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&ul=en-us&de=UTF...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-142218-33&cid=1646358791.1571949483&jid=1264323842&_gid=1964647908.1571949483&gjid=1591843175&_v=j79&z=1533652980
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-33&cid=1646358791.1571949483&jid=1264323842&_v=j79&z=1533652980
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-33&cid=1646358791.1571949483&jid=1264323842&_v=j79&z=1533652980&slf_rd=1&random=894583965

42 B
109 B

29ms
28ms

Image
image/gif

2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-33&cid=1646358791.1571949483&jid=1264323842&_v=j79&z=1533652980&slf_rd=1&random=894583965

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-33&cid=1646358791.1571949483&jid=1264323842&_v=j79&z=1533652980&slf_rd=1&random=894583965
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2

200

/ Show response
r.skimresources.com/api/
Redirect Chain

https://r.skimresources.com/api/
https://r.skimresources.com/api/?xguid=01DQZQV55MVMKB9QE0HAM07CQ6&persistence=1&checksum=7abbbfadca8e772ef2e8f898fc6fbf94895345c06768878fdf93bb4d03072f0e

152 B
459 B

16ms
16ms

XHR
application/json

35.190.59.101
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/?xguid=01DQZQV55MVMKB9QE0HAM07CQ6&persistence=1&checksum=7abbbfadca8e772ef2e8f898fc6fbf94895345c06768878fdf93bb4d03072f0e

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

e2146a9a524ba4335425453dbbe057a152f84fc94fc1fe84b439d3373aa666d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
status: 200
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://lifehacker.com
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
via: 1.1 google

Redirect headers

date: Thu, 24 Oct 2019 20:38:03 GMT
via: 1.1 google
server: openresty/1.11.2.5
status: 307
location: //r.skimresources.com/api/?xguid=01DQZQV55MVMKB9QE0HAM07CQ6&persistence=1&checksum=7abbbfadca8e772ef2e8f898fc6fbf94895345c06768878fdf93bb4d03072f0e
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://lifehacker.com
access-control-allow-credentials: true
content-type: text/html
alt-svc: clear
content-length: 193

GET
H2 200 pui1anfh4zipyux2h6mr.jpg
i.kinja-img.com/gawker-media/image/upload/c_fit,f_auto,fl_progressive,q_80,w_137/ 2 KB
3 KB 6ms
6ms Image
image/webp 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kinja-img.com/gawker-media/image/upload/c_fit,f_auto,fl_progressive,q_80,w_137/pui1anfh4zipyux2h6mr.jpg

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

kinja /

Resource Hash

18055970ed579103336ab02e1120b02fa2e09fb5902d8dd5003234ce75060dab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 4943
edge-cache-tag: 495703332164146179776007390028905595273,304655232378901071923661591239150164684,e658e1d7ab596d92a7343d60946f3015
status: 200, 200 OK
x-image-request-allowed: lifehacker.com yes
content-disposition: inline; filename="pui1anfh4zipyux2h6mr.webp"
content-length: 2084
x-request-id: 2ce96314357f502c3e7eba3372fc4924
x-served-by: cache-jfk8130-JFK, cache-jfk8144-JFK, cache-fra19179-FRA
x-cache: MISS, HIT, HIT
last-modified: Thu, 24 Oct 2019 19:15:42 GMT
server: kinja
x-timer: S1571949483.284756,VS0,VE1
etag: "630b653de124d2da82449c6b620fdccb"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-max-age=0, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-cache-hits: 0, 2, 1

GET
H2 200 169440920315499 Show response
connect.facebook.net/signals/config/ 282 KB
65 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/169440920315499?v=2.9.8&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

22f5d260892be33a69931c9dd33b09aa888f59b2be5e4bf9e9f0cf728e965053

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 66725
x-xss-protection: 0
pragma: public
x-fb-debug: rbKG8lTzQ/rEOdYEQs3o4V53wxRq7j72ZAWyYSfYaP+ahQ/HXxgmVab5s2LNcZoIWGTlUUlOrX4VsoA9xWOl/g==
x-fb-trip-id: 1850256238
x-frame-options: DENY
date: Thu, 24 Oct 2019 20:38:03 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 47 B
393 B 41ms
41ms XHR
text/javascript 13.225.86.250
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&pid=8599431975171571949482763&cb=7038972852281571949483354&ws=1600x1200&v=7.39.00&t=600&slots=%5B%7B%22sd%22%3A%22dfp-ad-1%22%2C%22s%22%3A%5B%221280x720%22%2C%22970x415%22%5D%2C%22sn%22%3A%22%2F4246%2Fgm.lifehacker%2Farticle_splashy-top%22%7D%5D&pj=%7B%22apse%22%3A%7B%22chunkRequests%22%3Afalse%2C%22shouldCFRoute%22%3Atrue%2C%22shouldSampleLatency%22%3Afalse%7D%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: Server /
Resource Hash: b78fe692bbc01ad3294f8cc42df84c617f5e4668533c6369c49e551785ef5c8c

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C2
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://lifehacker.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 47
x-amz-cf-id: GvOTH7DdtvxrhvQIAcpib1KGxJoiTiQehVQ4_7-UcJekOXVG4ZCliw==

GET
H/1.1 200
OK pub Show response
pixel.adsafeprotected.com/services/ 281 B
665 B 51ms
22ms XHR
application/json 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=927245&slot=%7Bid:dfp-ad-1,ss:%5B1280.720,970.415%5D,p:/4246/gm.lifehacker/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=929bb6b7-468a-c855-dd11-e779bdafd1e9&url=https%253A%252F%252Flifehacker.com%252Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: f14deabfa67fa1c80973ba23f60cefbe9d4cc7dd3e4e5993bea0fb885d3f4958

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:03 GMT
X-Server-Name: app57ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://lifehacker.com
Access-Control-Expose-Headers: X-Server-Name
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Server: nginx

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 386 B
473 B 91ms
91ms XHR
text/plain 216.58.207.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3404303529965416&correlator=1844877538862839&output=ldjh&impl=fif&eid=21063635%2C21064387&vrg=2019101701&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191024&iu=%2F4246%2Fgm.lifehacker%2Farticle&sz=1280x720%7C970x415&scp=article_position%3D1%26pos%3Dsplashytop%26postId%3D1839331632%26page%3Darticle%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3D1%26amznbid%3D1%26amznp%3D1&eri=1&cust_params=tags%3Dapp%2520store%252Cmalware%252Cmalware%2520removal%26category%3D%26blogName%3Dlifehacker&cookie_enabled=1&bc=31&abxe=1&lmt=1571949483&dt=1571949483368&dlt=1571949482533&idt=805&frm=20&biw=1585&bih=1200&oid=3&adx=-12245933&ady=-12245933&adk=3698095318&uci=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&dssz=79&icsg=4499201580859392&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1280x720&msz=0x0&ga_vid=1646358791.1571949483&ga_sid=1571949483&ga_hid=530738705&fws=132&ohw=1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

da791a3f6ccdf73d74f7169a83765162bf1246747a0d0e7a6d92ab82d8913879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 200
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lifehacker.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019101701.js Show response
securepubads.g.doubleclick.net/gpt/ 64 KB
24 KB 14ms
14ms Script
text/javascript 216.58.207.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019101701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

sffe /

Resource Hash

a03faced3009fb10b52543aa37d64bf267dffd4ec013767368830361cc75454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Oct 2019 13:06:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24885
x-xss-protection: 0
expires: Thu, 24 Oct 2019 20:38:03 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ 0
0 18ms
6ms Other
text/html 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 47 B
393 B 46ms
46ms XHR
text/javascript 13.225.86.250
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&pid=8599431975171571949482763&cb=2697308142971571949483378&ws=1600x1200&v=7.39.00&t=600&slots=%5B%7B%22sd%22%3A%22dfp-ad-2%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x251%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Fgm.lifehacker%2Farticle_top-banner%22%7D%5D&pj=%7B%22apse%22%3A%7B%22chunkRequests%22%3Afalse%2C%22shouldCFRoute%22%3Atrue%2C%22shouldSampleLatency%22%3Afalse%7D%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 5322be95a1a8874a2d6342027a063a1beeedf730c802e2d9ac9b50b5da01281f

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C2
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://lifehacker.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 47
x-amz-cf-id: TY9UtcrF6ZacZx3qDVsfhUQN3bRsctxH5V_nk1CE6Uxo1xJGayld_Q==

GET
H/1.1 200
OK pub Show response
pixel.adsafeprotected.com/services/ 411 B
795 B 60ms
29ms XHR
application/json 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=927245&slot=%7Bid:dfp-ad-1,ss:%5B1280.720,970.415%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-2,ss:%5B970.250,970.251,970.90,728.90%5D,p:/4246/gm.lifehacker/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=929bb6b7-468a-c855-dd11-e779bdafd1e9&url=https%253A%252F%252Flifehacker.com%252Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: f8b34d5e35fee30828c18317caa07aa0a03b9c6f5fda5bc240677b464b2c569b

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:03 GMT
X-Server-Name: app57ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://lifehacker.com
Access-Control-Expose-Headers: X-Server-Name
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Server: nginx

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 77 B
284 B 49ms
22ms XHR
application/json 2.18.235.93
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/ads.d55c919fead71a11fb7b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cae23f66c38097636ff2f2d08d43c8ff67506b7d3d807b097432ca754504120f

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
server: nginx
status: 200
content-type: application/json;charset=ISO-8859-1
access-control-allow-origin: https://lifehacker.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 77
expires: Thu, 24 Oct 2019 20:38:03 GMT

GET
H2 200 arj Show response
fusion-media-group-d.openx.net/w/1.0/ 172 B
541 B 50ms
19ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://fusion-media-group-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=3b7f15c7-c2e3-47f8-8a55-b243ee9069af&nocache=1571949483383&aus=970x250%2C970x251%2C970x90%2C728x90&divIds=dfp-ad-2&auid=540843235&
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/ads.d55c919fead71a11fb7b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.164.0 /
Resource Hash: 0831fea7787943df31cfaa0ff21067100c8f1054b5a6966f258da2e34aa2997b

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
via: 1.1 google
server: OXGW/16.164.0
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://lifehacker.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 172
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

ADTECH;apid=1A2d4a7240-f69e-11e9-a70e-12783854d8e0;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=17c9feb43c18198;misc=1571949483383 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/3946172/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/3946172/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=17c9feb43c18198;misc=1571949483383;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/3946172/0/0/ADTECH;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=17c9feb43c18198;misc=1571949483383
https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/3946172/0/0/ADTECH;apid=1A2d4a7240-f69e-11e9-a70e-12783854d8e0;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=17c9feb43c18198;misc=15...

48 B
81 B

105ms
105ms

XHR
application/json

152.199.21.89
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/3946172/0/0/ADTECH;apid=1A2d4a7240-f69e-11e9-a70e-12783854d8e0;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=17c9feb43c18198;misc=1571949483383
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: fc551f16b73ddf58f1a2233210b3dce9e7997aeb15994559da77b91dc4866b39

Request headers

Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://lifehacker.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/3946172/0/0/ADTECH;apid=1A2d4a7240-f69e-11e9-a70e-12783854d8e0;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=17c9feb43c18198;misc=1571949483383
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://lifehacker.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;apid=1A2d4a6962-f69e-11e9-99d5-12ddab465c88;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=18589039213e72c;misc=1571949483383 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762255/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762255/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=18589039213e72c;misc=1571949483383;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762255/0/0/ADTECH;cfp=1;rndc=1571949482;v=2;cmd=bid;cors=yes;alias=18589039213e72c;misc=1571949483383
https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762255/0/0/ADTECH;apid=1A2d4a6962-f69e-11e9-99d5-12ddab465c88;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=18589039213e72c;misc=15...

48 B
81 B

123ms
122ms

XHR
application/json

152.199.21.89
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762255/0/0/ADTECH;apid=1A2d4a6962-f69e-11e9-99d5-12ddab465c88;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=18589039213e72c;misc=1571949483383
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 77439e97f78f298dcb9ce704b5ee8e5df1f404c04edd15c7655914ddfed6bfc7

Request headers

Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://lifehacker.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762255/0/0/ADTECH;apid=1A2d4a6962-f69e-11e9-99d5-12ddab465c88;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=18589039213e72c;misc=1571949483383
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://lifehacker.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;apid=1A2d4a830c-f69e-11e9-a7f0-1245d65848a4;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=1980f998232ebb3;misc=1571949483383 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762262/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762262/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1980f998232ebb3;misc=1571949483383;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762262/0/0/ADTECH;cfp=1;rndc=1571949482;v=2;cmd=bid;cors=yes;alias=1980f998232ebb3;misc=1571949483383
https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762262/0/0/ADTECH;apid=1A2d4a830c-f69e-11e9-a7f0-1245d65848a4;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=1980f998232ebb3;misc=15...

48 B
105 B

101ms
101ms

XHR
application/json

152.199.21.89
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762262/0/0/ADTECH;apid=1A2d4a830c-f69e-11e9-a7f0-1245d65848a4;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=1980f998232ebb3;misc=1571949483383
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: d20e8c8ef05423cb477c5a37d707a97d348b720c06ba38d5fa5c0c37fd80bf82

Request headers

Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://lifehacker.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762262/0/0/ADTECH;apid=1A2d4a830c-f69e-11e9-a7f0-1245d65848a4;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=1980f998232ebb3;misc=1571949483383
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://lifehacker.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 dt.html
cdn.digitru.st/prod/1.4.4.beta/ Frame 1312 0
0 8ms
7ms Document
text/html 159.180.84.2
Instart Logic

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.digitru.st/prod/1.4.4.beta/dt.html
Requested by: Host: cdn.digitru.st
URL: https://cdn.digitru.st/prod/1.4.4.beta/digitrust.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.180.84.2 , United States, ASN33047 (INSTART - Instart Logic, Inc, US),
Reverse DNS
Software: DTOrigin /
Resource Hash

Request headers

:method: GET
:authority: cdn.digitru.st
:scheme: https
:path: /prod/1.4.4.beta/dt.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Response headers

status: 200
content-type: text/html
content-length: 921
last-modified: Tue, 09 Oct 2018 17:17:21 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-instart-cache-id: 3:10358025607228530880::1571483981
content-encoding: gzip
expires: Wed, 23 Oct 2019 11:19:42 GMT
etag: "52d288046fdd6066277ef76f101c8437"
date: Tue, 22 Oct 2019 11:19:42 GMT
x-instart-request-id: 17386546136667859994:SEN01-CPVNPPRY12:1571949483:0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
server: DTOrigin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
2 KB 41ms
14ms XHR
application/json 69.173.144.142
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=243704&zone_id=1361358&size_id=2&alt_size_ids=55%2C57&p_pos=unknown&rf=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&tk_flint=pbjs_lite_v2.33.0-pre&x_source.tid=3b7f15c7-c2e3-47f8-8a55-b243ee9069af&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4655818563652636
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/ads.d55c919fead71a11fb7b.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 03aaba90114598adf6e944a70c83bf37ba75304644e936036bb5394d7c487fc3

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 24 Oct 2019 20:38:03 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://lifehacker.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=125
Content-Length: 263
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
904 B 119ms
103ms XHR
application/json 2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=187439&v=7.2&r=%7B%22id%22%3A%221164003e4bf0dbc%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212e62412cb59941%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22187439%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%2213ecb022dd289ee%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22187438%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22id%22%3A%2214c11fed9717b1e%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22187437%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/ads.d55c919fead71a11fb7b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 820de1481e31073eab013d859efd4c080c6a7317538627df1cf308dcf982b0e5

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 24 Oct 2019 20:38:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://lifehacker.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Thu, 24 Oct 2019 20:38:03 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
144 B 41ms
13ms XHR
text/plain 178.250.2.152
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=20&wv=2.33.0-pre&cb=22666320847
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/ads.d55c919fead71a11fb7b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 24 Oct 2019 20:38:03 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://lifehacker.com
timing-allow-origin: *
vary: Origin

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 47 B
393 B 88ms
88ms XHR
text/javascript 13.225.86.250
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&pid=8599431975171571949482763&cb=2999277124161571949483390&ws=1600x1200&v=7.39.00&t=600&slots=%5B%7B%22sd%22%3A%22dfp-ad-3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F4246%2Fgm.lifehacker%2Farticle_left_top%22%7D%5D&pj=%7B%22apse%22%3A%7B%22chunkRequests%22%3Afalse%2C%22shouldCFRoute%22%3Atrue%2C%22shouldSampleLatency%22%3Afalse%7D%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: Server /
Resource Hash: a701801507d8899f5b4e60e20f9e9cb3beb0fce64706fae0734a7ae62aff4f8e

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C2
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://lifehacker.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 47
x-amz-cf-id: oWOviLidOSThgUlabH8oyd_hOd78l2CbQeLULKKJ7GhFKiWCYFJTCQ==

GET
H/1.1 200
OK pub Show response
pixel.adsafeprotected.com/services/ 541 B
925 B 62ms
28ms XHR
application/json 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=927245&slot=%7Bid:dfp-ad-1,ss:%5B1280.720,970.415%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-2,ss:%5B970.250,970.251,970.90,728.90%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-3,ss:%5B300.250%5D,p:/4246/gm.lifehacker/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=929bb6b7-468a-c855-dd11-e779bdafd1e9&url=https%253A%252F%252Flifehacker.com%252Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: a5ec5d615c258fbe3e2b7b87270b862a3c28a2ad66a9113658ef6c7d9f2a3306

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:03 GMT
X-Server-Name: app52ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://lifehacker.com
Access-Control-Expose-Headers: X-Server-Name
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Server: nginx

GET
H2 200 arj Show response
fusion-media-group-d.openx.net/w/1.0/ 172 B
356 B 41ms
20ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://fusion-media-group-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=92e45717-2b74-47e1-9f00-dbc9f4a083b6&nocache=1571949483393&aus=300x250&divIds=dfp-ad-3&auid=540843239&
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/ads.d55c919fead71a11fb7b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.164.0 /
Resource Hash: b0ded6f2ecfb58721916714d981ea566850acee90eb12ebb26ed9b7e746637df

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
via: 1.1 google
server: OXGW/16.164.0
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://lifehacker.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 172
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 55ms
28ms XHR
application/json 69.173.144.142
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=243704&zone_id=1361386&size_id=15&p_pos=unknown&rf=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&tk_flint=pbjs_lite_v2.33.0-pre&x_source.tid=92e45717-2b74-47e1-9f00-dbc9f4a083b6&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.006565154399718054
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/ads.d55c919fead71a11fb7b.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 085fa8f34d40d06fce34f8207b8fc71321cccd4b597fbed4499bb8f074b554e6

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 24 Oct 2019 20:38:03 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://lifehacker.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=471
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
144 B 36ms
13ms XHR
text/plain 178.250.2.152
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=20&wv=2.33.0-pre&cb=99785635695
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/ads.d55c919fead71a11fb7b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 24 Oct 2019 20:38:02 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://lifehacker.com
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
904 B 118ms
103ms XHR
application/json 2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=241225&v=7.2&r=%7B%22id%22%3A%22269672b52e84abf%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22272cd8987325a6e%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22241225%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/ads.d55c919fead71a11fb7b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 794ed32133bdc1adf80dfce31440af78c9fc6d21a3563d764df8a95ca6c7e0c2

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 24 Oct 2019 20:38:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://lifehacker.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Thu, 24 Oct 2019 20:38:03 GMT

GET
H2

200

ADTECH;apid=1A2d4a558a-f69e-11e9-9b70-12ddab465c88;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=3213c171da39985;misc=1571949483394 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762260/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762260/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=3213c171da39985;misc=1571949483394;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762260/0/0/ADTECH;cfp=1;rndc=1571949482;v=2;cmd=bid;cors=yes;alias=3213c171da39985;misc=1571949483394
https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762260/0/0/ADTECH;apid=1A2d4a558a-f69e-11e9-9b70-12ddab465c88;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=3213c171da39985;misc=15...

48 B
81 B

102ms
102ms

XHR
application/json

152.199.21.89
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762260/0/0/ADTECH;apid=1A2d4a558a-f69e-11e9-9b70-12ddab465c88;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=3213c171da39985;misc=1571949483394
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 8233857a60ccfbd32563bd26bb44e50c60d8ba564c5ca8a8fd88b97347842261

Request headers

Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://lifehacker.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762260/0/0/ADTECH;apid=1A2d4a558a-f69e-11e9-9b70-12ddab465c88;cfp=1;rndc=1571949483;v=2;cmd=bid;cors=yes;alias=3213c171da39985;misc=1571949483394
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://lifehacker.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 77 B
284 B 28ms
14ms XHR
application/json 2.18.235.93
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/ads.d55c919fead71a11fb7b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6e0bbf91f1b82b8e749315e6fa6a5604b34af89fb34c35efda71ae9c1d55985b

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
server: nginx
status: 200
content-type: application/json;charset=ISO-8859-1
access-control-allow-origin: https://lifehacker.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 77
expires: Thu, 24 Oct 2019 20:38:03 GMT

GET
H/1.1 200
OK pub Show response
pixel.adsafeprotected.com/services/ 801 B
1 KB 59ms
25ms XHR
application/json 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=927245&slot=%7Bid:dfp-ad-1,ss:%5B1280.720,970.415%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-2,ss:%5B970.250,970.251,970.90,728.90%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-3,ss:%5B300.250%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-4,ss:%5B300.250,300.600%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-5,s:fluid,p:/4246/gm.lifehacker/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=929bb6b7-468a-c855-dd11-e779bdafd1e9&url=https%253A%252F%252Flifehacker.com%252Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: b116aa5f250a406f29e5bd4efdcdb2ab93938e9016e26297041da2e6f24ad1a6

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:03 GMT
X-Server-Name: app57ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://lifehacker.com
Access-Control-Expose-Headers: X-Server-Name
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Server: nginx

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 385 B
616 B 48ms
48ms XHR
text/plain 216.58.207.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3404303529965416&correlator=2098803753596732&output=ldjh&impl=fif&eid=21063635%2C21064387&vrg=2019101701&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191024&iu=%2F4246%2Fgm.lifehacker%2Farticle&sz=320x50&fluid=height&scp=article_position%3D1%26pos%3Dpromotion_native_sidebar%26postId%3D1839331632%26page%3Darticle%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26native_style_template%3Dsidebar_item_v4%26ad_index%3D1&eri=1&cust_params=tags%3Dapp%2520store%252Cmalware%252Cmalware%2520removal%26category%3D%26blogName%3Dlifehacker&cookie_enabled=1&bc=31&abxe=1&lmt=1571949483&dt=1571949483402&dlt=1571949482533&idt=805&frm=20&biw=1585&bih=1200&oid=3&adx=168&ady=2697&adk=501972793&uci=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&dssz=80&icsg=4499201580859392&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x1115&msz=360x0&ga_vid=1646358791.1571949483&ga_sid=1571949483&ga_hid=530738705&fws=516&ohw=1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

136d2fc8638d58feef906f1ad2846a7007e927f36f4e0997eab0a038b8b052ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 199
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lifehacker.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 47 B
393 B 48ms
47ms XHR
text/javascript 13.225.86.250
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&pid=8599431975171571949482763&cb=3003831823241571949483407&ws=1600x1200&v=7.39.00&t=600&slots=%5B%7B%22sd%22%3A%22dfp-ad-7%22%2C%22s%22%3A%5B%223x1%22%5D%2C%22sn%22%3A%22%2F4246%2Fgm.lifehacker%2Farticle_outstream%22%7D%5D&pj=%7B%22apse%22%3A%7B%22chunkRequests%22%3Afalse%2C%22shouldCFRoute%22%3Atrue%2C%22shouldSampleLatency%22%3Afalse%7D%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 75cc46e301ab83a361c78ea96c8de9b0d7a7cde389b5af07af7fbea6bfddf43e

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C2
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://lifehacker.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 47
x-amz-cf-id: DbPUuXvFemUA4yKgQ6CPotHLKYuKF9s5TclU1F9y1LzuMOmeCig_DA==

GET
H/1.1 200
OK pub Show response
pixel.adsafeprotected.com/services/ 1 KB
1 KB 50ms
20ms XHR
application/json 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=927245&slot=%7Bid:dfp-ad-1,ss:%5B1280.720,970.415%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-2,ss:%5B970.250,970.251,970.90,728.90%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-3,ss:%5B300.250%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-4,ss:%5B300.250,300.600%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-5,s:fluid,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-6,ss:%5B1280.400%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-7,ss:%5B3.1%5D,p:/4246/gm.lifehacker/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=929bb6b7-468a-c855-dd11-e779bdafd1e9&url=https%253A%252F%252Flifehacker.com%252Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: 93925a678ea616db7db8dd54fc92f19c7844472dda0ae3b8dcbdb30297f234d5

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:03 GMT
X-Server-Name: app57ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://lifehacker.com
Access-Control-Expose-Headers: X-Server-Name
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Server: nginx

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 382 B
472 B 41ms
41ms XHR
text/plain 216.58.207.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3404303529965416&correlator=2525384334901454&output=ldjh&impl=fif&eid=21063635%2C21064387&vrg=2019101701&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191024&iu=%2F4246%2Fgm.lifehacker%2Farticle&sz=3x1&scp=article_position%3D1%26pos%3Doutstream%26postId%3D1839331632%26page%3Darticle%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3D1%26amznbid%3D1%26amznp%3D1&eri=1&cust_params=tags%3Dapp%2520store%252Cmalware%252Cmalware%2520removal%26category%3D%26blogName%3Dlifehacker&cookie_enabled=1&bc=31&abxe=1&lmt=1571949483&dt=1571949483412&dlt=1571949482533&idt=805&frm=20&biw=1585&bih=1200&oid=3&adx=616&ady=1815&adk=469351789&uci=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&dssz=80&icsg=4499201580859392&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=800x1207&msz=800x1&ga_vid=1646358791.1571949483&ga_sid=1571949483&ga_hid=530738705&fws=4&ohw=1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

bcd5109f534736c12c47bce01d09b8922845d23fd60715d70328cd0780dc77e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 197
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lifehacker.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pub Show response
pixel.adsafeprotected.com/services/ 1 KB
2 KB 53ms
30ms XHR
application/json 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=927245&slot=%7Bid:dfp-ad-1,ss:%5B1280.720,970.415%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-2,ss:%5B970.250,970.251,970.90,728.90%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-3,ss:%5B300.250%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-4,ss:%5B300.250,300.600%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-5,s:fluid,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-6,ss:%5B1280.400%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-7,ss:%5B3.1%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-12,ss:%5B0.0,1.1%5D,p:/4246/gm.lifehacker/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=929bb6b7-468a-c855-dd11-e779bdafd1e9&url=https%253A%252F%252Flifehacker.com%252Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: 3fabcc5478b06a73c76c598bce5f94568d787afb6d7f6fda371ed2785a6d2c64

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:03 GMT
X-Server-Name: app57ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://lifehacker.com
Access-Control-Expose-Headers: X-Server-Name
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Server: nginx

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 382 B
468 B 69ms
68ms XHR
text/plain 216.58.207.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3404303529965416&correlator=335028285487266&output=ldjh&impl=fif&eid=21063635%2C21064387&vrg=2019101701&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191024&iu=%2F4246%2Fgm.lifehacker%2Farticle&sz=1x1&ists=1&scp=article_position%3D1%26pos%3Dscroll%26postId%3D1839331632%26page%3Darticle%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26pp_position%3Dscroll&eri=1&cust_params=tags%3Dapp%2520store%252Cmalware%252Cmalware%2520removal%26category%3D%26blogName%3Dlifehacker&cookie_enabled=1&bc=31&abxe=1&lmt=1571949483&dt=1571949483422&dlt=1571949482533&idt=805&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=2807&adk=4243953184&uci=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&dssz=80&icsg=4499201580859392&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x2808&msz=1585x1&ga_vid=1646358791.1571949483&ga_sid=1571949483&ga_hid=530738705&fws=4&ohw=1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

f24d0b32c4a90f1858b11f22a1a289102f57db6cd2e0eb1c0513efde99f8f5da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 197
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lifehacker.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 47 B
393 B 52ms
52ms XHR
text/javascript 13.225.86.250
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&pid=8599431975171571949482763&cb=4394824201751571949483426&ws=1600x1200&v=7.39.00&t=600&slots=%5B%7B%22sd%22%3A%22dfp-ad-4%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F4246%2Fgm.lifehacker%2Farticle_left%22%7D%5D&pj=%7B%22apse%22%3A%7B%22chunkRequests%22%3Afalse%2C%22shouldCFRoute%22%3Atrue%2C%22shouldSampleLatency%22%3Afalse%7D%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e2edc269475f6b75fd3aad5bc27c2dc24454086ed5960a59fb563502647f736b

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C2
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://lifehacker.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 47
x-amz-cf-id: wJUZLQgoYTKDuVPyBTaprHiVXa21_2Oe8bOinC8v5B5_ewvu3n5UfA==

GET
H/1.1 200
OK pub Show response
pixel.adsafeprotected.com/services/ 1 KB
2 KB 67ms
42ms XHR
application/json 199.166.0.26
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=927245&slot=%7Bid:dfp-ad-1,ss:%5B1280.720,970.415%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-2,ss:%5B970.250,970.251,970.90,728.90%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-3,ss:%5B300.250%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-4,ss:%5B300.250,300.600%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-5,s:fluid,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-6,ss:%5B1280.400%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-7,ss:%5B3.1%5D,p:/4246/gm.lifehacker/article,t:display%7D&slot=%7Bid:dfp-ad-12,ss:%5B0.0,1.1%5D,p:/4246/gm.lifehacker/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=929bb6b7-468a-c855-dd11-e779bdafd1e9&url=https%253A%252F%252Flifehacker.com%252Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.166.0.26 , United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS: anycast.pixel.adsafeprotected.com
Software: nginx /
Resource Hash: e3d5371d64e715381c08de03124be479a66d6855d670eef49638ccc05f520367

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:03 GMT
X-Server-Name: app11ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://lifehacker.com
Access-Control-Expose-Headers: X-Server-Name
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Server: nginx

GET
H2 200 load.js Show response
widget.perfectmarket.com/gomedianetwork/ 3 KB
2 KB 22ms
5ms Script
text/plain 151.101.13.181
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/gomedianetwork/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedianetwork/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32d9965dd53ae124713ac02021acaf62292dcb095fe341629905a331019f29a8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: YXZAaLzJUrtPNuwiijHsIDcHXAv17XKr
content-encoding: gzip
etag: "efae9846c4b3c6a12a40b184bda01ffa"
age: 109
x-cache: HIT, HIT
status: 200
content-length: 1280
x-amz-id-2: MwGk8zD41QQZeGQzFUbs6q35JyYb8OY/onirnb5u3lkvvW+u5swWTTanUftWEmKBF5Z3M2lw4qI=
x-served-by: cache-lax8650-LAX, cache-fra19127-FRA
last-modified: Fri, 04 Oct 2019 06:40:46 GMT
server: AmazonS3
x-timer: S1571949483.460977,VS0,VE0
date: Thu, 24 Oct 2019 20:38:03 GMT
vary: Accept-Encoding,,
x-amz-request-id: 81A32AC6F4104F4C
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: text/plain
x-cache-hits: 1, 3

GET
H2 200 impl.20191022-13-RELEASE.js Show response
cdn.taboola.com/libtrc/ 390 KB
110 KB 6ms
5ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20191022-13-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedianetwork/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fff4fe60bda732b610f29654ec2efbe62a489e71b526db88df24bb91c519c640

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: YhqAnN6cEmq91P1u0N9cpPVPx.pAlMi_
content-encoding: gzip
etag: "4f856707ca4034a3514c0b002847f3cf"
age: 13
x-cache: HIT
status: 200
x-amz-replication-status: PENDING
content-length: 112690
x-amz-id-2: s0womTCAy47kVd/CVDtNqHi3m4INe7hOBGBl9xSjzbRxp8YcIYoC0BcRbtz7g7vP9Azqm2nZ870=
x-served-by: cache-hhn4081-HHN
last-modified: Thu, 24 Oct 2019 11:23:40 GMT
server: AmazonS3
x-timer: S1571949483.445068,VS0,VE0
date: Thu, 24 Oct 2019 20:38:03 GMT
vary: Accept-Encoding
x-amz-request-id: A06A899F4393C221
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 75
x-cache-hits: 93

GET
H2 200 iab Show response
api.skimlinks.mgr.consensu.org/ 772 B
636 B 29ms
15ms XHR
application/json 35.190.40.172
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.skimlinks.mgr.consensu.org/iab?nocache=1571949483449

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/33330X911647.skimlinks.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.190.40.172 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

172.40.190.35.bc.googleusercontent.com

Software

nginx/1.14.0 /

Resource Hash

4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.14.0
access-control-allow-headers: *
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://lifehacker.com
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
via: 1.1 google

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
383 B 48ms
29ms XHR
application/javascript 35.201.67.47
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/33330X911647.skimlinks.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.201.67.47 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://lifehacker.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 22

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/915a8e9b-430c-47ad-9809-4249fbeacffe/ Frame 2676 326 B
547 B 59ms
25ms Script
application/javascript 2606:4700::6810:4fa5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/915a8e9b-430c-47ad-9809-4249fbeacffe/lightbox.js?mb=1571949483459&lv=1
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 639c61070ffb3b8c386e7ecbd0f0377ebfc183f911c61a4ad34967ac738a2a2a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 353885
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-ray: 52aec08fef1fcbb4-VIE

GET
H2 200 pui1anfh4zipyux2h6mr.jpg
i.kinja-img.com/gawker-media/image/upload/c_scale,f_auto,fl_progressive,q_80,w_1600/ 53 KB
54 KB 6ms
6ms Image
image/webp 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kinja-img.com/gawker-media/image/upload/c_scale,f_auto,fl_progressive,q_80,w_1600/pui1anfh4zipyux2h6mr.jpg

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

kinja /

Resource Hash

acff8fc3204d2489d2959fc9ca7dae5e02021ec0db17cdfdf746111e085083a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 4926
edge-cache-tag: 495703332164146179776007390028905595273,255475071116309780323644028037875230099,e658e1d7ab596d92a7343d60946f3015
status: 200, 200 OK
x-image-request-allowed: lifehacker.com yes
content-disposition: inline; filename="pui1anfh4zipyux2h6mr.webp"
content-length: 54658
x-request-id: f3b48c3bf439a1377b169f0b60e84c1a
x-served-by: cache-jfk8134-JFK, cache-jfk8128-JFK, cache-fra19179-FRA
x-cache: MISS, HIT, HIT
last-modified: Thu, 24 Oct 2019 19:15:58 GMT
server: kinja
x-timer: S1571949484.546191,VS0,VE1
etag: "57de81327819bf4adaa4cce2c2b9d9c3"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-max-age=0, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-cache-hits: 0, 2, 1

GET
H2 200 load Show response
pixel.mtrcs.samba.tv/v2/tag/fmg/homepage/ 684 B
1 KB 543ms
177ms XHR
application/json 52.33.92.11
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mtrcs.samba.tv/v2/tag/fmg/homepage/load?sa_name=lifehacker.com&sa_referrer=&sa_fullurl=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&c=1571949483548
Requested by: Host: tag.mtrcs.samba.tv
URL: https://tag.mtrcs.samba.tv/v3/tag/fmg/homepage/sambaTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.33.92.11 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-33-92-11.us-west-2.compute.amazonaws.com
Software: gunicorn/19.9.0 /
Resource Hash: b5613699dd9439fb16734a697696075a1a265326e97003e8e786b6dfcacc268f

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
server: gunicorn/19.9.0
status: 200
p3p: CP="This is not a P3P policy! See https://samba.tv/legal/privacy-policy/ for more info."
access-control-allow-origin: https://lifehacker.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: Content-Type
content-length: 684

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ 0
248 B 7ms
7ms Image
text/plain 23.45.99.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1571949483567&ns_c=UTF-8&cv=3.1&c8=Did%20You%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%3F&c7=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&c9=
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.99.242 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-99-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Oct 2019 20:38:03 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getad Show response
aax-us-east.amazon-adsystem.com/x/ 20 KB
7 KB 325ms
147ms Script
text/javascript 72.21.206.141
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22tracking_id%22%3A%22gawker02-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22DE%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22gawker02-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by: Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=45b86f08-d576-450f-b812-4e928421e266
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.141 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: 206-141.amazon.com
Software: Server /
Resource Hash: 115089eea2c0493fc4f4d6eb37e1f474ba695c5a73a874f8db3b6d0fdb38a1bd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:03 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: Server
Connection: keep-alive
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript;charset=UTF-8

GET
H2 200 recentVideos Show response
lifehacker.com/api/core/video/views/ 4 KB
4 KB 7ms
7ms Fetch
application/json 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://lifehacker.com/api/core/video/views/recentVideos?blogId=17&maxReturned=5

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/ads-outstreamNativeView.81366877f91bcac8a46c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

85b43dc32294fd96d93bbe7c00142171a9b0e03b2cc803151502fbeafc15dc1e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 270
x-cache: HIT, HIT
status: 200
x-kinja: kinja-core-kube02-8544f8d944-nnjmw #54
x-cdn-fetch: mantle-origin-cache
content-length: 3828
x-xss-protection: 1; mode=block
x-served-by: cache-jfk8126-JFK, cache-fra19179-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1571949484.584714,VS0,VE1
x-frame-options: DENY
date: Thu, 24 Oct 2019 20:38:03 GMT
vary: Origin, Authorization, Cookie
content-type: application/json
x-feature-hash: eu_disabled=on
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 1, 1

GET
H2 200 /
www.facebook.com/tr/ 44 B
248 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=217700348616695&ev=ViewContent&dl=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&rl=&if=false&ts=1571949483585&cd[content_ids]=%5B%221839331632%22%5D&cd[content_name]=Make%20Sure%20You%20Didn%27t%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps&cd[scroll_position]=0&sw=1600&sh=1200&v=2.9.8&r=stable&ec=0&o=30&fbp=fb.1.1571949483584.1053711394&it=1571949482743&coo=false&rqm=GET

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Thu, 24 Oct 2019 20:38:03 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
202 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=169440920315499&ev=ViewContent&dl=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&rl=&if=false&ts=1571949483586&cd[content_ids]=%5B%221839331632%22%5D&cd[content_name]=Make%20Sure%20You%20Didn%27t%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps&cd[scroll_position]=0&sw=1600&sh=1200&v=2.9.8&r=stable&ec=0&o=30&fbp=fb.1.1571949483584.1053711394&it=1571949482743&coo=false&rqm=GET

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Thu, 24 Oct 2019 20:38:03 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
202 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=217700348616695&ev=PageView&dl=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&rl=&if=false&ts=1571949483587&sw=1600&sh=1200&v=2.9.8&r=stable&ec=1&o=30&fbp=fb.1.1571949483584.1053711394&it=1571949482743&coo=false&rqm=GET

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Thu, 24 Oct 2019 20:38:03 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
202 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=169440920315499&ev=PageView&dl=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&rl=&if=false&ts=1571949483588&sw=1600&sh=1200&v=2.9.8&r=stable&ec=1&o=30&fbp=fb.1.1571949483584.1053711394&it=1571949482743&coo=false&rqm=GET

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Thu, 24 Oct 2019 20:38:03 GMT

GET
H2

200

/
p.skimresources.com/ Frame DCA3
Redirect Chain

https://x.skimresources.com/?provider=exelate
https://loadeu.exelator.com/load/?p=787&g=001&j=0&
https://loadeu.exelator.com/load/?p=787&g=001&j=0&&xl8blockcheck=1
https://x.skimresources.com/?provider=exelate&skim_mapping=true&provider_id=13fc1a183e46ea1ff1b80bff9417a707
https://p.skimresources.com/?provider_id=13fc1a183e46ea1ff1b80bff9417a707&skim_mapping=true

43 B
270 B

25ms
25ms

Image
image/gif

151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/?provider_id=13fc1a183e46ea1ff1b80bff9417a707&skim_mapping=true
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: UploadServer /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-goog-hash: crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
date: Thu, 24 Oct 2019 20:38:04 GMT
age: 1
x-guploader-uploadid: AEnB2UqSqqAuL0EpB_4nHymOfeoTV4Z25PmJvUIi1jI8gOYKGWqggOFF0iRiuz_NcGJMh_CfMgDWSC_Sc8jC5F3JZm1fVQD6kw
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Tue, 23 Oct 2018 13:19:28 GMT
server: UploadServer
etag: "f837aa60b6fe83458f790db60d529fc9"
x-hw: 1571949484.cds085.fr8.hn,1571949484.cds135.fr8.sc,1571949484.cds135.fr8.pr
x-goog-generation: 1540300768038458
cache-control: public, max-age=7200
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif

Redirect headers

Location: https://p.skimresources.com?provider_id=13fc1a183e46ea1ff1b80bff9417a707&skim_mapping=true
Date: Thu, 24 Oct 2019 20:38:04 GMT
Server: TornadoServer/2.4.1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 1839331632 Show response
lifehacker.com/embed/comments/magma/ Frame 2AF2 48 KB
16 KB 90ms
90ms Document
text/html 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://lifehacker.com/embed/comments/magma/1839331632?

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~categoryPage~errorPage~experiments~featuredPermalinkPage~frontPage~permalinkPage~profilePage~ed35fe7a.304e73272c6dba7971d0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

db9180228d58f6bc369e137bbd20fa63d38776d6471db51f29716a7502e372c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: lifehacker.com
:scheme: https
:path: /embed/comments/magma/1839331632?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
accept-encoding: gzip, deflate, br
cookie: geocc=DE; KinjaBucket=d; pageDepth=1; _cb_ls=1; _cb=DL5NniDyN_9FDff_BL; _chartbeat2=.1571949482749.1571949482749.1.CIIbShDzf4cCBDPF1dDujPImBTfEAZ.1; _cb_svref=null; __k_iut=1571949483084; bounceClientVisit3646v=N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvmAJYBmApnAIYDGA1hQE4B0tA9gLZGfWMC0KAK5MK-AJ7sh-ACYkZAOwSz2AdwVh21Gf3YKx7MvwRwKKMQEYA7P16laJKSn4WAHBgCcGDBYBsGXBAAGhAmGBAQAF8gA; AMP_TOKEN=%24NOT_FOUND; _ga=GA1.2.1646358791.1571949483; _gid=GA1.2.1964647908.1571949483; _gat_unique=1; _gat=1; _fbp=fb.1.1571949483584.1053711394; __gads=ID=3657fa4d572454a2:T=1571949483:S=ALNI_MZb3AaD5Ukg5RDK-hT1-E2ORMHGYQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Response headers

status: 200
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-kinja: kinja-mantle-kube03-6bc4f589f4-lw5zv #259
x-feature: eu_disabled=on
content-type: text/html; charset=utf-8
cache-control: stale-if-error=86400, stale-while-revalidate=300
x-kinja-build: 259
x-kinja-server: kinja-mantle-kube03-6bc4f589f4-lw5zv
x-frame-options: SAMEORIGIN
content-encoding: gzip
x-googlenews-bot: false
x-kinja-revision: 900f28194722c8af0f47626fa5348020c5a8d28e
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish 1.1 varnish
x-cdn-fetch: mantle-default
accept-ranges: bytes
date: Thu, 24 Oct 2019 20:38:03 GMT
age: 0
x-served-by: cache-jfk8121-JFK, cache-fra19179-FRA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1571949484.623166,VS0,VE84
x-feature-hash: eu_disabled=on
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, Cookie, X-GoogleNews-Bot, X-Exp-Id, X-Exp-Variant, Authorization
content-length: 15276

GET
H2 200 json Show response
trc.taboola.com/gomedia-lifehacker/trc/3/ 11 KB
5 KB 144ms
143ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/gomedia-lifehacker/trc/3/json?tim=22%3A38%3A03.665&lti=deflated&data=%7B%22id%22%3A77%2C%22ii%22%3A%22%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1571949483658%2C%22cv%22%3A%2220191022-13-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1585%2C%22dh%22%3A3222%2C%22nsid%22%3A%22gomedianetwork%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dgomedianetwork%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A2915.9375%2C%22mw%22%3A636%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191022-13-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: 53c21541a1a64f22f3a198163cf912a160026672d81be41372ea04412acbc63a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: gzip
server: nginx
x-timer: S1571949484.670782,VS0,VE137
status: 200
x-served-by: cache-hhn4081-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

POST
H2 429 / Show response
api.rollbar.com/api/1/item/ 94 B
287 B 119ms
118ms XHR
application/json 35.201.81.77
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rollbar.com/api/1/item/
Requested by: Host: cdn.digitru.st
URL: https://cdn.digitru.st/prod/1.4.4.beta/digitrust.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.201.81.77 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 77.81.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bd966bd87cf68ccaf790c731cfc29b7d1e720c16f1dd90edcf7c6bae2a8459d4

Request headers

Sec-Fetch-Mode: cors
X-Rollbar-Access-Token: c8b18213935a43c59f7b18dca677fd65
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

x-response-time: 2ms
date: Thu, 24 Oct 2019 20:38:03 GMT
via: 1.1 google
x-rate-limit-limit: 5000
x-rate-limit-remaining-seconds: 34
server: nginx
status: 429
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-rate-limit-remaining: 0
x-rate-limit-reset: 1571949517
access-control-allow-credentials: true
alt-svc: clear
content-length: 94

GET
H2 200 pmk-201901003.3.js Show response
widget.perfectmarket.com/gomedianetwork/ 116 KB
32 KB 6ms
6ms Script
text/javascript 151.101.13.181
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/gomedianetwork/pmk-201901003.3.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/gomedianetwork/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef045621d99ac151ebb42a2186d5431676a6608c3fa6a18e09f7e9fa00d5d080

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: 035amL8k2XEDVyM4g6EgUfvnjc88uinP
content-encoding: gzip
etag: "50838973ce8ddae1c4c76834b1bfb7d9"
age: 1778231
x-cache: HIT, HIT
status: 200
content-length: 32066
x-amz-id-2: +U0bdQCYpyeheGBhjm6kbRGHZpdmlnuOf57r4V2zA+kzgZIXtxlXB/hQez0CkE7oQIRskxUp8n0=
x-served-by: cache-lax8647-LAX, cache-fra19127-FRA
last-modified: Fri, 04 Oct 2019 06:40:46 GMT
server: AmazonS3
x-timer: S1571949484.698637,VS0,VE0
date: Thu, 24 Oct 2019 20:38:03 GMT
vary: Accept-Encoding,,
x-amz-request-id: 831EFABF1058921F
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: text/javascript
x-cache-hits: 1, 328

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/915a8e9b-430c-47ad-9809-4249fbeacffe/ Frame 2676 628 KB
128 KB 19ms
19ms Script
application/javascript 2606:4700::6810:4fa5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/915a8e9b-430c-47ad-9809-4249fbeacffe/user.js?cb=637057863240491833
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/915a8e9b-430c-47ad-9809-4249fbeacffe/lightbox.js?mb=1571949483459&lv=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b4a1aeff7d72e054715d785f1a02111052d78b2655980f6bb16ed664fc667d3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: PQmOxyqjBFcbFxeia//0Ow==
age: 239794
cf-polished: origSize=1040951
status: 200
last-modified: Tue, 24 Sep 2019 02:00:36 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 63321d11-901e-0127-0e7c-7d89dd000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 52aec0912a73cbb4-VIE
expires: Fri, 23 Oct 2020 20:38:03 GMT

GET
H2 200 getList Show response
lifehacker.com/api/core/corepost/ 31 KB
7 KB 7ms
6ms Fetch
application/json 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://lifehacker.com/api/core/corepost/getList?id=1838884988&id=1839135653&id=1838674334&id=1838707812&id=1835818361

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/ads-outstreamNativeView.81366877f91bcac8a46c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

73fe9fc12ec532768c56a0671b5ca48113e9f57270e13cdcd79b6400f8d2a2eb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 18
x-cache: HIT, HIT
status: 200
x-kinja: kinja-core-kube02-8544f8d944-4vq8x #54
x-cdn-fetch: mantle-default
content-length: 6621
x-xss-protection: 1; mode=block
x-served-by: cache-jfk8147-JFK, cache-fra19179-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1571949484.703801,VS0,VE1
x-frame-options: DENY
date: Thu, 24 Oct 2019 20:38:03 GMT
vary: Accept-Encoding,Origin, Authorization, Cookie
content-type: application/json
via: 1.1 varnish, 1.1 varnish
x-feature-hash: eu_disabled=on
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 1, 1

GET
H2 200 replyCount Show response
lifehacker.com/api/comments/views/ 126 B
255 B 7ms
7ms Fetch
application/json 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://lifehacker.com/api/comments/views/replyCount?ids=1838884988&ids=1839135653&ids=1838674334&ids=1838707812&ids=1835818361

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/ads-outstreamNativeView.81366877f91bcac8a46c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

5fa411f605affaf724de036aed6104452c09b90ab57c7f8bfe64c6b45c5079e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 18
x-cache: HIT, HIT
status: 200
x-kinja: kinja-comments-kube02-7c4f677c56-m2t6z #10
x-cdn-fetch: mantle-origin-cache
content-length: 123
x-xss-protection: 1; mode=block
x-served-by: cache-jfk8145-JFK, cache-fra19179-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1571949484.704482,VS0,VE1
x-frame-options: DENY
date: Thu, 24 Oct 2019 20:38:03 GMT
vary: Accept-Encoding,Origin, Authorization, Cookie
content-type: application/json
via: 1.1 varnish, 1.1 varnish
x-feature-hash: eu_disabled=on
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 1, 1

GET
H2 200 users Show response
lifehacker.com/api/profile/ 936 B
787 B 6ms
6ms Fetch
application/json 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://lifehacker.com/api/profile/users?ids=5876237249237917050&ids=5876237249238443368&ids=1530607028

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/ads-outstreamNativeView.81366877f91bcac8a46c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

488e95cb73e12982d785a786b04b761d7a9ff6f786dd9bf9a54115342e302c7f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 13
x-cache: HIT, HIT
status: 200
x-kinja: kinja-profile-kube02-5c859b4d65-748h6 #11
x-cdn-fetch: mantle-origin-cache
content-length: 404
x-xss-protection: 1; mode=block
x-served-by: cache-jfk8142-JFK, cache-fra19179-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1571949484.715234,VS0,VE1
x-frame-options: DENY
date: Thu, 24 Oct 2019 20:38:03 GMT
vary: Accept-Encoding,Origin, Authorization, Cookie
content-type: application/json
via: 1.1 varnish, 1.1 varnish
x-feature-hash: eu_disabled=on
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 1, 1

GET
H2 200 discussion-3337ad486d62e968f730073839bde7b0.css
x.kinja-static.com/assets/stylesheets/ Frame 2AF2 551 KB
81 KB 7ms
6ms Stylesheet
text/css 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/stylesheets/discussion-3337ad486d62e968f730073839bde7b0.css

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c47e9716e066bfb5e6115ae665fd38d969bca4bc293af51adc473550c22614b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
x-cache: HIT
status: 200
content-length: 82240
x-amz-id-2: GrZwq22H1Gx49OckNJ0lcb8HnSaISNorExyH5VLbXCiVfzN0TNdlTa9aNCHcAgTZFw2NLEyoR74=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 01:35:14 GMT
server: AmazonS3
x-timer: S1571949484.736351,VS0,VE1
etag: "3337ad486d62e968f730073839bde7b0"
vary: Accept-Encoding
x-amz-request-id: 99BF061047B7673F
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 1

GET
H2 200 recent-video.7da004b603cc29bc4a8b.js Show response
x.kinja-static.com/assets/new-client/ 43 KB
9 KB 8ms
8ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/recent-video.7da004b603cc29bc4a8b.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~permalinkPage.340ea00a61fa23aa5d63.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

39a2c07f9d172ce312dfd4d8601435fd72e1fcd494acebfb6ec1b36182923d9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87
x-cache: HIT
status: 200
content-length: 8560
x-amz-id-2: lz3VobgGVYH5ZFBAIwFcpXOvZTerdIAlwp5uz9vvaLKM71EF3yc1P0TRjuLN4R2xm3Zw+fz/wjE=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Fri, 18 Oct 2019 21:18:27 GMT
server: AmazonS3
x-timer: S1571949484.738474,VS0,VE0
etag: "b90cb33a7fc446b5c98c4d294297d17e"
vary: Accept-Encoding
x-amz-request-id: 4F9C50F6CB18A1D0
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 accountwithtoken Show response
kinja.com/api/profile/ Frame 2AF2 197 B
762 B 115ms
114ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja.com/api/profile/accountwithtoken?jsonp=_fasttoken&newFollows=true

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

520a9d9bbb5fd21c28c1913602f7554055b92a67d19a89495012c1aa2c931dba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cache: MISS, MISS
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
status: 200
x-cdn-fetch: mantle-setcookie
content-length: 197
x-xss-protection: 1; mode=block
x-served-by: cache-jfk8136-JFK, cache-fra19179-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1571949484.739680,VS0,VE95
x-frame-options: DENY
date: Thu, 24 Oct 2019 20:38:03 GMT
vary: Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, no-store, private
x-feature-hash: eu_disabled=on
accept-ranges: bytes, bytes
x-cache-hits: 0, 0

GET
H2 200 trackers.39039e51ad8322dd396f.en-US.js Show response
x.kinja-static.com/assets/packaged-js/ Frame 2AF2 26 KB
9 KB 8ms
8ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/packaged-js/trackers.39039e51ad8322dd396f.en-US.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

75cc924f48ff830c2435491fe6c696f6a4c63df4616e369165c0b50da967afc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
x-cache: HIT
status: 200
content-length: 9265
x-amz-id-2: 6VYkYnwQAHd+SlgyU3rLy1Y9qp91AkEmQ4LlJYiYLR7VW0/C+aKbmllXhQOE7erBT9B0nkjMoYU=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 17 Oct 2019 20:45:21 GMT
server: AmazonS3
x-timer: S1571949484.739929,VS0,VE0
etag: "b792b0a8bdc3303fa03cb0159c54e603"
vary: Accept-Encoding
x-amz-request-id: B4EE7B4829FA31CD
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 scroll.js Show response
static.scroll.com/js/ Frame 2AF2 32 KB
11 KB 6ms
6ms Script
application/javascript 151.101.114.217
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scroll.com/js/scroll.js
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7761cb0b5bc6c17c2c583966e964398507ac882a020c4fe858cfb0c28bafbd1f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: gzip
age: 611
x-guploader-uploadid: AEnB2UrkjmySoP1CSuZONPY3Nxglsb5CoJC7Lb5_ins6wobofCsOh-9aolvA3zcc_31RmX4rksjnaOw3SWvUcluQt7I_S7etNjl-kR5ibLwc1BDdQK4uSu4
x-cache: HIT
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 11455
x-served-by: cache-hhn4054-HHN
last-modified: Wed, 23 Oct 2019 23:27:43 GMT
server: UploadServer
x-timer: S1571949484.741815,VS0,VE0
etag: "4b72fcb823a3e8eb83e031d77c903e9f"
vary: Accept-Encoding
x-goog-hash: crc32c=/hbBRw==, md5=S3L8uCOj6OuD4DHXfJA+nw==
x-goog-generation: 1571873263220663
via: 1.1 varnish
expires: Thu, 24 Oct 2019 00:27:45 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 11455
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 80

GET
H2 200 OnionAM.ebdeabe8b18490546535.en-US.js Show response
x.kinja-static.com/assets/packaged-js/ Frame 2AF2 439 KB
95 KB 7ms
7ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/packaged-js/OnionAM.ebdeabe8b18490546535.en-US.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b8bf579633d4c5bffe3bffca9b260ee8101a98914054f6e56c8b454fc91c5c99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
x-cache: HIT
status: 200
content-length: 97365
x-amz-id-2: LUkbY+Rlifx4AliB/QJaWujzp+YN7NmdbP897NLPZJ3sFPr4EbA2G1fhWqZd+9QNUfjTw/72wA8=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 15:55:26 GMT
server: AmazonS3
x-timer: S1571949484.743723,VS0,VE1
etag: "9b6f6e2c07ed834134465debb0aa14ea"
vary: Accept-Encoding
x-amz-request-id: 294D880C05944827
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 detectElementResize.js Show response
x.kinja-static.com/assets/javascripts/lib/ Frame 2AF2 3 KB
2 KB 8ms
8ms Script
application/x-javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/javascripts/lib/detectElementResize.js?v=3

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f0d3c5604e7d31126006921c7b4ba51bf013073f77857420b884c83ccd36a06a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60
x-cache: HIT
status: 200
content-length: 1397
x-amz-id-2: jbPdCgtnLnemiorp99wuLDMBsbeNmvYiWFC09ox+/HXe9ziXxhZdnhwStX6KpnvaIcMHqeJJ2A4=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Fri, 20 Jan 2017 16:22:05 GMT
server: AmazonS3
x-timer: S1571949484.739830,VS0,VE0
etag: "ab3740acd8a3b539fe03e07bdcfabda3"
vary: Accept-Encoding
x-amz-request-id: 57E3BC37CDA75387
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/x-javascript
x-cache-hits: 1

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ Frame 2AF2 366 KB
116 KB 22ms
22ms Script
application/javascript 2606:4700::6810:4b33
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tinypass.com/api/tinypass.min.js
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4b33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46e39eae2a2d0baacdb5e6ff588d14c31219dc8b00a1a113872cf3633c24ea72

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 206
p3p: CP="NON DSP COR OUR IND"
status: 200
wn: prod-dash-10-0-2-198
last-modified: Thu, 24 Oct 2019 01:55:22 GMT
server: cloudflare
etag: W/"374409-1571882122000-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 52aec0917f19cb98-VIE
expires: Thu, 24 Oct 2019 20:43:03 GMT

GET
H2 200 advertising.js Show response
www.npttech.com/ Frame 2AF2 7 KB
2 KB 12ms
12ms Script
application/javascript 2606:4700:e2::ac40:8e05
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8e05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 6161
status: 200
x-amz-request-id: 2F019AAC25A8CEA8
x-amz-id-2: nY3Hx29aKBdeKNA1fZ/bXvJAoY/pUOgFH0xoBhlQkCZrOqDQphq3HBpLw8YYRqJ8QX9Z875bJWM=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=28800
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray: 52aec0916bdb9814-FRA
expires: Fri, 25 Oct 2019 04:38:03 GMT

GET
H2 200 vendor.3c1438086e8a019d3cd4.en-US.js Show response
x.kinja-static.com/assets/packaged-js/ Frame 2AF2 676 KB
204 KB 7ms
7ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/packaged-js/vendor.3c1438086e8a019d3cd4.en-US.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

127f5d59ff49560e99f6ed4818a1759a42ae84a0f3638c4d3e55781e191d796b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111
x-cache: HIT
status: 200
content-length: 208278
x-amz-id-2: B5EbaFcPEWj/GvipsLLD5E8gKIyNrFucxV1zYPQignJHIUWAiQ08i0MRmaNCDLV1oNbZfaWJgTk=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Tue, 15 Oct 2019 10:11:27 GMT
server: AmazonS3
x-timer: S1571949484.749999,VS0,VE1
etag: "f5db31d1a7bf04f1bf08118b85f5187a"
vary: Accept-Encoding
x-amz-request-id: 7205C957AAC1A1A7
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 Discussion.1418652629c2f51d1bb5.en-US.js Show response
x.kinja-static.com/assets/packaged-js/ Frame 2AF2 2 MB
441 KB 16ms
16ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/packaged-js/Discussion.1418652629c2f51d1bb5.en-US.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6a76dac73180ca52d1a0cc9010ed6a21ee403015e3f7a7c81fa5b86613cde148

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3
x-cache: HIT
status: 200
content-length: 451049
x-amz-id-2: ntM4GbyVSwmJIzZqUk+fBEO2dkJLGpfnynkebIEOMoBQYWM146Vbk8iFlcHnmbsHa2ljhFa1fAg=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Thu, 24 Oct 2019 19:36:39 GMT
server: AmazonS3
x-timer: S1571949484.750036,VS0,VE2
etag: "3e7e08278b1a667ef61eafe7e6476ac4"
vary: Accept-Encoding
x-amz-request-id: 838153B4945F51C9
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 19ms
18ms Stylesheet
text/css 2606:4700::6810:4fa5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637048872363467176
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/915a8e9b-430c-47ad-9809-4249fbeacffe/user.js?cb=637057863240491833
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 239697
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
status: 200
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: 10559369-201e-0057-017b-72bc4c000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 52aec0919b79cbb4-VIE
expires: Fri, 23 Oct 2020 20:38:03 GMT

GET
H2 200 ls.html
www.lightboxcdn.com/lclst/915a8e9b-430c-47ad-9809-4249fbeacffe/ Frame B759 0
0 23ms
23ms Document
text/html 2606:4700::6810:4fa5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/lclst/915a8e9b-430c-47ad-9809-4249fbeacffe/ls.html?purl=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&vid=915a8e9b-430c-47ad-9809-4249fbeacffe&se=0&prev=0&cb=637048872363467176
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/915a8e9b-430c-47ad-9809-4249fbeacffe/user.js?cb=637057863240491833
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: www.lightboxcdn.com
:scheme: https
:path: /lclst/915a8e9b-430c-47ad-9809-4249fbeacffe/ls.html?purl=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&vid=915a8e9b-430c-47ad-9809-4249fbeacffe&se=0&prev=0&cb=637048872363467176
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
accept-encoding: gzip, deflate, br
cookie: __cfduid=de83a31c9ba36fb9c9cc9951ea6b501b21571949483
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Response headers

status: 200
date: Thu, 24 Oct 2019 20:38:03 GMT
content-type: text/html
content-md5: xa1/rdPe0J6SwxlD7atkzw==
last-modified: Tue, 24 Sep 2019 02:00:36 GMT
x-ms-request-id: 70518570-601e-00be-279f-8a404a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
cf-cache-status: HIT
age: 4795
expires: Fri, 23 Oct 2020 20:38:03 GMT
cache-control: public, max-age=31536000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 52aec0919b81cbb4-VIE
content-encoding: br

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
256 B 20ms
19ms Image
image/gif 2606:4700::6810:4fa5
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1571949483764&h=lifehacker.com&e=p&u=42120
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 24 Oct 2019 20:38:03 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1777008
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
status: 200
content-length: 35
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 48b7eafb-401e-010c-457d-f6fd65000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 52aec0919b7ecbb4-VIE
cf-bgj: imgq:85

GET
H2 200 jrGzgpY6.js Show response
cdn.jwplayer.com/libraries/ 112 KB
36 KB 79ms
8ms Script
text/javascript 2600:9000:2156:8600:1:a3fa:7cc0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/libraries/jrGzgpY6.js
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/ads-outstreamNativeView~specialSection.b93f2d62e8cd944be9f0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:8600:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: d3dd61d541eefdb864727e2c9c2f785693f6ee88cd4c8661d251d5bd552266bd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:35:43 GMT
content-encoding: gzip
server: openresty
age: 133
status: 200
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=150, max-stale=180
x-amz-cf-pop: FRA50-C1
content-length: 36864
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
x-amz-cf-id: h6eysamhoorlFMZbAPf271jFd-o1x5BZQvect6NTkYKV7Y_1OHopgg==
expires: Thu, 24 Oct 2019 20:38:13 GMT

GET
H2 200 proxima_nova_cond_reg-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ Frame 2AF2 27 KB
28 KB 6ms
5ms Font
binary/octet-stream 151.101.194.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_reg-webfont.woff2?08252015

Requested by

Host: www.npttech.com
URL: https://www.npttech.com/advertising.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8fe5f0c4bdaf3e031a6172679193e88d3a24c7deb6e3c7e2b2a477061cc1ad81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://x.kinja-static.com/assets/stylesheets/discussion-3337ad486d62e968f730073839bde7b0.css
Origin: https://lifehacker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 86
x-cache: HIT
status: 200
content-length: 28044
x-amz-id-2: 0/jt0a36z/Q9bNT0kmROSWbwE4n2JwkGWGVdZaFbyjjXzfclkqsmcSz1GPDkuUdHSpaOdix18gg=
x-served-by: cache-hhn4073-HHN
last-modified: Thu, 17 Oct 2019 20:45:14 GMT
server: AmazonS3
x-timer: S1571949484.859671,VS0,VE0
etag: "94cbaf403b2922fd6858c812dae091fb"
x-amz-request-id: 012DDF7330DE3343
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: binary/octet-stream
x-cache-hits: 5

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 77 B
284 B 9ms
9ms XHR
application/json 2.18.235.93
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/ads.d55c919fead71a11fb7b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6d0ba9e282072d88ac422e82e6c6afe94b7db8aee29ad5cf90f02cffe2c69279

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
server: nginx
status: 200
content-type: application/json;charset=ISO-8859-1
access-control-allow-origin: https://lifehacker.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 77
expires: Thu, 24 Oct 2019 20:38:03 GMT

GET
H2 200 arj Show response
fusion-media-group-d.openx.net/w/1.0/ 172 B
356 B 22ms
21ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://fusion-media-group-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=81587f9b-40b4-45f3-af46-e375b4a2e9c0&nocache=1571949483865&aus=300x250%2C300x600&divIds=dfp-ad-4&auid=540843236&
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/ads.d55c919fead71a11fb7b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.164.0 /
Resource Hash: 31671c2381b66e762fac39945bf1fb1afcc84c2dd3a4116d92f2fe6b51bc701e

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
via: 1.1 google
server: OXGW/16.164.0
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://lifehacker.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 172
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=473d5e072eb40dd;misc=1571949483865; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/3946171/0/0/ 47 B
80 B 102ms
101ms XHR
application/json 152.199.21.89
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/3946171/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=473d5e072eb40dd;misc=1571949483865;
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/ads.d55c919fead71a11fb7b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: c200137400cd0066c50ba6bd44806623540d1c28b2c48a698c5f57aa6c7026af

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://lifehacker.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 47
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=4882083f59d9842;misc=1571949483865; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762258/0/0/ 48 B
81 B 103ms
102ms XHR
application/json 152.199.21.89
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10434.1/4762258/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=4882083f59d9842;misc=1571949483865;
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/ads.d55c919fead71a11fb7b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 71efae339209dd10bd67324eaf8ed7425f17de4dc5bc6e04f54449722f490a6f

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:03 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://lifehacker.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
897 B 130ms
129ms XHR
application/json 2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=187440&v=7.2&r=%7B%22id%22%3A%2240edbbda0958a19%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2241038d899dbc884%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22187440%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%2242a5dae297d98c3%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22187441%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/ads.d55c919fead71a11fb7b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 09a4559862f62f7b58dacf2e7befa1e3f644a412adc920226b0840c5fa674d87

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 24 Oct 2019 20:38:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://lifehacker.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Thu, 24 Oct 2019 20:38:03 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
144 B 13ms
13ms XHR
text/plain 178.250.2.152
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=20&wv=2.33.0-pre&cb=32058500371
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/ads.d55c919fead71a11fb7b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 24 Oct 2019 20:38:03 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://lifehacker.com
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 23ms
23ms XHR
application/json 69.173.144.142
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=243704&zone_id=1361360&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&dt.id=enPK7O8QfyBcN%2Bg9PW8VM4VjsL5EDdlpl63MF6nCH7JoBPTqwSmojL4KwTGSjUEGU9W3fDJsl3Umh9K7X2iWCPCrBiqV37F28pY7QdXD0R9mboKtKLw%2FXEXRVW%2BJ37WThGhMkZeRNhTFM9NG3OA26KY6KLjyAgxdac8bc9TpFM4dFcG4TIbpap23vBpREswI9QN6oVupBeCZJKEpgYUoQatZelSBESWLnCJkCJ8DT931yWU2sca22Rgn1VmD6VIA%2Fgmyvta207nkY2K2P8FgR6OewrkRrWr3RQKCW%2BLB8bY4d%2BDDmdH5saHmtS6D6nkgOU0vB%2BMAMGKPsgLd6LDAMQ%3D%3D&dt.keyv=4&dt.pref=0&tk_flint=pbjs_lite_v2.33.0-pre&x_source.tid=81587f9b-40b4-45f3-af46-e375b4a2e9c0&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.34582418604693665
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/ads.d55c919fead71a11fb7b.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 758a4bc989980f3c95fa1c33a55bd82dbec492c39bf6e185ab3db6b05ff5337f

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 24 Oct 2019 20:38:03 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://lifehacker.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=474
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 283 B
184 B 104ms
104ms XHR
text/plain 216.58.207.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3404303529965416&correlator=979456145971453&output=ldjh&impl=fif&adsid=NT&eid=21063635%2C21064387&vrg=2019101701&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191024&iu=%2F4246%2Fgm.lifehacker%2Farticle&sz=300x250&scp=article_position%3D1%26pos%3Dleft_top%26postId%3D1839331632%26page%3Darticle%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3D1%26amznbid%3D2%26amznp%3D2%26id%3D2d2c1501-f69e-11e9-9b9a-002590882940%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50&eri=1&cust_params=tags%3Dapp%2520store%252Cmalware%252Cmalware%2520removal%26category%3D%26blogName%3Dlifehacker%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow&cookie=ID%3D3657fa4d572454a2%3AT%3D1571949483%3AS%3DALNI_MZb3AaD5Ukg5RDK-hT1-E2ORMHGYQ&cookie_enabled=1&bc=31&abxe=1&lmt=1571949483&dt=1571949483872&dlt=1571949482533&idt=805&frm=20&biw=1585&bih=1200&oid=3&adx=143&ady=159&adk=534089015&uci=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&dssz=89&icsg=4486007441326080&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=410x250&msz=410x250&ga_vid=1646358791.1571949483&ga_sid=1571949483&ga_hid=530738705&fws=4&ohw=1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

c488b2866812cd633c5217f35441899242a772a49cb56cb06314caa585c76dbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 107
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lifehacker.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 elizabethserif-light-webfont.woff2
f.kinja-static.com/assets/fonts/elizabeth-serif/ Frame 2AF2 30 KB
30 KB 6ms
5ms Font
binary/octet-stream 151.101.194.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/elizabeth-serif/elizabethserif-light-webfont.woff2?09162015

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

99486805226925c8956af4060209f84d8069fae36333d280a88afa276aecdd97

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://x.kinja-static.com/assets/stylesheets/discussion-3337ad486d62e968f730073839bde7b0.css
Origin: https://lifehacker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 17
x-cache: HIT
status: 200
content-length: 31076
x-amz-id-2: b/QRPl+KgNak597VxOx3jzljOjkyAoO5zfE+9ZzPRyMUf9wXnqqgU1oheWbR0AgfdGJJg558o64=
x-served-by: cache-hhn4073-HHN
last-modified: Tue, 24 Sep 2019 22:04:52 GMT
server: AmazonS3
x-timer: S1571949484.891321,VS0,VE0
etag: "acb4f13c9cdae79df0e584c0a18e6ab3"
x-amz-request-id: 8C06AB3793E1B64C
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: binary/octet-stream
x-cache-hits: 2

GET
H2 200 proxima_nova_cond_sbold-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ Frame 2AF2 27 KB
28 KB 7ms
7ms Font
binary/octet-stream 151.101.194.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_sbold-webfont.woff2?08252015

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

63125723c148b0c5391dea8c827d96958a6706a542f8b45822904aaefe10c4ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://x.kinja-static.com/assets/stylesheets/discussion-3337ad486d62e968f730073839bde7b0.css
Origin: https://lifehacker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:03 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 93
x-cache: HIT
status: 200
content-length: 28136
x-amz-id-2: Byc/VdZOjO5k3wHw+pDlCKR/lVdaDFOoNxLjXYyNMOJxRiTr4bGSpmP+Zif36/8XYhnK6olO5V4=
x-served-by: cache-hhn4073-HHN
last-modified: Wed, 25 Sep 2019 15:25:01 GMT
server: AmazonS3
x-timer: S1571949484.891444,VS0,VE0
etag: "7ac1e4b7ab03f256e831e00e3b5618a6"
x-amz-request-id: F2476240E460D38A
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: binary/octet-stream
x-cache-hits: 5

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 283 B
181 B 212ms
212ms XHR
text/plain 216.58.207.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3404303529965416&correlator=1770049689727350&output=ldjh&impl=fif&adsid=NT&eid=21063635%2C21064387&vrg=2019101701&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191024&iu=%2F4246%2Fgm.lifehacker%2Farticle&sz=970x250%7C970x251%7C970x90%7C728x90&scp=article_position%3D1%26pos%3Dtop%26postId%3D1839331632%26page%3Darticle%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3D1%26amznbid%3D2%26amznp%3D2%26id%3D2d2c1500-f69e-11e9-9b9a-002590882940%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50&eri=1&cust_params=tags%3Dapp%2520store%252Cmalware%252Cmalware%2520removal%26category%3D%26blogName%3Dlifehacker%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow&cookie=ID%3D3657fa4d572454a2%3AT%3D1571949483%3AS%3DALNI_MZb3AaD5Ukg5RDK-hT1-E2ORMHGYQ&cookie_enabled=1&bc=31&abxe=1&lmt=1571949483&dt=1571949483927&dlt=1571949482533&idt=805&frm=20&biw=1585&bih=1200&oid=3&adx=308&ady=159&adk=829893288&uci=6&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&dssz=89&icsg=4486007441326080&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x250&msz=1585x250&ga_vid=1646358791.1571949483&ga_sid=1571949483&ga_hid=530738705&fws=4&ohw=1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

954b00ed06997f9c291846209e59a6e07ac1234400c39b7270c5bd2f45729fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 107
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lifehacker.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2e3daf69-37fc-4f06-a647-294eb68bb91d.css
cdn.taboola.com/static/2e/ 652 B
657 B 6ms
5ms Stylesheet
text/css 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/static/2e/2e3daf69-37fc-4f06-a647-294eb68bb91d.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedianetwork/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e2aea6c477e64819d01d9fb012341c1455afbf0d4d1dcf4fb673c8edc8e205f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: nbboy6ttUdYKImA5HDlqrAxN_rJtiR4q
content-encoding: gzip
etag: "5b5df2bd324d67bce9d5bc42bd6b1211"
age: 16532
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 316
x-amz-id-2: RnkiaY9D7KFoy6N3AkJAFlqZ3nN4ZbzhFVt2EM6ahi3CfNyrV8FMweonevVuQBCniex/FjZWRrU=
x-served-by: cache-hhn4081-HHN
last-modified: Tue, 28 May 2019 19:30:34 GMT
server: AmazonS3
x-timer: S1571949484.951398,VS0,VE0
date: Thu, 24 Oct 2019 20:38:03 GMT
vary: Accept-Encoding
x-amz-request-id: 00FE5B866E97129B
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: text/css
abp: 15
x-cache-hits: 170

GET
H2 200 30162ac7-43c0-425a-acbd-cb2c76076280.css
cdn.taboola.com/static/30/ 661 B
565 B 6ms
6ms Stylesheet
text/css 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/static/30/30162ac7-43c0-425a-acbd-cb2c76076280.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedianetwork/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 201060ebf8f83654bfe93cbc4d1256452f4b9888b24c37c03f39428aa1395bcf

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: U55SRxV2sS3UDOoccg7mS7Lsn1uGIBlv
content-encoding: gzip
etag: "bd94c76245dc5e6e316109c009621074"
age: 16532
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 324
x-amz-id-2: GdIvoSRgNlZRoE+dIBuVwQJo4DSUxeWpgtNspKwpAzenH80/Vlrke5zxINPswAX2yGztLWQ8H+s=
x-served-by: cache-hhn4081-HHN
last-modified: Thu, 23 May 2019 18:23:27 GMT
server: AmazonS3
x-timer: S1571949484.951431,VS0,VE0
date: Thu, 24 Oct 2019 20:38:03 GMT
vary: Accept-Encoding
x-amz-request-id: 22FBB8B0C356D235
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: text/css
abp: 15
x-cache-hits: 170

GET
H2 200 userx.20191022-13-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 22 KB
8 KB 6ms
6ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20191022-13-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedianetwork/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa419a6433307dc90dec6b7907ce9affac386bbb904f234317a15c1b4227abdd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: PhG7Gje2LkM9wUVk7AGbUTnZHKBRXwlR
content-encoding: gzip
etag: "41f2fe3c8b53f6cb18410b7315441795"
age: 8
x-cache: HIT
status: 200
x-amz-replication-status: PENDING
content-length: 7712
x-amz-id-2: rXEaxNXAPFdp+wX4ECT2IJ1PS+6+PCjpXcHublmauxBPttqtn1lIVxKNJ/P69epUfKLFTsk077g=
x-served-by: cache-hhn4081-HHN
last-modified: Thu, 24 Oct 2019 11:23:49 GMT
server: AmazonS3
x-timer: S1571949484.962470,VS0,VE0
date: Thu, 24 Oct 2019 20:38:03 GMT
vary: Accept-Encoding
x-amz-request-id: 1BEDED4673BE7080
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 15
x-cache-hits: 8

GET
H2

204

rtb-h
trc.taboola.com/sg/mediaforcebidder-network/1/ Frame E3DF
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=87656714-813f-4c6a-911e-1ed70c42e5a4

0
49 B

14ms
13ms

Image
text/plain

151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=87656714-813f-4c6a-911e-1ed70c42e5a4
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish
server: nginx
x-timer: S1571949484.211879,VS0,VE8
x-cache: MISS
status: 204
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn4081-HHN

Redirect headers

Location: //trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=87656714-813f-4c6a-911e-1ed70c42e5a4
Date: Thu, 24 Oct 2019 20:38:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

400

/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame E3DF
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=16698
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=

0
0

13ms
13ms

Image
text/html

151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H2

200

/
trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame E3DF
Redirect Chain

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=8_XBKUrZ6pYHF5QHgFgUz-aeJZqiF0Qh_db07tegC5k%3D

45 B
94 B

14ms
14ms

Image
image/gif

151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=8_XBKUrZ6pYHF5QHgFgUz-aeJZqiF0Qh_db07tegC5k%3D
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish
server: nginx
x-timer: S1571949484.176731,VS0,VE9
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn4081-HHN

Redirect headers

Location: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=8_XBKUrZ6pYHF5QHgFgUz-aeJZqiF0Qh_db07tegC5k%3D
Date: Thu, 24 Oct 2019 20:38:03 GMT
Server: nginx
Connection: close
Etag: "8_XBKUrZ6pYHF5QHgFgUz-aeJZqiF0Qh_db07tegC5k="
Content-Length: 0

GET
H2

200

rtb-h
match.taboola.com/sg/mediamath-ssp-network/1/ Frame E3DF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]
https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&mm_bnc&mm_bct&UUID=95185db2-04b1-4a00-ae62-abc42bfae687
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=95185db2-04b1-4a00-ae62-abc42bfae687
https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=95185db2-04b1-4a00-ae62-abc42bfae687&tbid=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&query=taboola_hm%3D95185db2-04b1-4a0...

0
52 B

14ms
14ms

Image
text/plain

151.101.114.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=95185db2-04b1-4a00-ae62-abc42bfae687&tbid=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&query=taboola_hm%3D95185db2-04b1-4a00-ae62-abc42bfae687
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1571949484.262672,VS0,VE8
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4079-HHN

Redirect headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish
server: nginx
x-timer: S1571949484.212518,VS0,VE8
x-served-by: cache-hhn4081-HHN
status: 302
x-cache: MISS
location: https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=95185db2-04b1-4a00-ae62-abc42bfae687&tbid=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&query=taboola_hm%3D95185db2-04b1-4a00-ae62-abc42bfae687
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame E3DF 43 B
691 B 18ms
6ms Image
image/gif 37.252.172.249
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Oct 2019 20:38:05 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.244:80
AN-X-Request-Uuid: 6434891e-d630-4c54-b59d-947d32b4cbc2
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rtb-h
match.taboola.com/sg/google-network/1/ Frame E3DF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJyIrbO5yzCrFsEF6gorXVA&google_cver=1
https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEJyIrbO5yzCrFsEF6gorXVA&tbid=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&query=taboola_hm%3DCAESEJyIrbO5yzCrFsEF6gorXVA%26goo...

0
153 B

36ms
15ms

Image
text/plain

151.101.114.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEJyIrbO5yzCrFsEF6gorXVA&tbid=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&query=taboola_hm%3DCAESEJyIrbO5yzCrFsEF6gorXVA%26google_cver%3D1
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1571949484.232598,VS0,VE8
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4079-HHN

Redirect headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish
server: nginx
x-timer: S1571949484.167119,VS0,VE8
x-served-by: cache-hhn4081-HHN
status: 302
x-cache: MISS
location: https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEJyIrbO5yzCrFsEF6gorXVA&tbid=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&query=taboola_hm%3DCAESEJyIrbO5yzCrFsEF6gorXVA%26google_cver%3D1
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame E3DF 43 B
691 B 19ms
6ms Image
image/gif 37.252.172.249
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Oct 2019 20:38:05 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.167:80
AN-X-Request-Uuid: ee1f2ab4-0cee-4c15-89fb-a6cdf95ed919
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rtb-h
match.taboola.com/sg/thetradedesk-network/1/ Frame E3DF
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=cb18a76d-6814-4a44-a208-11239fb5b121
https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=cb18a76d-6814-4a44-a208-11239fb5b121&tbid=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&query=taboola_hm%3Dcb18a76d-6814-4a44...

0
53 B

16ms
16ms

Image
text/plain

151.101.114.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=cb18a76d-6814-4a44-a208-11239fb5b121&tbid=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&query=taboola_hm%3Dcb18a76d-6814-4a44-a208-11239fb5b121
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1571949484.279457,VS0,VE9
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4079-HHN

Redirect headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish
server: nginx
x-timer: S1571949484.224338,VS0,VE8
x-served-by: cache-hhn4081-HHN
status: 302
x-cache: MISS
location: https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=cb18a76d-6814-4a44-a208-11239fb5b121&tbid=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&query=taboola_hm%3Dcb18a76d-6814-4a44-a208-11239fb5b121
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

rtb-h
match.taboola.com/sg/storygize-network/1/ Frame E3DF
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=8b43e75c-bedf-4de8-9df2-65f7b6291c96
https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=8b43e75c-bedf-4de8-9df2-65f7b6291c96&tbid=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&query=taboola_hm%3D8b43e75c-bedf-4de8-9d...

0
53 B

14ms
13ms

Image
text/plain

151.101.114.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=8b43e75c-bedf-4de8-9df2-65f7b6291c96&tbid=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&query=taboola_hm%3D8b43e75c-bedf-4de8-9df2-65f7b6291c96
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1571949485.723655,VS0,VE8
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4079-HHN

Redirect headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish
server: nginx
x-timer: S1571949485.709614,VS0,VE8
x-served-by: cache-hhn4081-HHN
status: 302
x-cache: MISS
location: https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=8b43e75c-bedf-4de8-9df2-65f7b6291c96&tbid=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&query=taboola_hm%3D8b43e75c-bedf-4de8-9df2-65f7b6291c96
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame E3DF 35 B
380 B 415ms
106ms Image
image/gif 192.132.33.46
Bidtellect Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT - Bidtellect Inc., US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Thu, 24 Oct 2019 20:38:03 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 200
OK /
cds.taboola.com/ Frame E3DF 0
292 B 312ms
122ms Image
text/plain 130.211.13.252
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&_r=2087761
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 130.211.13.252 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 252.13.211.130.bc.googleusercontent.com
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:04 GMT
Via: 1.1 varnish
Server: nginx/1.16.1
X-Timer: S1571949484.217958,VS0,VE27
X-Served-By: cache-bwi5025-BWI
X-Cache: MISS
x-envoy-upstream-service-time: 0
Connection: close
Accept-Ranges: bytes
Content-Length: 0
X-Cache-Hits: 0

GET
H2

200

rtb-h
match.taboola.com/sg/bidswitch-network/1/ Frame E3DF
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola
https://x.bidswitch.net/ul_cb/sync?ssp=taboola
https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=3bd750fe-d4e6-41c5-af22-be24966a904a&ssp=taboola
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=dc801542-8dfe-4514-a1a4-912d2e0fd88f
https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=dc801542-8dfe-4514-a1a4-912d2e0fd88f&tbid=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&query=taboola_hm%3Ddc801542-8dfe-4514-a1...

0
53 B

62ms
61ms

Image
text/plain

151.101.114.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=dc801542-8dfe-4514-a1a4-912d2e0fd88f&tbid=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&query=taboola_hm%3Ddc801542-8dfe-4514-a1a4-912d2e0fd88f
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1571949485.544699,VS0,VE56
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4079-HHN

Redirect headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish
server: nginx
x-timer: S1571949485.529516,VS0,VE9
x-served-by: cache-hhn4081-HHN
status: 302
x-cache: MISS
location: https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=dc801542-8dfe-4514-a1a4-912d2e0fd88f&tbid=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&query=taboola_hm%3Ddc801542-8dfe-4514-a1a4-912d2e0fd88f
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H/1.1

200
Ok

adt
ats.otto.de/px/p/ Frame 28F8
Redirect Chain

https://ad1.adfarm1.adition.com/banner?sid=3913979&kid=3365486&bid=10526397&ts=[1]
https://ats.otto.de/px/p/adt?ait=6751471624754234578&kw=&bid=10526397&cuid=3913979&cpid=3365486&wid=79800&uid=&curl=https%3A%2F%2Fwww.otto.de%2Fextern%2F%3Fpage%3D%252Fwohnen%252F%253Fthema%253Dthm...

42 B
514 B

89ms
30ms

Image
image/gif

80.85.204.245
OTTO-NET IP-NETWORK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ats.otto.de/px/p/adt?ait=6751471624754234578&kw=&bid=10526397&cuid=3913979&cpid=3365486&wid=79800&uid=&curl=https%3A%2F%2Fwww.otto.de%2Fextern%2F%3Fpage%3D%252Fwohnen%252F%253Fthema%253Dthmn123nol_andas_morten_georgsen%26AffiliateID%3DLD445065%26campid%3DLD445065%26IWL%3D018
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.85.204.245 , Germany, ASN16378 (OTTO-NET IP-NETWORK, DE),
Reverse DNS: ats.otto.de
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
date: Thu, 24 Oct 2019 18:03:18 GMT
Via: 1.1 varnish-v4
Age: 0
mime-version: 1.0
content-type: image/gif
Cache-Control: private, no-cache, no-store, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex,nofollow
keep-alive: timeout=30, max=100
content-length: 42
Expires: Sat, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 24 Oct 2019 22:38:04 +0200
Server: ADITIONSERVER v1.0
ETag: 6751471624754234578
Transfer-Encoding: chunked
P3P: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://ats.otto.de/px/p/adt?ait=6751471624754234578&kw=&bid=10526397&cuid=3913979&cpid=3365486&wid=79800&uid=&curl=https%3A%2F%2Fwww.otto.de%2Fextern%2F%3Fpage%3D%252Fwohnen%252F%253Fthema%253Dthmn123nol_andas_morten_georgsen%26AffiliateID%3DLD445065%26campid%3DLD445065%26IWL%3D018
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/plain
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK visit.jpg
tps.doubleverify.com/ Frame 28F8 305 B
441 B 28ms
8ms Image
image/jpeg 213.254.244.19
DoubleVerify

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps.doubleverify.com/visit.jpg?ctx=3758893&cmp=250440&sid=59374&plc=2399250440593744&adsrv=8&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.254.244.19 , Ireland, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Oct 2019 20:38:03 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 10/23/2019 8:38:04 PM

GET
H/1.1 200
OK 2399-250440-59374-8
altfarm.mediaplex.com/ad/tr/ Frame 28F8 49 B
562 B 220ms
72ms Image
image/gif 64.158.223.157
Conversant

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://altfarm.mediaplex.com/ad/tr/2399-250440-59374-8?mpt=2019-10-24+20%3A38%3A03
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.158.223.157 Amsterdam, Netherlands, ASN25751 (VALUECLICK - Conversant, Inc., US),
Reverse DNS: 157.vip.crm-node2.ams5.cnvr.net
Software: nginx /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Oct 2019 20:38:04 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV"
Cache-Control: no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
Expires: 0

GET
H2 200 onejs Show response
z-na.amazon-adsystem.com/widgets/ Frame 2AF2 22 KB
8 KB 283ms
283ms Script
application/javascript 13.225.77.205
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=45b86f08-d576-450f-b812-4e928421e266
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/packaged-js/Discussion.1418652629c2f51d1bb5.en-US.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.77.205 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-77-205.fra2.r.cloudfront.net
Software: Server /
Resource Hash: d4c83e7060e86af1058cda62d8ebda25620a02cc5f18193132f5b07fb5bd4824

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: Public
date: Thu, 24 Oct 2019 20:38:04 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA2-C2
status: 200
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
charset: UTF-8
cache-control: public,max-age=300,s-maxage=300,no-transform
content-length: 7313
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
x-amz-cf-id: I059bzOaOIQhBoKOCbANiP23h89DRYGsrXLd38_7zyVlYVxkdmzOjg==
expires: Thu, 24 Oct 2019 20:43:04 GMT

GET
H2 204 social
trc.taboola.com/gomedia-lifehacker/log/3/ 0
218 B 14ms
14ms Image
image/gif 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/gomedia-lifehacker/log/3/social?route=AM:AM:V&lti=deflated&ri=72c8558de00f50c27e18225c2cb2e28a&sd=v2_3a9f406ccf5324f6c0d8e523934e4b42_f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b_1571949483_1571949483_CNawjgYQhq1JGIqt9vvfLSABKAEwODib4wlAgooQSJjEF1Cl7BBYAGAA&ui=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&pi=/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632&wi=-1991078883658719876&pt=text&vi=1571949483658&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Make%20Sure%20You%20Didn%27t%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%22%2C%22sec%22%3A%22lifehacker.com%22%2C%22aut%22%3A%5B%22Emily%20Price%22%5D%2C%22img%22%3A%22https%3A%2F%2Fi.kinja-img.com%2Fgawker-media%2Fimage%2Fupload%2Fc_fill%2Cf_auto%2Cfl_progressive%2Cg_center%2Ch_675%2Cpg_1%2Cq_80%2Cw_1200%2Fpui1anfh4zipyux2h6mr.jpg%22%2C%22v%22%3A15%2C%22ui%22%3A%22%22%2C%22ut%22%3A%22%22%2C%22pw%22%3A%22%22%7D%5D%7D&tim=22%3A38%3A04.130&id=1316&llvl=1&cv=20191022-13-RELEASE&
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish
server: nginx
x-timer: S1571949484.254831,VS0,VE9
x-served-by: cache-hhn4081-HHN
status: 204
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 available Show response
trc.taboola.com/gomedia-lifehacker/log/3/ 0
313 B 15ms
15ms XHR
image/gif 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/gomedia-lifehacker/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191022-13-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish
server: nginx
x-timer: S1571949484.150905,VS0,VE9
x-served-by: cache-hhn4081-HHN
status: 204
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://lifehacker.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 e8878a614d25ce55b3e92f8bbb331123.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
8 KB 25ms
8ms Image
image/jpeg 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e8878a614d25ce55b3e92f8bbb331123.jpg
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c574363b1a459fcb6ee6683aad14dc5e1d758ae274a4f9274c632314a22ca88f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 573007
edge-cache-tag: 597505261913411324982283586383929447868,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sun, 17 Nov 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e8878a614d25ce55b3e92f8bbb331123.jpg
content-length: 7785
x-served-by: cache-fra19167-FRA, cache-fra19150-FRA
last-modified: Thu, 17 Oct 2019 12:16:25 GMT
server: cloudinary
x-timer: S1571949484.289483,VS0,VE0
etag: "359c0c5fdd829b98923490e16bdecc63"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 8

GET
H2 200 1cae75cc04b16580e720013a35f87993.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 17ms
7ms Image
image/jpeg 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1cae75cc04b16580e720013a35f87993.jpg
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: e15ef749b09c4243a569577f526da452f94e9570c81a8ef2f61c731f4f3e6478

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 2296457
edge-cache-tag: 403595510459775254447344616260155769341,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sun, 29 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1cae75cc04b16580e720013a35f87993.jpg
content-length: 8380
x-served-by: cache-fra19122-FRA, cache-fra19150-FRA
last-modified: Thu, 29 Aug 2019 06:31:59 GMT
server: cloudinary
x-timer: S1571949484.289453,VS0,VE0
etag: "6ccc0654fd77e63777547946691f6927"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 6

GET
H2 200 8722909ad5dffc9844c819ee67cb1a50.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 8ms
6ms Image
image/jpeg 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8722909ad5dffc9844c819ee67cb1a50.jpg
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: df37c434f293290c1c54744e09455e0f515d7fb5be19e7b75c7fb60b0c2505a1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 3859050
edge-cache-tag: 377510817031902172448570505331572962251,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8722909ad5dffc9844c819ee67cb1a50.jpg
content-length: 11619
x-request-id: d398090972d37b3b
x-served-by: cache-fra19176-FRA, cache-fra19150-FRA
last-modified: Sat, 31 Aug 2019 02:19:24 GMT
server: cloudinary
x-timer: S1571949484.298823,VS0,VE0
etag: "19e91976ab682172096d97ca1b83a798"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 8

GET
H2 200 cb4e875bb1d2e915c95202b364799edb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
8 KB 12ms
11ms Image
image/jpeg 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cb4e875bb1d2e915c95202b364799edb.jpg
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 0ffe7c84dff4b11a5fc5d6c2843911f101bcc0f2c3e84df7c45394fe02b57d55

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 1527262
edge-cache-tag: 483494632291498733667052070264370579903,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Wed, 23 Oct 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cb4e875bb1d2e915c95202b364799edb.jpg
content-length: 8182
x-served-by: cache-fra19158-FRA, cache-fra19150-FRA
last-modified: Sun, 22 Sep 2019 04:36:49 GMT
server: cloudinary
x-timer: S1571949484.298739,VS0,VE1
etag: "af3736ea3674f123d471bb9caa8d36c9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 9c59c928099bf8ed80bbda0934b3036d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
11 KB 8ms
7ms Image
image/jpeg 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9c59c928099bf8ed80bbda0934b3036d.jpg
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ee1562c88d2eb7a64e6e3a31368e1c9cd54bb1eea160a4c16c6267e9999e556b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 60124
edge-cache-tag: 479976357791226356304736130931664362477,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sat, 26 Oct 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9c59c928099bf8ed80bbda0934b3036d.jpg
content-length: 11076
x-served-by: cache-fra19129-FRA, cache-fra19150-FRA
last-modified: Wed, 25 Sep 2019 08:08:14 GMT
server: cloudinary
x-timer: S1571949484.298721,VS0,VE0
etag: "e50f2596a1c8b612e3660d472dd62fa4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 8d84cabdcda6fb6836e2de38e5c15e15.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 7ms
6ms Image
image/jpeg 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d84cabdcda6fb6836e2de38e5c15e15.png
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9691ae778ce1a0ba0ec8e9b6f63f419411635276b6e5519f99b816246c5d7854

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 1224213
edge-cache-tag: 425163750804898566243530099068267704997,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sun, 10 Nov 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d84cabdcda6fb6836e2de38e5c15e15.png
content-length: 8670
x-served-by: cache-fra19167-FRA, cache-fra19150-FRA
last-modified: Thu, 10 Oct 2019 15:29:53 GMT
server: cloudinary
x-timer: S1571949484.298697,VS0,VE0
etag: "63c09afbd56c7cf27267f13a476d8c9f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 15

GET
H2 200 Discussions.4b918045badf5c08580c.en-US.js Show response
x.kinja-static.com/assets/packaged-js/ Frame 2AF2 111 KB
24 KB 6ms
6ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/packaged-js/Discussions.4b918045badf5c08580c.en-US.js

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

61cab6f4cf61fe2069ae904eec900f07bd88680af6fd021a2b773e4905e4908b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
x-cache: HIT
status: 200
content-length: 24551
x-amz-id-2: iOeC6mlEGpjfaXq/GxMYR7MrzjlXj2QX93dlJK055SjriBp8b24ADXHZWAGNYKUb8FCmKuDPPNE=
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
last-modified: Tue, 22 Oct 2019 09:07:19 GMT
server: AmazonS3
x-timer: S1571949484.158479,VS0,VE1
etag: "c9a677fbfb72a8d22f028115fe7f5d26"
vary: Accept-Encoding
x-amz-request-id: 5187B2DE9B1B6A9E
via: 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 283 B
181 B 198ms
198ms XHR
text/plain 216.58.207.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3404303529965416&correlator=432899157917385&output=ldjh&impl=fif&adsid=NT&eid=21063635%2C21064387&vrg=2019101701&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191024&iu=%2F4246%2Fgm.lifehacker%2Farticle&sz=300x250%7C300x600&scp=article_position%3D1%26pos%3Dleft%26postId%3D1839331632%26page%3Darticle%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3D1%26amznbid%3D2%26amznp%3D2%26id%3D2d2c1502-f69e-11e9-9b9a-002590882940%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50&eri=1&cust_params=tags%3Dapp%2520store%252Cmalware%252Cmalware%2520removal%26category%3D%26blogName%3Dlifehacker%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow&cookie=ID%3D3657fa4d572454a2%3AT%3D1571949483%3AS%3DALNI_MZb3AaD5Ukg5RDK-hT1-E2ORMHGYQ&cookie_enabled=1&bc=31&abxe=1&lmt=1571949484&dt=1571949484168&dlt=1571949482533&idt=805&frm=20&biw=1585&bih=1200&oid=3&adx=198&ady=1364&adk=2797502625&uci=7&ifi=7&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&dssz=89&icsg=4486007441326080&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x-1&msz=300x-1&ga_vid=1646358791.1571949483&ga_sid=1571949483&ga_hid=530738705&fws=516&ohw=1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

31b8f9eb57d49920b610d0242e3a782e752ce1d756aba53511fb01590dd63dfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 107
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lifehacker.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 impression
pixel.mtrcs.samba.tv/v2/tag/fmg/homepage/ 0
316 B 538ms
179ms Image
text/plain 52.33.92.11
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mtrcs.samba.tv/v2/tag/fmg/homepage/impression?sa_name=lifehacker.com&sa_referrer=&sa_fullurl=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&c=1571949483548&
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.33.92.11 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-33-92-11.us-west-2.compute.amazonaws.com
Software: gunicorn/19.9.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
server: gunicorn/19.9.0
status: 204
p3p: CP="This is not a P3P policy! See https://samba.tv/legal/privacy-policy/ for more info."
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

POST
H2 200 /
www.facebook.com/tr/ 0
105 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryARPjm0X55VWDAjoe

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 24 Oct 2019 20:38:04 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://lifehacker.com
access-control-allow-credentials: true
alt-svc: h3-23=":443"; ma=3600
content-length: 0

POST
H2 200 /
www.facebook.com/tr/ 0
30 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary77hiugm1WAKKpQ0T

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 24 Oct 2019 20:38:04 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://lifehacker.com
access-control-allow-credentials: true
alt-svc: h3-23=":443"; ma=3600
content-length: 0

GET
H2

200

/
p.skimresources.com/ Frame DCA3
Redirect Chain

https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=f7134e1c79bc2521fbbfb8f35f332b7a
https://p.skimresources.com/?provider_id=f7134e1c79bc2521fbbfb8f35f332b7a&skim_mapping=true

43 B
189 B

26ms
26ms

Image
image/gif

151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/?provider_id=f7134e1c79bc2521fbbfb8f35f332b7a&skim_mapping=true
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: UploadServer /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-goog-hash: crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
date: Thu, 24 Oct 2019 20:38:04 GMT
age: 1
x-guploader-uploadid: AEnB2Up50Suxti2qwGZSUvFkbyxlSl76_2Bl8WHIK5cZXov7upfHB6RJuHy9vVwT0nDxT9cskG9TgsvS1p8duOxBlYppy-J2VA
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Tue, 23 Oct 2018 13:19:28 GMT
server: UploadServer
etag: "f837aa60b6fe83458f790db60d529fc9"
x-hw: 1571949484.cds085.fr8.hn,1571949484.cds135.fr8.sc,1571949484.cds135.fr8.pr
x-goog-generation: 1540300768038458
cache-control: public, max-age=7200
x-goog-stored-content-length: 43
accept-ranges: bytes
content-type: image/gif

Redirect headers

Location: https://p.skimresources.com?provider_id=f7134e1c79bc2521fbbfb8f35f332b7a&skim_mapping=true
Date: Thu, 24 Oct 2019 20:38:04 GMT
Server: TornadoServer/2.4.1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 googima.js Show response
ssl.p.jwpcdn.com/player/plugins/googima/v/8.7.2/ 58 KB
58 KB 38ms
15ms Script
text/plain 2a04:4e42:1b::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/plugins/googima/v/8.7.2/googima.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/jrGzgpY6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: aa79cfcaad4eaefb645ec13f0f98a4aac875ded1f3876b43158f8bfdadf74351

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish
age: 593475
x-cache: HIT
status: 200
content-length: 59350
x-served-by: cache-hhn4020-HHN
last-modified: Wed, 16 Oct 2019 15:14:05 GMT
server: nginx/1.8.0
x-timer: S1571949484.319155,VS0,VE0
etag: "b56833ad5757fab330d7bb9d55f8b815"
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 45199

GET
H2 200 jwpsrv.js Show response
ssl.p.jwpcdn.com/player/v/8.11.5/ 56 KB
57 KB 28ms
5ms Script
application/javascript 2a04:4e42:1b::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.11.5/jwpsrv.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/jrGzgpY6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: 6983fe9f34fb02c15f5d48ff139686dc0c12ae3eb0ddee42d1020952e4a05d45

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish
age: 387
x-cache: HIT
status: 200
content-length: 57584
x-served-by: cache-hhn4020-HHN
last-modified: Wed, 23 Oct 2019 21:40:50 GMT
server: nginx/1.8.0
x-timer: S1571949484.319149,VS0,VE0
etag: "4a097772b234609618214c4c4df92174"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, immutable
accept-ranges: bytes
x-cache-hits: 900

GET
H2 200 jwplayer.core.controls.js Show response
ssl.p.jwpcdn.com/player/v/8.11.5/ 286 KB
287 KB 35ms
15ms Script
application/javascript 2a04:4e42:1b::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.11.5/jwplayer.core.controls.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/jrGzgpY6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: 7e7447ff596b2eb7ba071c48ed48cf661425fdcbb1db3f5561596877396386ac

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish
age: 602760
x-cache: HIT
status: 200
content-length: 293272
x-served-by: cache-hhn4020-HHN
last-modified: Wed, 16 Oct 2019 16:40:18 GMT
server: nginx/1.8.0
x-timer: S1571949484.319178,VS0,VE0
etag: "9464e2cb2f8ad0fc314bbd3c0684b833"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 60736

GET
H2 200 provider.hlsjs.js Show response
ssl.p.jwpcdn.com/player/v/8.11.5/ 309 KB
309 KB 34ms
20ms Script
application/javascript 2a04:4e42:1b::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.11.5/provider.hlsjs.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/jrGzgpY6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: 7f7c8226fe17302111f89e5780a95c3868793462023f4ba33ebba2f810aa8ea0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish
age: 602697
x-cache: HIT
status: 200
content-length: 315923
x-served-by: cache-hhn4020-HHN
last-modified: Wed, 16 Oct 2019 16:40:22 GMT
server: nginx/1.8.0
x-timer: S1571949484.319230,VS0,VE0
etag: "5defcf057088b7d9641001d66fd4cb25"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 44159

GET
H/1.1 200
OK /
aax-us-east.amazon-adsystem.com/x/px/QkhP6_aHpnlLVJDIvfw4zNUAAAFt_32XPgEAAAFKASSvRwY/ 43 B
245 B 93ms
92ms Image
image/gif 72.21.206.141
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-us-east.amazon-adsystem.com/x/px/QkhP6_aHpnlLVJDIvfw4zNUAAAFt_32XPgEAAAFKASSvRwY/?assoc_payload=%7B%22totalDocWidth%22%3A1585%2C%22totalDocHeight%22%3A3796%2C%22logType%22%3A%22onetag_pageload%22%2C%22pageTitle%22%3A%22Did%20You%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%3F%22%2C%22numLinks%22%3A0%2C%22numAutoTaggedLinks%22%3A0%2C%22autoTaggingEnabled%22%3Afalse%2C%22geoRedirectEnabled%22%3Atrue%2C%22disableTransitTracking%22%3Afalse%2C%22numLinksATF%22%3A0%2C%22numLinksBTF%22%3A0%2C%22shortLinksInLivePool%22%3A%22%22%2C%22shortLinksInPage%22%3A%22%22%2C%22shortLinksInLivePoolCount%22%3A0%2C%22shortLinksInPageCount%22%3A0%2C%22shortLinksMatchCount%22%3A0%2C%22assocPayloadId%22%3A%22QkhP6_aHpnlLVJDIvfw4zNUAAAFt_32XPgEAAAFKASSvRwY%22%2C%22linkCode%22%3A%22w49%22%2C%22trackingId%22%3A%22gawker02-20%22%2C%22refUrl%22%3A%22https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632%22%7D
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.141 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: 206-141.amazon.com
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Oct 2019 20:38:04 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43

GET
H/1.1 200 ir
ir-na.amazon-adsystem.com/e/ 42 B
159 B 625ms
92ms Image
image/gif 52.46.128.194
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ir-na.amazon-adsystem.com/e/ir?l=w49&t=gawker02-20&o=1&cb=1571949484214
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.128.194 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache
Connection: close
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 204
No Content cm_:onejs_load_evt@v=1144,onejs_exec_time@v=3,aax_load_time@v=637,aax_load_time_one_tag@v=637,wdgt_load_time@v=1789,wdgt_load_time_DE@v=1789,wdgt_load_time_one_tag@v=1789,wdgt_load_time_invoke@v=64...
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ 0
146 B 526ms
87ms Image
text/plain 52.94.233.131
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=1144,onejs_exec_time@v=3,aax_load_time@v=637,aax_load_time_one_tag@v=637,wdgt_load_time@v=1789,wdgt_load_time_DE@v=1789,wdgt_load_time_one_tag@v=1789,wdgt_load_time_invoke@v=644,wdgt_load_time_invoke_one_tag@v=643,wdgt_load_time_invoke_one_tag_DE@v=643?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=257c300c-f2b0-404c-9a3a-1b5c4d42a3b4&session=28605cd4-580e-4869-aa61-65f238fd0cfa
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 52.94.233.131 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:04 GMT
x-amzn-RequestId: 0025b7a7-8946-4e25-8e5b-12992f1c3ff8
Content-Type: text/plain

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
702 B 5ms
5ms Image
image/png 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 18575
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
x-served-by: cache-hhn4081-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1571949484.224788,VS0,VE0
date: Thu, 24 Oct 2019 20:38:04 GMT
x-amz-request-id: 29D722C296265892
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 15
x-cache-hits: 32673

GET
H2 200 1839331632 Show response
lifehacker.com/ajax/comments/views/replies/ Frame 2AF2 122 B
644 B 91ms
91ms XHR
application/json 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://lifehacker.com/ajax/comments/views/replies/1839331632?startIndex=0&maxReturned=5&maxChildren=4&approvedOnly=true&cache=true&experimental=true&sorting=top

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/packaged-js/vendor.3c1438086e8a019d3cd4.en-US.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

398e5202717359365a28bf8489ffb9f02516aad444fed8d68f61d4b226594107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54
x-kinja-build: 259
x-kinja-revision: 900f28194722c8af0f47626fa5348020c5a8d28e
x-cache: HIT, MISS
status: 200
x-kinja: kinja-mantle-kube03-6bc4f589f4-p5gvc #259
x-cdn-fetch: mantle-origin-cache
content-length: 119
x-xss-protection: 1; mode=block
x-served-by: cache-jfk8151-JFK, cache-fra19179-FRA
x-feature: eu_disabled=on
x-timer: S1571949484.239615,VS0,VE84
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, X-Feature-Hash, X-Exp-Id, X-Exp-Variant, Authorization, Cookie
content-type: application/json; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: stale-if-error=86400, stale-while-revalidate=300
x-feature-hash: eu_disabled=on
accept-ranges: bytes
x-kinja-server: kinja-mantle-kube03-6bc4f589f4-p5gvc
x-cache-hits: 1, 0

GET
H/1.1 200
OK z Show response
lightboxapi2.azurewebsites.net/z9l/42120/lifehacker.com/jsonp/ 219 B
509 B 730ms
273ms Script
application/javascript 23.99.128.52
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi2.azurewebsites.net/z9l/42120/lifehacker.com/jsonp/z?cb=1571949484272&callback=jQuery171004026329887693625_1571949483755&_=1571949484273
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/915a8e9b-430c-47ad-9809-4249fbeacffe/user.js?cb=637057863240491833
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.128.52 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-dm1-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 304d737d88a38ef560f430e91ad6e67ec2687fb214d39087eb3cbcb3703cd250

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:04 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Length: 296
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H2 200 z.gif Show response
api1.lightboxcdn.com/z9u/LIewXglgNlCGD0BWAdABgAQApiwMYQDsAXEAZwAsBudASWIFMp0dd0B5AZXQA10BGVAH0-AFkGIAlOgCCAB1lR6AdXoAjANIQiSAMwB2ZDoBsWdQAkAKsAAyAGnRQIAa3roA4vVxOQUgMLkAJxAAW3p4PRE0Qz0AJgBOZD4jOPQO... 183 B
578 B 61ms
32ms XHR
application/javascript 2606:4700::6810:50a5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api1.lightboxcdn.com/z9u/LIewXglgNlCGD0BWAdABgAQApiwMYQDsAXEAZwAsBudASWIFMp0dd0B5AZXQA10BGVAH0-AFkGIAlOgCCAB1lR6AdXoAjANIQiSAMwB2ZDoBsWdQAkAKsAAyAGnRQIAa3roA4vVxOQUgMLkAJxAAW3p4PRE0Qz0AJgBOZD4jOPQOWAAzWACIXQNjIA__XZX/z.gif
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/915a8e9b-430c-47ad-9809-4249fbeacffe/user.js?cb=637057863240491833
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dd787044f07fb551657e198707ea27bfddcf6cf53bd6e8bf5efd6322a5273cba

Request headers

Accept: */*
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
content-encoding: br
cf-cache-status: HIT
age: 76233
x-powered-by: ASP.NET
status: 200
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
cf-ray: 52aec094fd16cbc8-VIE
expires: Fri, 25 Oct 2019 20:38:04 GMT

GET
H2 200 accountwithtoken Show response
kinja.com/api/profile/ 212 B
729 B 112ms
112ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja.com/api/profile/accountwithtoken?jsonp=jsonp_1571949484275_13522

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

0ddb94829e53cec34c66e4bda8544de251149445ab4653ac8a89d981fbd05229

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 0, 0, 0, 0
x-cache: MISS, MISS
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
status: 200
x-cdn-fetch: mantle-setcookie
content-length: 212
x-xss-protection: 1; mode=block
x-served-by: cache-jfk8122-JFK, cache-fra19179-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1571949484.358760,VS0,VE93
x-frame-options: DENY
date: Thu, 24 Oct 2019 20:38:04 GMT
vary: Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, no-store, private
x-feature-hash: eu_disabled=on
accept-ranges: bytes, bytes, bytes, bytes
x-cache-hits: 0, 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 270 KB
92 KB 60ms
38ms Script
text/javascript 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/jrGzgpY6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1bd8284082454b09fee68083311c8c6b226c74b15b5302dd084eb3607e8c9642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 93935
x-xss-protection: 0
expires: Thu, 24 Oct 2019 20:38:04 GMT

GET
H2 200 AD1z1CobEeO+uCIACusDuQ.json Show response
entitlements.jwplayer.com/ 50 B
230 B 26ms
6ms XHR
application/json 2606:2800:133:9a:24ed:9b6:1020:2655
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://entitlements.jwplayer.com/AD1z1CobEeO+uCIACusDuQ.json
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/jrGzgpY6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:9a:24ed:9b6:1020:2655 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8E9F) /
Resource Hash: 4e79c52a8e8d4f7c4eb7792ac9865e6d4cd664717e584640a145b928dad1c062

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:05 GMT
content-encoding: gzip
last-modified: Thu, 24 Oct 2019 16:47:23 GMT
server: ECAcc (frc/8E9F)
status: 200
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800, s-maxage=14940
accept-ranges: bytes
content-length: 66

GET
H2 200 related.js Show response
ssl.p.jwpcdn.com/player/v/8.11.5/ 112 KB
112 KB 6ms
5ms Script
application/javascript 2a04:4e42:1b::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.11.5/related.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/jrGzgpY6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: b42bccfca3c4a2b0508821e94280773b751b7dc7c85104a2acb97471d48dd471

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish
age: 602759
x-cache: HIT
status: 200
content-length: 114457
x-served-by: cache-hhn4020-HHN
last-modified: Wed, 16 Oct 2019 16:40:23 GMT
server: nginx/1.8.0
x-timer: S1571949484.426939,VS0,VE0
etag: "243aea6862e24cbcd7a12a3a93200e56"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 33088

GET
H2 200 uieskm5hvskyl8i5ietk.jpg
i.kinja-img.com/gawker-media/image/upload/ 1 MB
1 MB 9ms
9ms Image
image/jpeg 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kinja-img.com/gawker-media/image/upload/uieskm5hvskyl8i5ietk.jpg

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

kinja /

Resource Hash

0d52309b237d0b735bdbd3519b226218d03722e6caa8c62445507258101cd0d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 1385223
edge-cache-tag: 261225384700116170612890146785738006942,e658e1d7ab596d92a7343d60946f3015
status: 200
x-image-request-allowed: lifehacker.com yes
x-cache: MISS, HIT, HIT
content-length: 1435692
x-served-by: cache-jfk8126-JFK, cache-jfk8126-JFK, cache-fra19179-FRA
last-modified: Tue, 08 Oct 2019 19:51:01 GMT
server: kinja
x-timer: S1571949484.439601,VS0,VE2
etag: "8733e674cdc9c6c4e155d268a6a51888"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, s-max-age=0, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-cache-hits: 0, 21, 1

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=530738705&t=event&ni=1&_s=1&dl=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&ul=en-us&de=U...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-142218-33&cid=1646358791.1571949483&jid=1397511375&_gid=1964647908.1571949483&gjid=1178644494&_v=j79&z=1185065944
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-33&cid=1646358791.1571949483&jid=1397511375&_v=j79&z=1185065944
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-33&cid=1646358791.1571949483&jid=1397511375&_v=j79&z=1185065944&slf_rd=1&random=2913240337

42 B
109 B

28ms
28ms

Image
image/gif

2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-33&cid=1646358791.1571949483&jid=1397511375&_v=j79&z=1185065944&slf_rd=1&random=2913240337

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:04 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-33&cid=1646358791.1571949483&jid=1397511375&_v=j79&z=1185065944&slf_rd=1&random=2913240337
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ad
pubads.g.doubleclick.net/gampad/
Redirect Chain

https://pubads.g.doubleclick.net/gampad/ad?iu=/4246/gm.lifehacker&c=1571949484&sz=401x301
https://pubads.g.doubleclick.net/gampad/ad?iu=/4246/gm.lifehacker&c=1571949484&sz=401x301&pre=1

42 B
111 B

71ms
71ms

Image
image/gif

216.58.207.66
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/gampad/ad?iu=/4246/gm.lifehacker&c=1571949484&sz=401x301&pre=1

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:04 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
google-creative-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
google-lineitem-id: -2

Redirect headers

timing-allow-origin: *
date: Thu, 24 Oct 2019 20:38:04 GMT
x-content-type-options: nosniff
server: cafe
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pubads.g.doubleclick.net/gampad/ad?iu=/4246/gm.lifehacker&c=1571949484&sz=401x301&pre=1
follow-only-when-prerender-shown: 1
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
BLOB 206
Partial Content 83dcce6f-6333-411d-bb3f-ba606b9072e3
https://lifehacker.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lifehacker.com/83dcce6f-6333-411d-bb3f-ba606b9072e3
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Sec-Fetch-Mode: no-cors
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 59ms
28ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/x-kinja-static/assets/new-client/ads.d55c919fead71a11fb7b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b2dbb2765ef8da15ab2a6f68aba37ee837a9347911283dea527b4fc5f3175c2f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
content-encoding: gzip
last-modified: Mon, 14 Oct 2019 12:15:44 GMT
server: nginx
etag: W/"5da466f0-a74a"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 25 Oct 2019 20:38:04 GMT

GET
H2 204 gcid-0.1.2.html
g.jwpsrv.com/g/ Frame D404 0
0 7ms
5ms Document
text/html 2a04:4e42:1b::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://g.jwpsrv.com/g/gcid-0.1.2.html?aid=AD1z1CobEeO%2BuCIACusDuQ&id=rD2UK3wV&emi=1yaph3211fuh&pli=1oyjssy1w9bn&pv=8.11.5&tv=3.21.0
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.11.5/jwpsrv.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash

Request headers

:method: GET
:authority: g.jwpsrv.com
:scheme: https
:path: /g/gcid-0.1.2.html?aid=AD1z1CobEeO%2BuCIACusDuQ&id=rD2UK3wV&emi=1yaph3211fuh&pli=1oyjssy1w9bn&pv=8.11.5&tv=3.21.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Response headers

status: 204
retry-after: 0
content-type: text/html; charset=utf-8
accept-ranges: bytes
date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish
x-served-by: cache-hhn4020-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1571949484.453473,VS0,VE0
access-control-allow-origin: *
server: nginx/1.8.0

GET
H/1.1 200
OK getad Show response
aax-us-east.amazon-adsystem.com/x/ Frame 2AF2 20 KB
7 KB 181ms
180ms Script
text/javascript 72.21.206.141
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22tracking_id%22%3A%22gawker02-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22DE%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22gawker02-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Flifehacker.com%2Fembed%2Fcomments%2Fmagma%2F1839331632%3F&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by: Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=45b86f08-d576-450f-b812-4e928421e266
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.141 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: 206-141.amazon.com
Software: Server /
Resource Hash: 9757c7601c89f4ef980b5cdc7d9d412261863c490cf15245531a1cafda078883

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:04 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: Server
Connection: keep-alive
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK getad Show response
aax-us-east.amazon-adsystem.com/x/ Frame 2AF2 20 KB
7 KB 327ms
150ms Script
text/javascript 72.21.206.141
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22tracking_id%22%3A%22gawker02-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22DE%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22gawker02-20%22%2C%22slotNum%22%3A1%7D&u=https%3A%2F%2Flifehacker.com%2Fembed%2Fcomments%2Fmagma%2F1839331632%3F&jscb=amzn_assoc_jsonp_callback_adunit_1
Requested by: Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=45b86f08-d576-450f-b812-4e928421e266
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.141 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: 206-141.amazon.com
Software: Server /
Resource Hash: 21cd28b7706ab48bb17628d632b7e757adba3c3a966733a28ede36e1f039c32c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:04 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: Server
Connection: keep-alive
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK getad Show response
aax-us-east.amazon-adsystem.com/x/ Frame 2AF2 20 KB
7 KB 324ms
148ms Script
text/javascript 72.21.206.141
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22tracking_id%22%3A%22gawker02-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22DE%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22gawker02-20%22%2C%22slotNum%22%3A2%7D&u=https%3A%2F%2Flifehacker.com%2Fembed%2Fcomments%2Fmagma%2F1839331632%3F&jscb=amzn_assoc_jsonp_callback_adunit_2
Requested by: Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=45b86f08-d576-450f-b812-4e928421e266
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.141 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: 206-141.amazon.com
Software: Server /
Resource Hash: 77a0834c97e9f7b07129df37c8aca5aab0259e4349f84f299067b67a3604fc14

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:04 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: Server
Connection: keep-alive
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript;charset=UTF-8

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 5ms
5ms Image
image/gif 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=530738705&t=event&ni=1&_s=2&dl=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&ul=en-us&de=UTF-8&dt=Did%20You%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%3F&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Video&ea=Video%20Content%20Initiation&el=kinjavideo-174199&_u=aGDACEABFAQC~&jid=&gjid=&cid=1646358791.1571949483&tid=UA-142218-33&_gid=1964647908.1571949483&cd39=none&cd40=none&cd42=174199&cd48=none&cd50=JWP%208.11.5&cd83=article&cd101=lifehacker&cd105=Lifehacker&cd111=0&cd16=article&cd22=none&cd41=clip&cd44=none&cd45=How%20to%20Clean%20a%20Couch&cd62=none&cd63=lifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&cd65=0&cd89=none&cd120=lifehacker&cd121=outstream&cd122=Autoplay&cd129=JWP&z=1527419023

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Oct 2019 12:19:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 634701
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bridge3.345.0_en.html
imasdk.googleapis.com/js/core/ Frame 6620 0
0 6ms
6ms Document
text/html 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.345.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.345.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 194502
date: Wed, 23 Oct 2019 19:56:18 GMT
expires: Thu, 22 Oct 2020 19:56:18 GMT
last-modified: Wed, 23 Oct 2019 19:50:33 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 88906
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 26 KB
11 KB 26ms
13ms Script
text/javascript 2a00:1450:4001:81e::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10523
x-xss-protection: 0
expires: Thu, 24 Oct 2019 20:38:04 GMT

GET
H2 200 accountwithtoken Show response
kinja.com/api/profile/ Frame 2AF2 227 B
380 B 97ms
96ms Script
application/javascript 151.101.2.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja.com/api/profile/accountwithtoken?jsonp=jQuery21107101882225904488_1571949483896

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/packaged-js/vendor.3c1438086e8a019d3cd4.en-US.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

2e1a386fbdd93f8ca52d3a2b2cb5aa806f43870fac8b4d4a76f2f26b09614644

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 0, 0, 0, 0
x-cache: MISS, MISS
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
status: 200
x-cdn-fetch: mantle-setcookie
content-length: 227
x-xss-protection: 1; mode=block
x-served-by: cache-jfk8140-JFK, cache-fra19179-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1571949485.546171,VS0,VE91
x-frame-options: DENY
date: Thu, 24 Oct 2019 20:38:04 GMT
vary: Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, no-store, private
x-feature-hash: eu_disabled=on
accept-ranges: bytes, bytes, bytes, bytes
x-cache-hits: 0, 0

GET
H/1.1 200
OK /
aax-us-east.amazon-adsystem.com/x/px/QsMOQoU3znrovaEbyMaDGgoAAAFt_32aHAEAAAFKAZvl98I/ Frame 2AF2 43 B
245 B 91ms
91ms Image
image/gif 72.21.206.141
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-us-east.amazon-adsystem.com/x/px/QsMOQoU3znrovaEbyMaDGgoAAAFt_32aHAEAAAFKAZvl98I/?assoc_payload=%7B%22totalDocWidth%22%3A800%2C%22totalDocHeight%22%3A278%2C%22logType%22%3A%22onetag_pageload%22%2C%22pageTitle%22%3A%22Make%20Sure%20You%20Didn%27t%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%22%2C%22numLinks%22%3A0%2C%22numAutoTaggedLinks%22%3A0%2C%22autoTaggingEnabled%22%3Afalse%2C%22geoRedirectEnabled%22%3Atrue%2C%22disableTransitTracking%22%3Afalse%2C%22numLinksATF%22%3A0%2C%22numLinksBTF%22%3A0%2C%22shortLinksInLivePool%22%3A%22%22%2C%22shortLinksInPage%22%3A%22%22%2C%22shortLinksInLivePoolCount%22%3A0%2C%22shortLinksInPageCount%22%3A0%2C%22shortLinksMatchCount%22%3A0%2C%22assocPayloadId%22%3A%22QkhP6_aHpnlLVJDIvfw4zNUAAAFt_32XPgEAAAFKASSvRwY%22%2C%22linkCode%22%3A%22w49%22%2C%22trackingId%22%3A%22gawker02-20%22%2C%22refUrl%22%3A%22https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632%22%7D
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.141 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: 206-141.amazon.com
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Oct 2019 20:38:04 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43

GET
H/1.1 200 ir
ir-na.amazon-adsystem.com/e/ Frame 2AF2 42 B
159 B 333ms
105ms Image
image/gif 52.46.128.194
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ir-na.amazon-adsystem.com/e/ir?l=w49&t=gawker02-20&o=1&cb=1571949484645
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.128.194 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache
Connection: close
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 204
No Content cm_:onejs_load_evt@v=840,onejs_exec_time@v=1,aax_load_time@v=183,aax_load_time_one_tag@v=183,wdgt_load_time@v=1027,wdgt_load_time_DE@v=1027,wdgt_load_time_one_tag@v=1027,wdgt_load_time_invoke@v=187...
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ Frame 2AF2 0
146 B 295ms
86ms Image
text/plain 52.94.233.131
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=840,onejs_exec_time@v=1,aax_load_time@v=183,aax_load_time_one_tag@v=183,wdgt_load_time@v=1027,wdgt_load_time_DE@v=1027,wdgt_load_time_one_tag@v=1027,wdgt_load_time_invoke@v=187,wdgt_load_time_invoke_one_tag@v=186,wdgt_load_time_invoke_one_tag_DE@v=186?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=f03c5e59-7da0-42a9-841b-5987d4bf9bf0&session=c97ee7f2-40ba-4de4-b08d-72d88822f9c8
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 52.94.233.131 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:04 GMT
x-amzn-RequestId: 2b95b92f-fb86-4cec-99ce-8088d7ddd7ce
Content-Type: text/plain

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 6ms
5ms Image
image/gif 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=530738705&t=event&ni=1&_s=3&dl=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&ul=en-us&de=UTF-8&dt=Did%20You%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%3F&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Video&ea=Video%20Ad%20Error&el=kinjavideo-174199&_u=aGDACEABFAQC~&jid=&gjid=&cid=1646358791.1571949483&tid=UA-142218-33&_gid=1964647908.1571949483&cd39=none&cd40=none&cd42=174199&cd48=none&cd50=JWP%208.11.5&cd83=article&cd101=lifehacker&cd105=Lifehacker&cd111=0&cd16=article&cd22=Ad%20Error%3A%20There%20was%20a%20problem%20requesting%20ads%20from%20the%20server.&cd41=clip&cd44=none&cd45=How%20to%20Clean%20a%20Couch&cd62=none&cd63=lifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&cd65=0&cd89=Ad%20Error%3A%20There%20was%20a%20problem%20requesting%20ads%20from%20the%20server.&cd120=lifehacker&cd121=outstream&cd122=Autoplay&cd129=JWP&z=742647161

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Oct 2019 12:19:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 634701
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rD2UK3wV.m3u8 Show response
cdn.jwplayer.com/manifests/ 2 KB
845 B 24ms
7ms XHR
application/vnd.apple.mpegurl 2600:9000:2156:8600:1:a3fa:7cc0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/manifests/rD2UK3wV.m3u8?exp=1587760413&sig=963224a2e1057ea9d94144dbef9e0106
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.11.5/provider.hlsjs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:8600:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: cd0074f3586d9b8f84c55f202df1b5c6f6156313d4713c40c65a28987f896d20

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:35:38 GMT
content-encoding: gzip
server: openresty
age: 86
status: 200
x-cache: Hit from cloudfront
content-type: application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, max-stale=180
x-amz-cf-pop: FRA50-C1
content-length: 478
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-id: oGmy9tQiiUUwgmty7t-Io26pfncLLYhB0SLG9QQnH4a2cEKzG3i48A==
expires: Thu, 24 Oct 2019 20:45:38 GMT

GET
H2 204 social
trc.taboola.com/gomedia-lifehacker/log/3/ 0
54 B 15ms
14ms Image
image/gif 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/gomedia-lifehacker/log/3/social?route=AM:AM:V&lti=deflated&ri=72c8558de00f50c27e18225c2cb2e28a&sd=v2_3a9f406ccf5324f6c0d8e523934e4b42_f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b_1571949483_1571949483_CNawjgYQhq1JGIqt9vvfLSABKAEwODib4wlAgooQSJjEF1Cl7BBYAGAA&ui=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&pi=/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632&wi=-1991078883658719876&pt=text&vi=1571949483658&st=social-visible&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-div%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22ln%22%3A%22top%22%2C%22lx%22%3A168%2C%22ly%22%3A232%2C%22m%22%3A%22video%22%2C%22v%22%3A3%2C%22md%22%3A%7B%22ap%22%3Anull%2C%22vd%22%3Anull%7D%7D%5D%7D&tim=22%3A38%3A04.703&id=9516&llvl=1&cv=20191022-13-RELEASE&
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish
server: nginx
x-timer: S1571949485.708291,VS0,VE8
x-served-by: cache-hhn4081-HHN
status: 204
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 rD2UK3wV-32209782.mp4.m3u8 Show response
videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/ 1 KB
606 B 34ms
6ms XHR
application/x-mpegurl 2a04:4e42:3::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/rD2UK3wV-32209782.mp4.m3u8?token=0_5db2354a_0xbcdc5c7aa7621d6926a0d05ed6699663689adb57
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.11.5/provider.hlsjs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: otfp /
Resource Hash: 44d53d01a76af8cb85ccb3eaf7e928d7e0fb60d3f9f30d581466986a0762ae1a

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
content-encoding: gzip
x-backend: s3-external-1.amazonaws.com
age: 1314425
x-cache: HIT, HIT
status: 200
fastly-stats: otfp=1
content-length: 216
x-served-by: cache-iad2133-IAD, cache-fra19180-FRA
access-control-allow-origin: *
server: otfp
x-timer: S1571949485.744766,VS0,VE0
etag: "SENhLs-9Yx2eOFroB8ziZHw2OCFuZopI0it49wJajIzLSoL-mFpUOIvhWeWekeD3zGX4-yus6Z-fyi97q0cpSLjMuA"
vary: Accept-Encoding
content-type: application/x-mpegurl
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H2 200 rD2UK3wV-32209782.mp4-1.ts Show response
videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/ 112 KB
112 KB 6ms
6ms XHR
video/mp2t 2a04:4e42:3::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/rD2UK3wV-32209782.mp4-1.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.11.5/provider.hlsjs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: otfp /
Resource Hash: e33c5690e696436005535c8d45b87038d247fc42807a22c1725f151d6fb00844

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish, 1.1 varnish
x-backend: s3-external-1.amazonaws.com
age: 56551
x-cache: HIT, HIT
status: 200
fastly-stats: otfp=1
content-length: 114680
x-served-by: cache-iad2146-IAD, cache-fra19180-FRA
x-fastly-otfp-info: ss=0.000 sl=4.000 vl=106.000 rs=320x180
server: otfp
x-timer: S1571949485.754931,VS0,VE0
etag: "E-qFTDdxUZG6Bn4rKkTdauOFhdgM4cLd26nMVo6Gnur-83RPzTTshiab4HiF6nNNjzowQvWX_nnT8lfAHAGUq4XidA"
content-type: video/mp2t
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 10, 1

GET
BLOB 200
OK d737c7df-ead4-4f97-b926-0f3e019667a8
https://lifehacker.com/ 66 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lifehacker.com/d737c7df-ead4-4f97-b926-0f3e019667a8
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.11.5/provider.hlsjs.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c477bb859d4a45df8c47588bbe009e5af8b23070f0ce8a16a39a79de2d96fb90

Request headers

Sec-Fetch-Mode: same-origin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 68017
Content-Type: text/javascript

GET
H2 200 rD2UK3wV-32209783.mp4.m3u8 Show response
videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/ 1 KB
393 B 32ms
32ms XHR
application/x-mpegurl 2a04:4e42:3::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/rD2UK3wV-32209783.mp4.m3u8?token=0_5db2354a_0x32d97499211583abdb0567e640360dbbb6e78e69
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.11.5/provider.hlsjs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: otfp /
Resource Hash: 8be4ae61ae2c169fe49c907efed36a65ed0b681b564e5b300ad7f6d032322dd9

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
content-encoding: gzip
x-backend: s3-external-1.amazonaws.com
age: 574523
x-cache: HIT, HIT
status: 200
fastly-stats: otfp=1
content-length: 217
x-served-by: cache-iad2137-IAD, cache-fra19180-FRA
access-control-allow-origin: *
server: otfp
x-timer: S1571949485.775269,VS0,VE26
etag: "m86dL-xlgRyQvu69LWlPO_Vkdsqv0ynatniBEerMTC9vlQxlCa0cG73FYAc0-6Wq3qW34q-ppWmfCVS7AhxWkFE_qg"
vary: Accept-Encoding
content-type: application/x-mpegurl
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H/1.1 200
OK /
aax-us-east.amazon-adsystem.com/x/px/Qk8wSrZeu4A9bOEaWMs26B0AAAFt_32atQEAAAFKAfNp3FY/ Frame 2AF2 43 B
245 B 94ms
93ms Image
image/gif 72.21.206.141
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-us-east.amazon-adsystem.com/x/px/Qk8wSrZeu4A9bOEaWMs26B0AAAFt_32atQEAAAFKAfNp3FY/?assoc_payload=%7B%22totalDocWidth%22%3A800%2C%22totalDocHeight%22%3A278%2C%22logType%22%3A%22onetag_pageload%22%2C%22pageTitle%22%3A%22Make%20Sure%20You%20Didn%27t%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%22%2C%22numLinks%22%3A0%2C%22numAutoTaggedLinks%22%3A0%2C%22autoTaggingEnabled%22%3Afalse%2C%22geoRedirectEnabled%22%3Atrue%2C%22disableTransitTracking%22%3Afalse%2C%22numLinksATF%22%3A0%2C%22numLinksBTF%22%3A0%2C%22shortLinksInLivePool%22%3A%22%22%2C%22shortLinksInPage%22%3A%22%22%2C%22shortLinksInLivePoolCount%22%3A0%2C%22shortLinksInPageCount%22%3A0%2C%22shortLinksMatchCount%22%3A0%2C%22assocPayloadId%22%3A%22QkhP6_aHpnlLVJDIvfw4zNUAAAFt_32XPgEAAAFKASSvRwY%22%2C%22linkCode%22%3A%22w49%22%2C%22trackingId%22%3A%22gawker02-20%22%2C%22refUrl%22%3A%22https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632%22%7D
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.141 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: 206-141.amazon.com
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Oct 2019 20:38:04 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43

GET
H/1.1 200 ir
ir-na.amazon-adsystem.com/e/ Frame 2AF2 42 B
159 B 208ms
87ms Image
image/gif 52.46.128.194
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ir-na.amazon-adsystem.com/e/ir?l=w49&t=gawker02-20&o=1&cb=1571949484788
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.128.194 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache
Connection: close
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 204
No Content cm_:wdgt_load_time@v=1170,wdgt_load_time_DE@v=1170,wdgt_load_time_one_tag@v=1170
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ Frame 2AF2 0
146 B 169ms
86ms Image
text/plain 52.94.233.131
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:wdgt_load_time@v=1170,wdgt_load_time_DE@v=1170,wdgt_load_time_one_tag@v=1170?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=9fc66440-f5dd-42e2-a819-1d72bfc196fc&session=2ff2516d-278e-4a51-92d7-9b33459ce2c8
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 52.94.233.131 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:04 GMT
x-amzn-RequestId: 6d2cf402-219b-4837-8bd6-a2e51450c820
Content-Type: text/plain

GET
H/1.1 200
OK /
aax-us-east.amazon-adsystem.com/x/px/QjbqfQ2DAtJ64dWPBix5Fw0AAAFt_32atQEAAAFKAQMvgZA/ Frame 2AF2 43 B
245 B 95ms
94ms Image
image/gif 72.21.206.141
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-us-east.amazon-adsystem.com/x/px/QjbqfQ2DAtJ64dWPBix5Fw0AAAFt_32atQEAAAFKAQMvgZA/?assoc_payload=%7B%22totalDocWidth%22%3A800%2C%22totalDocHeight%22%3A278%2C%22logType%22%3A%22onetag_pageload%22%2C%22pageTitle%22%3A%22Make%20Sure%20You%20Didn%27t%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%22%2C%22numLinks%22%3A0%2C%22numAutoTaggedLinks%22%3A0%2C%22autoTaggingEnabled%22%3Afalse%2C%22geoRedirectEnabled%22%3Atrue%2C%22disableTransitTracking%22%3Afalse%2C%22numLinksATF%22%3A0%2C%22numLinksBTF%22%3A0%2C%22shortLinksInLivePool%22%3A%22%22%2C%22shortLinksInPage%22%3A%22%22%2C%22shortLinksInLivePoolCount%22%3A0%2C%22shortLinksInPageCount%22%3A0%2C%22shortLinksMatchCount%22%3A0%2C%22assocPayloadId%22%3A%22QkhP6_aHpnlLVJDIvfw4zNUAAAFt_32XPgEAAAFKASSvRwY%22%2C%22linkCode%22%3A%22w49%22%2C%22trackingId%22%3A%22gawker02-20%22%2C%22refUrl%22%3A%22https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632%22%7D
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.141 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: 206-141.amazon.com
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Oct 2019 20:38:04 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43

GET
H/1.1 200 ir
ir-na.amazon-adsystem.com/e/ Frame 2AF2 42 B
159 B 354ms
91ms Image
image/gif 52.46.128.194
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ir-na.amazon-adsystem.com/e/ir?l=w49&t=gawker02-20&o=1&cb=1571949484792
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.128.194 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache
Connection: close
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 204
No Content cm_:wdgt_load_time@v=1174,wdgt_load_time_DE@v=1174,wdgt_load_time_one_tag@v=1174
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ Frame 2AF2 0
146 B 200ms
87ms Image
text/plain 52.94.233.131
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:wdgt_load_time@v=1174,wdgt_load_time_DE@v=1174,wdgt_load_time_one_tag@v=1174?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=01708ae5-7d2c-4027-9125-bc05f5344efc&session=09735699-bd36-48d2-a2a7-eda93bd9f268
Requested by: Host: lifehacker.com
URL: https://lifehacker.com/embed/comments/magma/1839331632?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 52.94.233.131 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/embed/comments/magma/1839331632?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:04 GMT
x-amzn-RequestId: 4a72e76e-f85a-47a9-89d4-76f693bcb583
Content-Type: text/plain

GET
H2 200 rD2UK3wV-32209783.mp4-1.ts Show response
videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/ 141 KB
142 KB 6ms
6ms XHR
video/mp2t 2a04:4e42:3::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/rD2UK3wV-32209783.mp4-1.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.11.5/provider.hlsjs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: otfp /
Resource Hash: 43ab8cc1cc0d6aa973790c216a1a19ae93bfa76ea9fd04a111f0547482198cb0

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish, 1.1 varnish
x-backend: s3-external-1.amazonaws.com
age: 1314390
x-cache: HIT, HIT
status: 200
fastly-stats: otfp=1
content-length: 144760
x-served-by: cache-iad2138-IAD, cache-fra19180-FRA
x-fastly-otfp-info: ss=0.000 sl=4.000 vl=106.000 rs=480x270
server: otfp
x-timer: S1571949485.810299,VS0,VE0
etag: "b1lmZiOjfhcX-BkPlnNwf-ma82HGQMOuISlJGXoyCLjkArtgD-RctwOzuXMF8-vLMzxsjlThTgmP-Ej_ucbeu07aPw"
content-type: video/mp2t
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H2 200 rD2UK3wV-32209783.mp4-2.ts Show response
videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/ 241 KB
242 KB 6ms
6ms XHR
video/mp2t 2a04:4e42:3::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/rD2UK3wV-32209783.mp4-2.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.11.5/provider.hlsjs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: otfp /
Resource Hash: 6d6cf6128d5808479b811c300b28161bcf5573e2074792585f334a565c870e9f

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:04 GMT
via: 1.1 varnish, 1.1 varnish
x-backend: s3-external-1.amazonaws.com
age: 575072
x-cache: HIT, HIT
status: 200
fastly-stats: otfp=1
content-length: 247032
x-served-by: cache-iad2146-IAD, cache-fra19180-FRA
x-fastly-otfp-info: ss=4.000 sl=4.000 vl=106.000 rs=480x270
server: otfp
x-timer: S1571949485.853174,VS0,VE1
etag: "oigVb1lWyxwLLTHvYWxUQuT-2hMPPPFJZd4tRHGl1MhNK88FqUSj9kRAAA9lP3HKXugtdUT-TyXUwD0pbOF92_OiNQ"
content-type: video/mp2t
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 6ms
5ms Image
image/gif 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=530738705&t=event&ni=1&_s=4&dl=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&ul=en-us&de=UTF-8&dt=Did%20You%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%3F&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Video&ea=Video%20Content%20Start&el=kinjavideo-174199&_u=aGDACEABFAQC~&jid=&gjid=&cid=1646358791.1571949483&tid=UA-142218-33&_gid=1964647908.1571949483&cd39=none&cd40=none&cd42=174199&cd48=none&cd50=JWP%208.11.5&cd83=article&cd101=lifehacker&cd105=Lifehacker&cd111=0&cd16=article&cd22=none&cd41=clip&cd44=106-110&cd45=How%20to%20Clean%20a%20Couch&cd62=none&cd63=lifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&cd65=0&cd89=none&cd120=lifehacker&cd121=outstream&cd122=Autoplay&cd129=JWP&z=1260505372

Requested by

Host: lifehacker.com
URL: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Oct 2019 12:19:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 634701
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rD2UK3wV-32209783.mp4-3.ts Show response
videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/ 265 KB
265 KB 7ms
6ms XHR
video/mp2t 2a04:4e42:3::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/rD2UK3wV-32209783.mp4-3.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.11.5/provider.hlsjs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: otfp /
Resource Hash: e47c92071607d6eef10b2ad3afd5fb415521ec1b5223517497edefc314715357

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:05 GMT
via: 1.1 varnish, 1.1 varnish
x-backend: s3-external-1.amazonaws.com
age: 71058
x-cache: HIT, HIT
status: 200
fastly-stats: otfp=1
content-length: 271096
x-served-by: cache-iad2147-IAD, cache-fra19180-FRA
x-fastly-otfp-info: ss=8.000 sl=4.000 vl=106.000 rs=480x270
server: otfp
x-timer: S1571949485.067647,VS0,VE0
etag: "dBfbAgdJxhVsbyjcjSVSn1PMBe89HLkzYIH4Lb_VaUjjmkxyW2JfH-cS5kJ_jLkmo_UxTQUQSczWQDaZGl-DdQklnw"
content-type: video/mp2t
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H2 200 rD2UK3wV-32209783.mp4-4.ts Show response
videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/ 238 KB
239 KB 6ms
6ms XHR
video/mp2t 2a04:4e42:3::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/rD2UK3wV-32209783.mp4-4.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.11.5/provider.hlsjs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: otfp /
Resource Hash: 3d05a2ffb9d97b22e0b31322d2497381138af21a304f4aa104fcb033f6ace1ad

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:05 GMT
via: 1.1 varnish, 1.1 varnish
x-backend: s3-external-1.amazonaws.com
age: 575806
x-cache: HIT, HIT
status: 200
fastly-stats: otfp=1
content-length: 244024
x-served-by: cache-iad2147-IAD, cache-fra19180-FRA
x-fastly-otfp-info: ss=12.000 sl=4.000 vl=106.000 rs=480x270
server: otfp
x-timer: S1571949485.112798,VS0,VE0
etag: "_rtKXn0iHb30w2IFT0Yn-KOfPOxs2j3PHCdToRZjYk2K2k-anGMfeMdOCA4QmyO4S7slwRF49umyk9zilUbMTLajUg"
content-type: video/mp2t
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H2 200 rD2UK3wV-32209783.mp4-5.ts Show response
videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/ 229 KB
230 KB 6ms
6ms XHR
video/mp2t 2a04:4e42:3::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/rD2UK3wV-32209783.mp4-5.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.11.5/provider.hlsjs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: otfp /
Resource Hash: 766da66cc2bb78d6895761da1b7a604d814585e2d284b6915f13035c496eafc6

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:05 GMT
via: 1.1 varnish, 1.1 varnish
x-backend: s3-external-1.amazonaws.com
age: 501759
x-cache: HIT, HIT
status: 200
fastly-stats: otfp=1
content-length: 235000
x-served-by: cache-iad2146-IAD, cache-fra19180-FRA
x-fastly-otfp-info: ss=16.000 sl=4.000 vl=106.000 rs=480x270
server: otfp
x-timer: S1571949485.136016,VS0,VE1
etag: "jXmYH-xYgV8awlmdYBqNYWOKiO_-Kcgqft8wnC4l4WK7-5X5dtzE3WdS6CY4riNCSbbAHiA73oTUmpf3q0uSt00qag"
content-type: video/mp2t
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
26 B 127ms
102ms Image
text/plain 151.101.114.217
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-766708452&e=e&n=5790307215111725&abc=0&aid=AD1z1CobEeO%2BuCIACusDuQ&ask=DimEexUw&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=3&emi=1yaph3211fuh&i=0&id=rD2UK3wV&lsa=fail&mt=1&pbd=1&pbr=1&pgi=11qaost11x4a&ph=1&pid=jrGzgpY6&pii=0&pl=203&plc=5&pli=1oyjssy1w9bn&pp=hlsjs&prc=1&ps=4&pss=1&pt=Did%20You%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%3F&pu=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&pv=8.11.5&pyc=0&s=1&sdk=0&stc=1&stpe=0&t=How%20to%20Clean%20a%20Couch&tv=3.21.0&vb=1&vi=1&vl=90&wd=360&ab=1&cae=0&cb=1&cdid=1571949483780&cme=0&dd=1&flc=0&fv=&ga=0&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FrD2UK3wV.m3u8%3Fexp%3D1587760413%26sig%3D963224a2e1057ea9d94144dbef9e0106&pbc=0&pd=2&pdr=&plng=en-US&plt=2000&pni=0&pnl=38&po=0&pogt=Make%20Sure%20You%20Didn%27t%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps&sp=0&st=230&sa=1571949485161
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:05 GMT
via: 1.1 varnish
server: nginx
x-cache: MISS
status: 204
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn4038-HHN

GET
H2 503 ping.gif
ping-meta-prd.jwpltx.com/v1/jwplayer6/ 0
77 B 191ms
190ms Image
text/plain 2a04:4e42:1b::729
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping-meta-prd.jwpltx.com/v1/jwplayer6/ping.gif?h=1373942439&e=cg&n=8113736915622147&aid=AD1z1CobEeO%2BuCIACusDuQ&cdid=1571949483780&ed=3&pu=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&pcfg=%7B%22aspectratio%22%3A%2216%3A9%22%2C%22autostart%22%3A%22viewable%22%2C%22cast%22%3A%7B%22appid%22%3A%2200000000%22%7D%2C%22controls%22%3Atrue%2C%22displaydescription%22%3Atrue%2C%22displaytitle%22%3Afalse%2C%22flashplayer%22%3A%22%2F%2Fssl.p.jwpcdn.com%2Fplayer%2Fv%2F8.11.5%2Fjwplayer.flash.swf%22%2C%22height%22%3A360%2C%22key%22%3A%22wCNwlKklygjIvANMjG7IpKsINBIB70nUrJMWrDmbUqKlEsa0zIXBUQ%3D%3D%22%2C%22mute%22%3Atrue%2C%22ph%22%3A1%2C%22pid%22%3A%22jrGzgpY6%22%2C%22playbackRateControls%22%3Afalse%2C%22preload%22%3A%22metadata%22%2C%22repeat%22%3Afalse%2C%22sharing%22%3A%7B%22sites%22%3A%5B%22facebook%22%2C%22twitter%22%2C%22email%22%5D%7D%2C%22stagevideo%22%3Afalse%2C%22stretching%22%3A%22uniform%22%2C%22width%22%3A%22100%25%22%2C%22playlist%22%3A%5B%7B%22file%22%3A%22https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FrD2UK3wV.m3u8%3Fexp%3D1587760413%26sig%3D963224a2e1057ea9d94144dbef9e0106%22%2C%22image%22%3A%22https%3A%2F%2Fi.kinja-img.com%2Fgawker-media%2Fimage%2Fupload%2Fuieskm5hvskyl8i5ietk.jpg%22%2C%22title%22%3A%22How%20to%20Clean%20a%20Couch%22%2C%22mediaid%22%3A%22174199%22%2C%22property%22%3A%22lifehacker%22%7D%2C%7B%22file%22%3A%22https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FhHPBOBfR.m3u8%3Fexp%3D1587760413%26sig%3Dc5f4a13d393698971f03dc6afd276e6f%22%2C%22image%22%3A%22https%3A%2F%2Fi.kinja-img.com%2Fgawker-media%2Fimage%2Fupload%2Fv0zakeubc3zzr7lwajsp.jpg%22%2C%22title%22%3A%22Those%20Cheap%20Charging%20Cables%20Aren%26%2339%3Bt%20Worth%20It%22%2C%22mediaid%22%3A%22174355%22%2C%22property%22%3A%22lifehacker%22%7D%2C%7B%22file%22%3A%22https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FArQWRMpT.m3u8%3Fexp%3D1587760413%26sig%3D65cae3d962636bbbd1c2a388445ab0cd%22%2C%22image%22%3A%22https%3A%2F%2Fi.kinja-img.com%2Fgawker-media%2Fimage%2Fupload%2Ftrmajchwzcbkiaymjpxq.jpg%22%2C%22title%22%3A%22Use%20Dental%20Floss%20as%20Emergency%20Shoelaces%20and%20Kitchen%20Twine%22%2C%22mediaid%22%3A%22174093%22%2C%22property%22%3A%22lifehacker%22%7D%2C%7B%22file%22%3A%22https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FaNocKwOu.m3u8%3Fexp%3D1587760413%26sig%3D77b16d20ecd9c392c40a17afbd8bc344%22%2C%22image%22%3A%22https%3A%2F%2Fi.kinja-img.com%2Fgawker-media%2Fimage%2Fupload%2Fzuxglct6pjzottolzdg0.jpg%22%2C%22title%22%3A%22How%20to%20Shave%20With%20a%20Manual%20Razor%22%2C%22mediaid%22%3A%22174110%22%2C%22property%22%3A%22lifehacker%22%7D%2C%7B%22file%22%3A%22https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FfTZs7CYv.m3u8%3Fexp%3D1587760413%26sig%3D15e38b86f5d65f0edf3afaff84bf8c4b%22%2C%22image%22%3A%22https%3A%2F%2Fi.kinja-img.com%2Fgawker-media%2Fimage%2Fupload%2Fawrqzxl2iodmy34rgues.jpg%22%2C%22title%22%3A%22The%20Best%20Apps%20for%20Reading%20Books%2C%20Audiobooks%2C%20and%20Comics%20in%202019%22%2C%22mediaid%22%3A%22174179%22%2C%22property%22%3A%22lifehacker%22%7D%5D%2C%22googleAnalytics%22%3A%7B%22contentType%22%3A%22article%22%2C%22position%22%3A%22outstream%22%2C%22siteSection%22%3A%22Lifehacker%22%2C%22website%22%3A%22lifehacker%22%7D%7D&sa=1571949485161
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:05 GMT
via: 1.1 varnish
fastly-restarts: 1
x-cache: MISS
status: 503
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4020-HHN

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
26 B 123ms
98ms Image
text/plain 151.101.114.217
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1399191436&e=pa&n=8354071754483556&abc=0&aid=AD1z1CobEeO%2BuCIACusDuQ&ask=DimEexUw&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=3&emi=1yaph3211fuh&gfb=0&gifr=1&gios=0&i=0&id=rD2UK3wV&lsa=fail&mt=1&pbd=1&pbr=1&pgi=11qaost11x4a&ph=1&pid=jrGzgpY6&pii=0&pl=203&plc=5&pli=1oyjssy1w9bn&pp=hlsjs&prc=1&ps=4&pss=1&pt=Did%20You%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%3F&pu=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&pv=8.11.5&pyc=0&s=1&sdk=0&stc=1&stpe=0&t=How%20to%20Clean%20a%20Couch&tv=3.21.0&vb=1&vi=1&vl=90&wd=360&ab=1&cme=0&flc=0&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FrD2UK3wV.m3u8%3Fexp%3D1587760413%26sig%3D963224a2e1057ea9d94144dbef9e0106&pd=2&pdr=&plng=en-US&pni=0&pnl=38&pogt=Make%20Sure%20You%20Didn%27t%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps&pr=7&tb=0&vd=0&sa=1571949485161
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:05 GMT
via: 1.1 varnish
server: nginx
x-cache: MISS
status: 204
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn4038-HHN

GET
H2 204 ping.gif
prd.jwpltx.com/v1/clienta/ 0
115 B 122ms
98ms Image
text/plain 151.101.114.217
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/clienta/ping.gif?h=772878535&e=ae&n=4160587690759268&abc=1&aid=AD1z1CobEeO%2BuCIACusDuQ&ask=DimEexUw&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=3&emi=1yaph3211fuh&gfb=0&gifr=1&gios=0&i=0&id=rD2UK3wV&lsa=fail&mt=1&pbd=1&pbr=1&pgi=11qaost11x4a&ph=1&pid=jrGzgpY6&pii=0&pl=203&plc=5&pli=1oyjssy1w9bn&pp=hlsjs&prc=1&ps=4&pss=1&pt=Did%20You%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%3F&pu=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&pv=8.11.5&pyc=0&s=1&sdk=0&stc=1&stpe=0&t=How%20to%20Clean%20a%20Couch&tv=3.21.0&vb=1&vi=1&vl=90&wd=360&ab=1&abid=1k1i30w1y5gq&adi=1k1i30w1y5gq&apid=12bx4pr1eyjw&awi=1&awc=1&p=-1&pc=0&pi=0&pr=7&aec=21005&apt=1&ec=900&tal=210&sa=1571949485161
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:05 GMT
via: 1.1 varnish
server: nginx
x-cache: MISS
status: 204
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn4038-HHN

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
26 B 127ms
103ms Image
text/plain 151.101.114.217
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=1785524759&e=s&n=6559364079023069&abc=1&aid=AD1z1CobEeO%2BuCIACusDuQ&ask=DimEexUw&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=3&emi=1yaph3211fuh&gfb=0&gifr=1&gios=0&i=0&id=rD2UK3wV&lsa=fail&mt=1&pbd=1&pbr=1&pgi=11qaost11x4a&ph=1&pid=jrGzgpY6&pii=0&pl=203&plc=5&pli=1oyjssy1w9bn&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Did%20You%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%3F&pu=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&pv=8.11.5&pyc=1&s=1&sdk=0&stc=1&stpe=0&t=How%20to%20Clean%20a%20Couch&tv=3.21.0&vb=1&vi=1&vl=90&wd=360&abid=1k1i30w1y5gq&abm=1&apid=12bx4pr1eyjw&cae=0&cct=0&cdid=1571949483780&drm=0&ff=170&fsm=0&l=2&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FrD2UK3wV.m3u8%3Fexp%3D1587760413%26sig%3D963224a2e1057ea9d94144dbef9e0106&pd=2&pdr=&plng=en-US&pni=0&pnl=38&pr=7&q=8&qcr=initial%20choice&sbr=490&sp=0&strt=380&tb=4&tt=0&vd=106&vh=270&vs=5&vw=480&sa=1571949485161
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:05 GMT
via: 1.1 varnish
server: nginx
x-cache: MISS
status: 204
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn4038-HHN

GET
H2 200 rD2UK3wV-32209783.mp4-6.ts Show response
videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/ 253 KB
253 KB 6ms
6ms XHR
video/mp2t 2a04:4e42:3::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/rD2UK3wV-32209783.mp4-6.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.11.5/provider.hlsjs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: otfp /
Resource Hash: 19396d9afb133bcc4f0f8e0ffc25b7d99b5331125f7d1b1f97f44975c012d937

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:05 GMT
via: 1.1 varnish, 1.1 varnish
x-backend: s3-external-1.amazonaws.com
age: 593679
x-cache: HIT, HIT
status: 200
fastly-stats: otfp=1
content-length: 259064
x-served-by: cache-iad2129-IAD, cache-fra19180-FRA
x-fastly-otfp-info: ss=20.000 sl=4.000 vl=106.000 rs=480x270
server: otfp
x-timer: S1571949485.176563,VS0,VE0
etag: "Qg9BOD0RFkrpn7fhLLIP-Z9sCXFqJI2Xj4-F_38jcFD_LjBdJ2aE6vkaMR_J4SUe4Afwkf34IpCtp14GDRWMSNKP9Q"
content-type: video/mp2t
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H2 200 rD2UK3wV-32209783.mp4-7.ts Show response
videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/ 235 KB
236 KB 6ms
6ms XHR
video/mp2t 2a04:4e42:3::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/rD2UK3wV-32209783.mp4-7.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.11.5/provider.hlsjs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: otfp /
Resource Hash: f743f6edb565a22dce59234e2001ef120ee37e426bd951acdbfbcb10578cd58c

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:05 GMT
via: 1.1 varnish, 1.1 varnish
x-backend: s3-external-1.amazonaws.com
age: 508011
x-cache: HIT, HIT
status: 200
fastly-stats: otfp=1
content-length: 241016
x-served-by: cache-iad2144-IAD, cache-fra19180-FRA
x-fastly-otfp-info: ss=24.000 sl=4.000 vl=106.000 rs=480x270
server: otfp
x-timer: S1571949485.212360,VS0,VE0
etag: "z5Yt1kU_rhPceIHUrgNWyp1b-06W42YwLjaRRrFbcKWjk_OjzZ_heJaVcIcGUN4fzbm7yhpW_13uJTXfTfM0cDYUKQ"
content-type: video/mp2t
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H2 204 social
trc.taboola.com/gomedia-lifehacker/log/3/ 0
78 B 16ms
15ms Image
image/gif 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/gomedia-lifehacker/log/3/social?route=AM:AM:V&lti=deflated&ri=72c8558de00f50c27e18225c2cb2e28a&sd=v2_3a9f406ccf5324f6c0d8e523934e4b42_f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b_1571949483_1571949483_CNawjgYQhq1JGIqt9vvfLSABKAEwODib4wlAgooQSJjEF1Cl7BBYAGAA&ui=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&pi=/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632&wi=-1991078883658719876&pt=text&vi=1571949483658&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-share%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A3%2C%22m%22%3A%22stp%22%7D%2C%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-div%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22m%22%3A%22video%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_undefined_%22%2C%22hdl%22%3A%22Make%20Sure%20You%20Didn%27t%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%22%2C%22sec%22%3A%22lifehacker.com%22%2C%22aut%22%3A%5B%22Emily%20Price%22%5D%2C%22img%22%3A%22https%3A%2F%2Fi.kinja-img.com%2Fgawker-media%2Fimage%2Fupload%2Fc_fill%2Cf_auto%2Cfl_progressive%2Cg_center%2Ch_675%2Cpg_1%2Cq_80%2Cw_1200%2Fpui1anfh4zipyux2h6mr.jpg%22%2C%22v%22%3A15%2C%22ui%22%3A%22%22%2C%22ut%22%3A%22%22%2C%22pw%22%3A%22%22%7D%5D%7D&tim=22%3A38%3A05.208&id=2299&llvl=1&cv=20191022-13-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:05 GMT
via: 1.1 varnish
server: nginx
x-timer: S1571949485.212094,VS0,VE9
x-served-by: cache-hhn4081-HHN
status: 204
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 beacon.js Show response
ad-delivery.net/ 1 KB
988 B 23ms
7ms Script
application/x-javascript 13.225.78.93
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-delivery.net/beacon.js
Requested by: Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.93 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 31 Jan 2017 15:06:54 GMT
server: AmazonS3
age: 593
date: Thu, 24 Oct 2019 20:28:17 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: ZPb-_wbXkbKdWDmuERDBEY0-rAjOBfvDUkgoWNBNdKVQ_30rxFXTiQ==
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)

GET
H2 204 social
trc.taboola.com/gomedia-lifehacker/log/3/ 0
54 B 14ms
14ms Image
image/gif 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/gomedia-lifehacker/log/3/social?route=AM:AM:V&lti=deflated&ri=72c8558de00f50c27e18225c2cb2e28a&sd=v2_3a9f406ccf5324f6c0d8e523934e4b42_f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b_1571949483_1571949483_CNawjgYQhq1JGIqt9vvfLSABKAEwODib4wlAgooQSJjEF1Cl7BBYAGAA&ui=f7a3d30d-6411-4849-aebb-1e7753d1625b-tuct4ab912b&pi=/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632&wi=-1991078883658719876&pt=text&vi=1571949483658&st=social-visible&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-share%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A1%2C%22ln%22%3A%22top%22%2C%22lx%22%3A1256%2C%22ly%22%3A337%2C%22m%22%3A%22stp%22%2C%22v%22%3A3%7D%2C%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-share%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A1%2C%22ln%22%3A%22below-fold%22%2C%22lx%22%3A1243%2C%22ly%22%3A1166%2C%22m%22%3A%22stp%22%2C%22v%22%3A3%7D%5D%7D&tim=22%3A38%3A05.458&id=463&llvl=1&cv=20191022-13-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:05 GMT
via: 1.1 varnish
server: nginx
x-timer: S1571949485.461718,VS0,VE8
x-served-by: cache-hhn4081-HHN
status: 204
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H/1.1 200
OK jquery.color-2.1.2.min.js Show response
cluster-na.cdnjquery.com/color/ 92 B
356 B 361ms
88ms Script
text/javascript 34.206.108.72
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://cluster-na.cdnjquery.com/color/jquery.color-2.1.2.min.js?integrity=btjsonpcallback1571949485707&checksum=%7B%22cbc%22%3A0%2C%22st%22%3A2%2C%22au%22%3A%5B%5D%2C%22hau%22%3A%5B%5D%2C%22ref%22%3A%22https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632%22%2C%22aa%22%3A3%2C%22pgid%22%3A%222e2e25d9-f69e-11e9-a99f-48a22fd145fd%22%2C%22v%22%3A1%2C%22format%22%3A%22jsonp%22%7D&o=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&csVersion=1.18.11&clearThroughOptions={}

Requested by

Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.108.72 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-206-108-72.compute-1.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

7b42e10fed90f2e7c55fbc74497fbfd221bbadf44274d9d87a13a1747fc2fae9

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 20:38:06 GMT
Content-Encoding: gzip
Server: nginx/1.12.1
ETag: W/"5c-02XlpZGTVLVXkm7ToQmOF0cyRPg"
X-Frame-Options: DENY
Content-Type: text/javascript; charset=utf-8
Charset: utf8
Connection: keep-alive
Content-Length: 84

GET
H2 200 px.gif
ad-delivery.net/ 43 B
384 B 7ms
7ms Image
image/gif 13.225.78.93
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.11300449849547722
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.93 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2017 18:59:05 GMT
server: AmazonS3
age: 313
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
date: Thu, 24 Oct 2019 20:33:36 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 43
x-amz-cf-id: 4XSmP4hjO8fAp__7zN8F2xkX-Bu3Y_oV7o1XdvYWT1zlyHStaaYy-A==

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76539a53-5c43-4ed5-9383-0170d0baf4f8&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPOzubJjDz-PPO8jsnelp_M&google_cver=1

43 B
112 B

18ms
17ms

Image
image/gif

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPOzubJjDz-PPO8jsnelp_M&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.165.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:06 GMT
via: 1.1 google
server: OXGW/16.165.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:06 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPOzubJjDz-PPO8jsnelp_M&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rD2UK3wV-32209783.mp4-8.ts Show response
videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/ 297 KB
298 KB 18ms
6ms XHR
video/mp2t 2a04:4e42:3::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/rD2UK3wV-32209783.mp4-8.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.11.5/provider.hlsjs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: otfp /
Resource Hash: ebdbd10220e37efbf0542b3262f79ad9d51a78733f2da34db5966e170f43b5fa

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:08 GMT
via: 1.1 varnish, 1.1 varnish
x-backend: s3-external-1.amazonaws.com
age: 52171
x-cache: HIT, HIT
status: 200
fastly-stats: otfp=1
content-length: 304184
x-served-by: cache-iad2120-IAD, cache-fra19174-FRA
x-fastly-otfp-info: ss=28.000 sl=4.000 vl=106.000 rs=480x270
server: otfp
x-timer: S1571949488.025862,VS0,VE0
etag: "FWZJn-_zcQyxyArKI-nLz0QvxhUhGkkyBgJAQ1bB5eqTVicAlEOd0Y7FQaQrNX13s8cMlOQIHXzgDiny6imrZU0fhg"
content-type: video/mp2t
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=530738705&t=event&ni=1&_s=5&dl=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&ul=en-us&de=U...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-142218-33&cid=1646358791.1571949483&jid=341069852&_gid=1964647908.1571949483&gjid=147321088&_v=j79&z=2134835694
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-33&cid=1646358791.1571949483&jid=341069852&_v=j79&z=2134835694
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-33&cid=1646358791.1571949483&jid=341069852&_v=j79&z=2134835694&slf_rd=1&random=1440478970

42 B
434 B

41ms
29ms

Image
image/gif

2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-33&cid=1646358791.1571949483&jid=341069852&_v=j79&z=2134835694&slf_rd=1&random=1440478970

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:08 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142218-33&cid=1646358791.1571949483&jid=341069852&_v=j79&z=2134835694&slf_rd=1&random=1440478970
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rD2UK3wV-32209783.mp4-9.ts Show response
videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/ 285 KB
286 KB 17ms
6ms XHR
video/mp2t 2a04:4e42:3::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/rD2UK3wV-32209783.mp4-9.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.11.5/provider.hlsjs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: otfp /
Resource Hash: 9f11a1e419585b748a32172344de6155d598f67feb6e0efc893d20e14f041f37

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:12 GMT
via: 1.1 varnish, 1.1 varnish
x-backend: s3-external-1.amazonaws.com
age: 1314331
x-cache: HIT, HIT
status: 200
fastly-stats: otfp=1
content-length: 292152
x-served-by: cache-iad2125-IAD, cache-fra19169-FRA
x-fastly-otfp-info: ss=32.000 sl=4.000 vl=106.000 rs=480x270
server: otfp
x-timer: S1571949492.025845,VS0,VE0
etag: "I6HeuJM1Dqhe8mscQPmWHUwqUo5VGvn4GVyR5APAxCGsZqZlfkYMFSIqcGURq8S0vljUAU87VEXkelfuL_VTSMgC0w"
content-type: video/mp2t
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 2, 1

POST
H2 204 perf Show response
trc.taboola.com/gomedia-lifehacker/log/3/ 0
328 B 31ms
18ms XHR
image/gif 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/gomedia-lifehacker/log/3/perf?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191022-13-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 24 Oct 2019 20:38:13 GMT
via: 1.1 varnish
server: nginx
x-timer: S1571949493.458820,VS0,VE12
x-served-by: cache-fra19144-FRA
status: 204
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://lifehacker.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
115 B 107ms
93ms Image
text/plain 151.101.114.217
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-2119552613&e=ret&n=6344205078948262&abc=1&aid=AD1z1CobEeO%2BuCIACusDuQ&ask=DimEexUw&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=3&emi=1yaph3211fuh&gfb=0&gifr=1&gios=0&i=0&id=rD2UK3wV&lsa=fail&mt=1&pbd=1&pbr=1&pgi=11qaost11x4a&ph=1&pid=jrGzgpY6&pii=0&pl=203&plc=5&pli=1oyjssy1w9bn&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Did%20You%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%3F&pu=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&pv=8.11.5&pyc=1&s=1&sdk=0&stc=1&stpe=0&t=How%20to%20Clean%20a%20Couch&tv=3.21.0&vb=1&vi=1&vl=90&wd=360&abm=1&ati=0&avc=0&bwe=27997&etw=10&fls=0&fsm=0&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FrD2UK3wV.m3u8%3Fexp%3D1587760413%26sig%3D963224a2e1057ea9d94144dbef9e0106&pbs=0&pr=7&q=8&sbr=490&ubc=0&vh=270&vti=0&vw=480&sa=1571949495097
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:15 GMT
via: 1.1 varnish
server: nginx
x-cache: MISS
status: 204
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn4077-HHN

GET
H2 200 rD2UK3wV-32209783.mp4-10.ts Show response
videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/ 256 KB
256 KB 6ms
6ms XHR
video/mp2t 2a04:4e42:3::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-fms.jwpsrv.com/content/conversions/sfAotXu3/videos/rD2UK3wV-32209783.mp4-10.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.11.5/provider.hlsjs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: otfp /
Resource Hash: 8263860534ca24360376fc7041f1e6ea0d9dd658d0b3caa051b1065f810ff572

Request headers

Sec-Fetch-Mode: cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:16 GMT
via: 1.1 varnish, 1.1 varnish
x-backend: s3-external-1.amazonaws.com
age: 63147
x-cache: HIT, HIT
status: 200
fastly-stats: otfp=1
content-length: 262072
x-served-by: cache-iad2150-IAD, cache-fra19169-FRA
x-fastly-otfp-info: ss=36.000 sl=4.000 vl=106.000 rs=480x270
server: otfp
x-timer: S1571949496.015049,VS0,VE0
etag: "BTcJrcAbpaRdi2ghaMle68q0suCgznL65XK_Ckvfipf77HNGTVDqoiV40UHhgCgtJt-tXZoX7lshnDCZynL0BFSuDA"
content-type: video/mp2t
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 263ms
87ms Image
image/gif 54.172.119.91
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=lifehacker.com&p=%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&u=DL5NniDyN_9FDff_BL&d=lifehacker.com&g=3012&g0=lifehacker.com&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=3798&o=1585&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=331&t=Bws83cwcoNlBCThHQBKkEtLCQ33zK&V=116&tz=-120&sn=2&sv=CIIbShDzf4cCBDPF1dDujPImBTfEAZ&sd=1&im=067b0ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.119.91 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-172-119-91.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Thu, 24 Oct 2019 20:38:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
49 B 94ms
93ms Image
text/plain 151.101.114.217
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1578983201&e=t&n=9033505937089972&abc=1&aid=AD1z1CobEeO%2BuCIACusDuQ&ask=DimEexUw&at=1&c=1&ccp=0&cp=0&d=2&eb=0&ed=3&emi=1yaph3211fuh&gfb=0&gifr=1&gios=0&i=0&id=rD2UK3wV&lsa=fail&mt=1&pbd=1&pbr=1&pgi=11qaost11x4a&ph=1&pid=jrGzgpY6&pii=0&pl=203&plc=5&pli=1oyjssy1w9bn&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Did%20You%20Download%20One%20of%20These%2017%20Malicious%20iOS%20Apps%3F&pu=https%3A%2F%2Flifehacker.com%2Fmake-sure-you-didnt-download-one-of-these-17-malicious-1839331632&pv=8.11.5&pyc=1&s=1&sdk=0&stc=1&stpe=0&t=How%20to%20Clean%20a%20Couch&tv=3.21.0&vb=1&vi=1&vl=90&wd=360&abm=1&ati=0&avc=0&bwe=28981&fls=0&fsm=0&ltc=160&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FrD2UK3wV.m3u8%3Fexp%3D1587760413%26sig%3D963224a2e1057ea9d94144dbef9e0106&pbs=0&pcp=13&pw=16&q=8&sbr=490&ti=13&ubi=0&vh=270&vti=13&vw=480&sa=1571949498347
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://lifehacker.com/make-sure-you-didnt-download-one-of-these-17-malicious-1839331632
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 20:38:18 GMT
via: 1.1 varnish
server: nginx
x-cache: MISS
status: 204
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn4077-HHN

Verdicts & Comments Add Verdict or Comment

239 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://kinja-com.videoplayerhub.com/gallery.js(Line 13) Message: Video gallery initializing
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101701.js(Line 1) Message: updateCorrelator has been deprecated. Please see the Google Ad Manager help page on "Pageviews in GPT" for more information: https://support.google.com/admanager/answer/183281?hl=en
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101701.js(Line 1) Message: updateCorrelator has been deprecated. Please see the Google Ad Manager help page on "Pageviews in GPT" for more information: https://support.google.com/admanager/answer/183281?hl=en
console-api	error	URL: https://x.kinja-static.com/assets/new-client/ads-outstreamNativeView.81366877f91bcac8a46c.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://x.kinja-static.com/assets/new-client/ads-outstreamNativeView.81366877f91bcac8a46c.js(Line 1) Message: TypeError: Cannot read property 'setItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-us-east.amazon-adsystem.com
ad-delivery.net
ad1.adfarm1.adition.com
ads.programattik.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
altfarm.mediaplex.com
ampcid.google.com
ampcid.google.de
api.rollbar.com
api.skimlinks.mgr.consensu.org
api1.lightboxcdn.com
as-sec.casalemedia.com
assets.bounceexchange.com
ats.otto.de
avclub.com
bidder.criteo.com
bttrack.com
c.amazon-adsystem.com
cdn.adsafeprotected.com
cdn.digitru.st
cdn.jwplayer.com
cdn.taboola.com
cdn.tinypass.com
cds.taboola.com
clickhole.com
cluster-na.cdnjquery.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
connect.scroll.com
deadspin.com
entitlements.jwplayer.com
eu-u.openx.net
f.kinja-static.com
fastlane.rubiconproject.com
fls-na.amazon-adsystem.com
fusion-media-group-d.openx.net
g.jwpsrv.com
gizmodo.com
i.kinja-img.com
ib.adnxs.com
images.taboola.com
imasdk.googleapis.com
insight.adsrvr.org
ir-na.amazon-adsystem.com
jalopnik.com
jezebel.com
kinja-com.videoplayerhub.com
kinja.com
kinjadeals.theinventory.com
kotaku.com
lifehacker.com
lightboxapi2.azurewebsites.net
loadeu.exelator.com
match.adsrvr.org
match.taboola.com
p.skimresources.com
ping-meta-prd.jwpltx.com
ping.chartbeat.net
pixel.adsafeprotected.com
pixel.mtrcs.samba.tv
pixel.rubiconproject.com
prd.jwpltx.com
prebid.media.net
pubads.g.doubleclick.net
px.powerlinks.com
r.skimresources.com
rtb.mfadsrvr.com
s.skimresources.com
s0.2mdn.net
sb.scorecardresearch.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
ssl.p.jwpcdn.com
static.chartbeat.com
static.criteo.net
static.scroll.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
t.skimresources.com
tag.bounceexchange.com
tag.mtrcs.samba.tv
theinventory.com
theonion.com
theroot.com
thetakeout.com
tpc.googlesyndication.com
tps.doubleverify.com
trc.taboola.com
us-u.openx.net
videos-fms.jwpsrv.com
widget.perfectmarket.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.lightboxcdn.com
www.npttech.com
www.storygize.net
x.bidswitch.net
x.kinja-static.com
x.skimresources.com
z-na.amazon-adsystem.com
13.225.77.205
13.225.78.102
13.225.78.93
13.225.86.250
130.211.13.252
143.204.101.16
147.75.102.200
151.101.113.194
151.101.114.2
151.101.114.217
151.101.114.49
151.101.13.181
151.101.14.2
151.101.194.166
151.101.2.166
151.139.128.10
152.199.21.89
159.180.84.2
172.217.18.2
178.250.0.130
178.250.2.152
18.185.154.43
185.29.135.42
192.132.33.46
199.166.0.26
2.18.234.21
2.18.235.93
213.254.244.19
216.58.207.66
217.79.188.2
23.45.99.242
23.99.128.52
2600:9000:200c:a600:18:1fcd:349:ca21
2600:9000:2156:8600:1:a3fa:7cc0:93a1
2606:2800:133:9a:24ed:9b6:1020:2655
2606:4700::6810:4b33
2606:4700::6810:4fa5
2606:4700::6810:50a5
2606:4700:e2::ac40:8e05
2a00:1450:4001:808::200e
2a00:1450:4001:809::200a
2a00:1450:4001:817::2001
2a00:1450:4001:819::2002
2a00:1450:4001:819::200e
2a00:1450:4001:81e::2003
2a00:1450:4001:81e::2004
2a00:1450:4001:81e::2006
2a00:1450:4001:821::200e
2a00:1450:400c:c00::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::729
2a04:4e42:3::729
34.206.108.72
34.252.37.207
34.95.120.147
34.98.72.95
35.165.120.69
35.190.40.172
35.190.59.101
35.190.92.63
35.201.67.47
35.201.68.171
35.201.81.77
35.205.46.65
37.252.172.249
40.113.136.100
52.28.115.40
52.3.64.39
52.33.92.11
52.46.128.194
52.48.220.206
52.85.183.133
52.94.233.131
54.154.201.99
54.172.119.91
63.33.115.128
64.158.223.157
69.173.144.136
69.173.144.142
72.21.206.141
80.85.204.245
99.81.228.121
01b56a4fafc76f5e789b0a139e63df462020e7a67c4d5155fe9917ef890bf1dd
0204a22aad3ad913018d9f2a1d77cbed8582c9cefc74ba4a539a908fa480abc5
03aaba90114598adf6e944a70c83bf37ba75304644e936036bb5394d7c487fc3
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
055f330096633280430b15a6dcabadb62caad174612659e9f59b38a73e9ae29c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07adf9f6eae9b5056f5a2cfdbfb0246664e9e44832a335c837161314452093a2
07f1fde0834d398c8b8c414a23c01b9074205992474b57511f1a41f95e09377b
0831fea7787943df31cfaa0ff21067100c8f1054b5a6966f258da2e34aa2997b
085fa8f34d40d06fce34f8207b8fc71321cccd4b597fbed4499bb8f074b554e6
0896770e642d7cbc933fc31e274f332179f05a61418bd7ed0eb9df91bcd4dcd8
09a4559862f62f7b58dacf2e7befa1e3f644a412adc920226b0840c5fa674d87
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0d52309b237d0b735bdbd3519b226218d03722e6caa8c62445507258101cd0d5
0db44590a2862777e5d7426a6b7132f5141c8f96514d97126507b363a504c98c
0ddb94829e53cec34c66e4bda8544de251149445ab4653ac8a89d981fbd05229
0e9324325e7bad86597c91ee8cf9e7f6bc0b83c6e03f29415e48511d19e64856
0f2baecff40f7dee3e8433e6a050cc0343b82232578904959fcb4c19a1388d99
0ffe7c84dff4b11a5fc5d6c2843911f101bcc0f2c3e84df7c45394fe02b57d55
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115089eea2c0493fc4f4d6eb37e1f474ba695c5a73a874f8db3b6d0fdb38a1bd
127f5d59ff49560e99f6ed4818a1759a42ae84a0f3638c4d3e55781e191d796b
136d2fc8638d58feef906f1ad2846a7007e927f36f4e0997eab0a038b8b052ca
1632f47c01494f594d96c356b5e3066f8261b89a9bcf9cd5409af2a88448bb16
18055970ed579103336ab02e1120b02fa2e09fb5902d8dd5003234ce75060dab
19396d9afb133bcc4f0f8e0ffc25b7d99b5331125f7d1b1f97f44975c012d937
1a0d71ab6f48ec8e156bc3368d1a1a9bc84f1e876c4d46643270516508f99dc1
1b4a1aeff7d72e054715d785f1a02111052d78b2655980f6bb16ed664fc667d3
1bd8284082454b09fee68083311c8c6b226c74b15b5302dd084eb3607e8c9642
1c0ea88c41880d4fc85293e58e1d226c10af9453cba40b6568197b37f8fe8dd0
201060ebf8f83654bfe93cbc4d1256452f4b9888b24c37c03f39428aa1395bcf
2123bab9d264a14db1468cd737bfa7a634283dbf90dbb7b9c740b252e6dde592
21cd28b7706ab48bb17628d632b7e757adba3c3a966733a28ede36e1f039c32c
22f5d260892be33a69931c9dd33b09aa888f59b2be5e4bf9e9f0cf728e965053
2744f88bfa4efd40366aa4c3fca4651589686608c059f6b7b63cfa4cc2530d69
27b449b19411540ad9de8b321e987573c7132402f0310f455e8708dc3df2fe71
2c2626ad020ab01dc512e3d7500fe403d474a05531c3890f0749e61b1b7d8e4d
2ce2a8d145c332d391a775c5d2a42c653453c2049e863c1a425b23cfca229996
2e1a386fbdd93f8ca52d3a2b2cb5aa806f43870fac8b4d4a76f2f26b09614644
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
304d737d88a38ef560f430e91ad6e67ec2687fb214d39087eb3cbcb3703cd250
31671c2381b66e762fac39945bf1fb1afcc84c2dd3a4116d92f2fe6b51bc701e
31b8f9eb57d49920b610d0242e3a782e752ce1d756aba53511fb01590dd63dfa
320fbafd7a6d83d1926e7d58351b51e518f821d496831257459728e5967be7e2
32d9965dd53ae124713ac02021acaf62292dcb095fe341629905a331019f29a8
35d042b76b10bd24015088915482025a9e129c8e42c4bc41bbea56d8a4f7a53d
36b93e9d04f7932d689aaa39f880647f706ca7cdf1fc78746311f35997b99e4f
38141a7f0041a7e0cdedc4da1a1040cf1b1a48e82f2202d6e44d8bf8377ca319
398e5202717359365a28bf8489ffb9f02516aad444fed8d68f61d4b226594107
39a2c07f9d172ce312dfd4d8601435fd72e1fcd494acebfb6ec1b36182923d9d
3acc13a46de6bc4f2de12302ef2487c581c50c6781f0835f2d94922d74047ae1
3c87983458bd8604b7741ce7612045aa0b04d862cec7921dda047e471d19c16f
3d05a2ffb9d97b22e0b31322d2497381138af21a304f4aa104fcb033f6ace1ad
3fabcc5478b06a73c76c598bce5f94568d787afb6d7f6fda371ed2785a6d2c64
4128833648b0ffd9e7192aff7c6081be634ec23dd06a9fafdd7d4fd00dfee531
43ab8cc1cc0d6aa973790c216a1a19ae93bfa76ea9fd04a111f0547482198cb0
44d53d01a76af8cb85ccb3eaf7e928d7e0fb60d3f9f30d581466986a0762ae1a
46e39eae2a2d0baacdb5e6ff588d14c31219dc8b00a1a113872cf3633c24ea72
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47c46c56931dfacea9cd225466aa746ec7e8053245b87fb67f2c8a47c447e364
488e95cb73e12982d785a786b04b761d7a9ff6f786dd9bf9a54115342e302c7f
4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8
49a48ba7152e4f9335e24afc52dd9919df7fcc6f3e5cd7eda443a141eca0a86f
4a20573a119be08423ad723eee0545a7de9d7aa82c70d901056e68db1c390539
4ac2e6dfb13ae41e118a0625585e6eeb4da03e2d37c34aae43d2ff9524075193
4ad586a287d58a0e1ef9347b92a3bd57622d8a08d98b0304d181f54e23d6837a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2e17a36eccdb07cd30cbd81593cf4f1492b336a79b2fe2768afc917cc09cb8
4e79c52a8e8d4f7c4eb7792ac9865e6d4cd664717e584640a145b928dad1c062
51fbe136f28f60bc09b2a92ec09f109e560fb76b14d564e46fbd39cc6020f425
520a9d9bbb5fd21c28c1913602f7554055b92a67d19a89495012c1aa2c931dba
5322be95a1a8874a2d6342027a063a1beeedf730c802e2d9ac9b50b5da01281f
53c21541a1a64f22f3a198163cf912a160026672d81be41372ea04412acbc63a
5447c4d9c91e76792ea435dffad1fa12fdf89040bfb281e0e903f91ebc76be3a
56b3374f0cd4d89ebe025d5a6515a02005c7a5fc172a427dd58dee84262643bc
5c3cb8e671a930fa5fb70990f3cc1f88cb2f1221bff84c077165e3c4a6027974
5e0623b057ba1f3f6d51959f1cc3d71029410f7f336bbf758cc66d6c750bd896
5e1c539257dbe9f77a102caef70038abe0f3fb0372f9fb6821db84c692e3f57a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f2421151c2d15a4542bf9a3ba74eafbf64972e344315de003e89815b331d928
5fa411f605affaf724de036aed6104452c09b90ab57c7f8bfe64c6b45c5079e8
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61cab6f4cf61fe2069ae904eec900f07bd88680af6fd021a2b773e4905e4908b
61d6331496619d60a04b895636cc2db8fd1cf3f42d84721b8632f938648a0d71
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
63125723c148b0c5391dea8c827d96958a6706a542f8b45822904aaefe10c4ad
639c61070ffb3b8c386e7ecbd0f0377ebfc183f911c61a4ad34967ac738a2a2a
6536179e59dd752b710ca18dd5e7f60f19e9a9f2539b59a83a658047eea0aa1e
676610cf5c37630e2690d039e8f240ee7fbedbf27b1a9fc1b5d000070562a060
6983fe9f34fb02c15f5d48ff139686dc0c12ae3eb0ddee42d1020952e4a05d45
6a76dac73180ca52d1a0cc9010ed6a21ee403015e3f7a7c81fa5b86613cde148
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c8c19fe5d9f5d4663735ec950cbe194a1c0dbfb5b708ffbc2c5a28e784d71cc
6d0ba9e282072d88ac422e82e6c6afe94b7db8aee29ad5cf90f02cffe2c69279
6d6cf6128d5808479b811c300b28161bcf5573e2074792585f334a565c870e9f
6d944bebb25ed7fd73f679b45d906d29efb65aced31035970af6c7affe816ff3
6e0bbf91f1b82b8e749315e6fa6a5604b34af89fb34c35efda71ae9c1d55985b
6e2aea6c477e64819d01d9fb012341c1455afbf0d4d1dcf4fb673c8edc8e205f
71efae339209dd10bd67324eaf8ed7425f17de4dc5bc6e04f54449722f490a6f
73fe9fc12ec532768c56a0671b5ca48113e9f57270e13cdcd79b6400f8d2a2eb
746fbf5c4fc50ae5eacd47e60c1098a3ba2db446127ecad1444d45bb5c6ad3c5
74cf2ed413b01801dc114aca93edde3dd7a32dbbe721b41fc5e2cf5778ee9a73
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
758a4bc989980f3c95fa1c33a55bd82dbec492c39bf6e185ab3db6b05ff5337f
75cc46e301ab83a361c78ea96c8de9b0d7a7cde389b5af07af7fbea6bfddf43e
75cc924f48ff830c2435491fe6c696f6a4c63df4616e369165c0b50da967afc8
766da66cc2bb78d6895761da1b7a604d814585e2d284b6915f13035c496eafc6
77439e97f78f298dcb9ce704b5ee8e5df1f404c04edd15c7655914ddfed6bfc7
7761cb0b5bc6c17c2c583966e964398507ac882a020c4fe858cfb0c28bafbd1f
77a0834c97e9f7b07129df37c8aca5aab0259e4349f84f299067b67a3604fc14
794ed32133bdc1adf80dfce31440af78c9fc6d21a3563d764df8a95ca6c7e0c2
7b42e10fed90f2e7c55fbc74497fbfd221bbadf44274d9d87a13a1747fc2fae9
7e666457e3e1dfe91bdbc4f8057e11898e640ae0e5481646d54a0f7298853e2e
7e7447ff596b2eb7ba071c48ed48cf661425fdcbb1db3f5561596877396386ac
7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e
7f7c8226fe17302111f89e5780a95c3868793462023f4ba33ebba2f810aa8ea0
8022232d98174fcda53732d2a26b2c01dc5e377336172a0cbdab397a69afedeb
820de1481e31073eab013d859efd4c080c6a7317538627df1cf308dcf982b0e5
8233857a60ccfbd32563bd26bb44e50c60d8ba564c5ca8a8fd88b97347842261
8263860534ca24360376fc7041f1e6ea0d9dd658d0b3caa051b1065f810ff572
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8388a16242e9e9d5d6e341048baae65ed4a001b99c9f363f261c3bdc297570f5
85b43dc32294fd96d93bbe7c00142171a9b0e03b2cc803151502fbeafc15dc1e
8a760eea6fceef45c0f6c635a259aa7cdeee28065a19941bb0fee122fb6d0427
8be4ae61ae2c169fe49c907efed36a65ed0b681b564e5b300ad7f6d032322dd9
8c3a9972cace87cc133ca8ac1222fde007104d758534a9bbecef3a0bf31f8012
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fe5f0c4bdaf3e031a6172679193e88d3a24c7deb6e3c7e2b2a477061cc1ad81
93925a678ea616db7db8dd54fc92f19c7844472dda0ae3b8dcbdb30297f234d5
954b00ed06997f9c291846209e59a6e07ac1234400c39b7270c5bd2f45729fda
9691ae778ce1a0ba0ec8e9b6f63f419411635276b6e5519f99b816246c5d7854
96962befe6be5a1818af198e162ecc61a0b9f5d489ed2dbee1adfb6a9fbd16c8
9757c7601c89f4ef980b5cdc7d9d412261863c490cf15245531a1cafda078883
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99486805226925c8956af4060209f84d8069fae36333d280a88afa276aecdd97
99fd27cd410417b5633d3fc37196751afc4b3f9ffa5853dedb73cfcb3e810d7c
9dc37302d38cff6f27868f9a6fb4898ab989987ac3cb25a8c048e70256b074d3
9f11a1e419585b748a32172344de6155d598f67feb6e0efc893d20e14f041f37
9fec1a88f669866c1d1b38746e9ae5d7a68c47fd5d524202e642eceed738d4a2
a03faced3009fb10b52543aa37d64bf267dffd4ec013767368830361cc75454f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e4915c21a39353fed9f698e5d1453941e7cd39bd0ec2ec622dbada67de4ea2
a2556fa6177e6c2d5123ce1e92eb097d0f35f2ddf45736896be0c4bca872e104
a26fb2e6620540faf9520157b1713f8b70758512ae8cd2d3f6e24b1012ddb2fb
a3d3dcc4d1786c79f5d01663b9bfd7009db2f8554329f403dfa750c21489eb15
a5ec5d615c258fbe3e2b7b87270b862a3c28a2ad66a9113658ef6c7d9f2a3306
a701801507d8899f5b4e60e20f9e9cb3beb0fce64706fae0734a7ae62aff4f8e
a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb
aa79cfcaad4eaefb645ec13f0f98a4aac875ded1f3876b43158f8bfdadf74351
aba7a7abc0810f97a439e5734452fdfd6d6dd86086b01ade08df7b878653e6aa
ac07b4658c23dff21b79605198b44f0bee09246e4541f0cbbc80bf34258f9d2b
ac33700a7969bcf5931efdb1d994407ef4bbbf2c9bebf824349ad9caacdc12f3
acff8fc3204d2489d2959fc9ca7dae5e02021ec0db17cdfdf746111e085083a5
af496f77aba3b32a7ba3625bb02d7d085f25b404b202e6a1bf1428146674c58a
b0ded6f2ecfb58721916714d981ea566850acee90eb12ebb26ed9b7e746637df
b116aa5f250a406f29e5bd4efdcdb2ab93938e9016e26297041da2e6f24ad1a6
b2dbb2765ef8da15ab2a6f68aba37ee837a9347911283dea527b4fc5f3175c2f
b42bccfca3c4a2b0508821e94280773b751b7dc7c85104a2acb97471d48dd471
b5613699dd9439fb16734a697696075a1a265326e97003e8e786b6dfcacc268f
b57f0069e1300da061b0a607acae9b5a679c14867fbcb709e9cae9691ebf643f
b78fe692bbc01ad3294f8cc42df84c617f5e4668533c6369c49e551785ef5c8c
b8bf579633d4c5bffe3bffca9b260ee8101a98914054f6e56c8b454fc91c5c99
b93c643aedf4f7b281451fc4ac71a9cf04902afe79bd91a88285aa0161fee831
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcd5109f534736c12c47bce01d09b8922845d23fd60715d70328cd0780dc77e6
bd966bd87cf68ccaf790c731cfc29b7d1e720c16f1dd90edcf7c6bae2a8459d4
c0b51b9cf933bb7a58ddf6bd20224f38e9f96e570b074ea6cd9a54f9d244b33c
c1fe635f8f93fdd031eac7378c190f3c86c460fe3a0946673c8387000e1c1212
c200137400cd0066c50ba6bd44806623540d1c28b2c48a698c5f57aa6c7026af
c477bb859d4a45df8c47588bbe009e5af8b23070f0ce8a16a39a79de2d96fb90
c47e9716e066bfb5e6115ae665fd38d969bca4bc293af51adc473550c22614b2
c488b2866812cd633c5217f35441899242a772a49cb56cb06314caa585c76dbe
c574363b1a459fcb6ee6683aad14dc5e1d758ae274a4f9274c632314a22ca88f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cae23f66c38097636ff2f2d08d43c8ff67506b7d3d807b097432ca754504120f
cd0074f3586d9b8f84c55f202df1b5c6f6156313d4713c40c65a28987f896d20
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d20e8c8ef05423cb477c5a37d707a97d348b720c06ba38d5fa5c0c37fd80bf82
d3dd61d541eefdb864727e2c9c2f785693f6ee88cd4c8661d251d5bd552266bd
d4ace6292bd23af6fe7411fcdd2f1dcbb4be573f6b70ed73dd7bc00e8c480f56
d4c83e7060e86af1058cda62d8ebda25620a02cc5f18193132f5b07fb5bd4824
da791a3f6ccdf73d74f7169a83765162bf1246747a0d0e7a6d92ab82d8913879
daefc5546911c7d9107f0f0e058eaa82e8b09255fbbfaa26e1948baf2f8992a5
db9180228d58f6bc369e137bbd20fa63d38776d6471db51f29716a7502e372c6
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd787044f07fb551657e198707ea27bfddcf6cf53bd6e8bf5efd6322a5273cba
de5d79ff10b655d17e4025c752678fe84831ab8781ca423011abe027ef2f3a72
df37c434f293290c1c54744e09455e0f515d7fb5be19e7b75c7fb60b0c2505a1
e15ef749b09c4243a569577f526da452f94e9570c81a8ef2f61c731f4f3e6478
e2146a9a524ba4335425453dbbe057a152f84fc94fc1fe84b439d3373aa666d4
e2edc269475f6b75fd3aad5bc27c2dc24454086ed5960a59fb563502647f736b
e33c5690e696436005535c8d45b87038d247fc42807a22c1725f151d6fb00844
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d5371d64e715381c08de03124be479a66d6855d670eef49638ccc05f520367
e47c92071607d6eef10b2ad3afd5fb415521ec1b5223517497edefc314715357
e6209adccdba9b8c1db2800a765b8ac37decbd7e6014b19432934eaeb402afd6
e6e0439235d5319584af372f9b4575df851a999143885b40a46dc05f48bb046e
e7a94fb0d453c6e0f6363a5b2f930dcea3a7b9468c1d9e7336813d89f77f9d5a
ebdbd10220e37efbf0542b3262f79ad9d51a78733f2da34db5966e170f43b5fa
ee1562c88d2eb7a64e6e3a31368e1c9cd54bb1eea160a4c16c6267e9999e556b
ee9b85b63056ee85dac06408a3c33c0765f827efb47bfedf10fe266ee4566e1f
ef045621d99ac151ebb42a2186d5431676a6608c3fa6a18e09f7e9fa00d5d080
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6e5da10e3c0be8049df7f4f8e50fa12172dda0d2719c083383330b124c7d29
f0501575b22c02d63f881d26e2d59279c9f0a9f75af27a8e7fbbc118f8d15ca4
f0d3c5604e7d31126006921c7b4ba51bf013073f77857420b884c83ccd36a06a
f145258b3e2233b15e58df3760ad9a5bd9f08e73c5be540aa34a289eb9378045
f14deabfa67fa1c80973ba23f60cefbe9d4cc7dd3e4e5993bea0fb885d3f4958
f24d0b32c4a90f1858b11f22a1a289102f57db6cd2e0eb1c0513efde99f8f5da
f431236c7fc64078423fccd1a6abf56bdf510c54fdee60fe66196fecca955c04
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f743f6edb565a22dce59234e2001ef120ee37e426bd951acdbfbcb10578cd58c
f8b34d5e35fee30828c18317caa07aa0a03b9c6f5fda5bc240677b464b2c569b
fa419a6433307dc90dec6b7907ce9affac386bbb904f234317a15c1b4227abdd
fc551f16b73ddf58f1a2233210b3dce9e7997aeb15994559da77b91dc4866b39
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fff4fe60bda732b610f29654ec2efbe62a489e71b526db88df24bb91c519c640

lifehacker.com Open in urlscan Pro 151.101.2.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

304 Requests

99 %HTTPS

25 %IPv6

73 Domains

106 Subdomains

69 IPs

9 Countries

8205 kBTransfer

17195 kBSize

0 Cookies

32 Outgoing links

Redirected requests

304 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lifehacker.com Open in urlscan Pro
151.101.2.166 Public Scan

Screenshot
Live screenshot

Full Image

304
Requests

99 %
HTTPS

25 %
IPv6

73
Domains

106
Subdomains

69
IPs

9
Countries

8205 kB
Transfer

17195 kB
Size

0
Cookies

304 HTTP transactions
1 data transactions