www.technologyreview.com Open in urlscan Pro
34.206.36.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://trib.al/thyWej3
Effective URL:
https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign...
Submission: On June 17 via manual (June 17th 2019, 10:59:29 pm UTC) from NZ

Summary HTTP 151 Redirects Links 57 Behaviour Indicators

Summary

This website contacted 55 IPs in 7 countries across 47 domains to perform 151 HTTP transactions. The main IP is 34.206.36.121, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is www.technologyreview.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 1st 2017. Valid for: 3 years.

This is the only time www.technologyreview.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.72.61.95 52.72.61.95	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
9	34.206.36.121 34.206.36.121	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a02:26f0:6c0... 2a02:26f0:6c00:293::3adf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	147.75.81.98 147.75.81.98	54825 (PACKET) (PACKET - Packet Host)
1	151.101.36.157 151.101.36.157	54113 (FASTLY) (FASTLY - Fastly)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1 3	2.19.43.224 2.19.43.224	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	147.75.205.43 147.75.205.43	54825 (PACKET) (PACKET - Packet Host)
10	2606:4700:10:... 2606:4700:10::6814:1bee	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER - Twitter Inc.)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	151.101.1.2 151.101.1.2	54113 (FASTLY) (FASTLY - Fastly)
2 9	34.252.62.73 34.252.62.73	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY - Fastly)
1	2600:1f14:e96... 2600:1f14:e96:5800:5571:ae82:1dfd:9bde	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	143.204.214.33 143.204.214.33	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2606:4700::68... 2606:4700::6813:c497	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2 3	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1 1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER - Twitter Inc.)
2	143.204.208.18 143.204.208.18	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2600:9000:200... 2600:9000:200c:fc00:1f:573d:79c0:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	91.228.74.172 91.228.74.172	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1	52.216.228.11 52.216.228.11	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	147.75.83.19 147.75.83.19	54825 (PACKET) (PACKET - Packet Host)
2	152.195.132.202 152.195.132.202	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	34.231.31.77 34.231.31.77	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	35.175.26.81 35.175.26.81	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2606:4700::68... 2606:4700::6811:74b0	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6811:e6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2406:da00:ff0... 2406:da00:ff00::36e1:cec6	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2600:9000:200... 2600:9000:200c:9a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.206.73.13 52.206.73.13	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	104.111.241.32 104.111.241.32	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2 2	34.95.92.78 34.95.92.78	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	92.122.252.239 92.122.252.239	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2 2	52.210.188.213 52.210.188.213	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 3	18.185.83.216 18.185.83.216	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	91.228.74.192 91.228.74.192	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 5	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 4	2600:1f14:e96... 2600:1f14:e96:5800:2ac1:df32:cad0:ed7e	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
6	54.152.84.119 54.152.84.119	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2 2	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	3.216.32.87 3.216.32.87	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2606:4700::68... 2606:4700::6810:fb05	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	34.211.241.234 34.211.241.234	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2606:4700::68... 2606:4700::6810:fd05	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
7	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
11	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE - Google LLC)
13	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
21	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2606:4700::68... 2606:4700::6811:f2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
151	55

1 52.72.61.95 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-72-61-95.compute-1.amazonaws.com

trib.al	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.206.36.121 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-206-36-121.compute-1.amazonaws.com

www.technologyreview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:293::3adf (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.81.98 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-30

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.36.157 (Amsterdam, Netherlands)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.43.224 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-43-224.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.205.43 (Chicago, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-31

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:10::6814:1bee (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.technologyreview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.2 (United States)

ASN54113 (FASTLY - Fastly, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.252.62.73 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-252-62-73.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY - Fastly, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:e96:5800:5571:ae82:1dfd:9bde (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

api.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.33 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-33.fra53.r.cloudfront.net

cdn.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c497 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:f500:11:101::b93f:9005 (Ireland) 2 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.208.18 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-208-18.fra53.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:200c:fc00:1f:573d:79c0:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d8rk54i4mohrb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.172 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.228.11 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.83.19 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-24

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.195.132.202 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.31.77 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-231-31-77.compute-1.amazonaws.com

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.175.26.81 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-175-26-81.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:74b0 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e6cc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2406:da00:ff00::36e1:cec6 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)

edge.simplereach.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200c:9a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.73.13 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-206-73-13.compute-1.amazonaws.com

srv-2019-06-17-22.config.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.241.32 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-241-32.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.92.78 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 78.92.95.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.122.252.239 (Ascension Island) 2 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a92-122-252-239.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.188.213 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-210-188-213.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.185.83.216 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-83-216.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.192 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f14:e96:5800:2ac1:df32:cad0:ed7e (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

api-34-211-241-234.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.152.84.119 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-152-84-119.compute-1.amazonaws.com

technologyreview.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9d (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.216.32.87 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-216-32-87.compute-1.amazonaws.com

srv-2019-06-17-22.pixel.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:fb05 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.211.241.234 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-211-241-234.us-west-2.compute.amazonaws.com

api-34-211-241-234.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:fd05 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.22.66 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f66.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f2cc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	moatads.com z.moatads.com px.moatads.com	359 KB
19	technologyreview.com www.technologyreview.com cdn.technologyreview.com	636 KB
15	googlesyndication.com tpc.googlesyndication.com Failed pagead2.googlesyndication.com	424 KB
13	doubleclick.net 2 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net	126 KB
9	ml314.com 2 redirects ml314.com	16 KB
7	blueconic.net cdn.blueconic.net technologyreview.blueconic.net	125 KB
6	googletagservices.com www.googletagservices.com	149 KB
6	b2c.com 1 redirects api.b2c.com api-34-211-241-234.b2c.com	7 KB
5	google-analytics.com 1 redirects www.google-analytics.com	20 KB
4	cloudfront.net d1z2jf7jlzjs58.cloudfront.net d8rk54i4mohrb.cloudfront.net	35 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	hubspot.com track.hubspot.com forms.hubspot.com	5 KB
3	google.de www.google.de adservice.google.de	699 B
3	google.com 2 redirects www.google.com adservice.google.com	841 B
3	facebook.com www.facebook.com	421 B
3	eyeota.net 2 redirects ps.eyeota.net	917 B
3	parsely.com srv-2019-06-17-22.config.parsely.com srv-2019-06-17-22.pixel.parsely.com	1 KB
3	simplereach.com edge.simplereach.com	1 KB
3	facebook.net connect.facebook.net	78 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	91 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	mathtag.com 2 redirects pixel.mathtag.com	1 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com	781 B
2	cookielaw.org cdn.cookielaw.org	22 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	6 KB
2	quora.com a.quora.com q.quora.com	5 KB
2	bing.com bat.bing.com	7 KB
1	hubspot.net cdn2.hubspot.net	50 KB
1	hubapi.com api.hubapi.com	587 B
1	onetrust.com geolocation.onetrust.com	325 B
1	bluekai.com 1 redirects tags.bluekai.com	787 B
1	quantcount.com rules.quantcount.com	355 B
1	hsleadflows.net js.hsleadflows.net	60 KB
1	hs-analytics.net js.hs-analytics.net	26 KB
1	hsadspixel.net js.hsadspixel.net	2 KB
1	reddit.com alb.reddit.com	316 B
1	amazonaws.com s3.amazonaws.com	3 KB
1	twitter.com analytics.twitter.com	672 B
1	cloudflare.com cdnjs.cloudflare.com	29 KB
1	redditstatic.com www.redditstatic.com	5 KB
1	hs-scripts.com js.hs-scripts.com	1 KB
1	t.co t.co	486 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	bizographics.com sjs.bizographics.com	5 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	trib.al 1 redirects trib.al	245 B
151	47

	Domain	Requested by
17	px.moatads.com
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net
11	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.technologyreview.com
10	cdn.technologyreview.com	www.technologyreview.com
9	ml314.com	2 redirects www.technologyreview.com ml314.com
9	www.technologyreview.com	www.technologyreview.com
6	www.googletagservices.com	www.technologyreview.com securepubads.g.doubleclick.net
6	technologyreview.blueconic.net	cdn.blueconic.net
5	api-34-211-241-234.b2c.com	1 redirects www.technologyreview.com
5	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com www.technologyreview.com
4	z.moatads.com	securepubads.g.doubleclick.net
3	www.facebook.com	www.technologyreview.com connect.facebook.net
3	ps.eyeota.net	2 redirects www.technologyreview.com
3	edge.simplereach.com	d8rk54i4mohrb.cloudfront.net
3	px.ads.linkedin.com	2 redirects www.technologyreview.com
3	connect.facebook.net	www.technologyreview.com connect.facebook.net
3	sb.scorecardresearch.com	1 redirects www.technologyreview.com www.googletagmanager.com
2	pagead2.googlesyndication.com
2	track.hubspot.com
2	srv-2019-06-17-22.pixel.parsely.com	www.technologyreview.com
2	www.google.de	www.technologyreview.com
2	www.google.com	2 redirects
2	stats.g.doubleclick.net	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	pixel.mathtag.com	2 redirects
2	idsync.rlcdn.com	2 redirects
2	cdn.cookielaw.org	www.technologyreview.com cdn.cookielaw.org
2	d8rk54i4mohrb.cloudfront.net	www.technologyreview.com d8rk54i4mohrb.cloudfront.net
2	d1z2jf7jlzjs58.cloudfront.net	www.technologyreview.com d1z2jf7jlzjs58.cloudfront.net
2	bat.bing.com	www.googletagmanager.com www.technologyreview.com
1	cdn2.hubspot.net
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	forms.hubspot.com	js.hsleadflows.net
1	api.hubapi.com	js.hsadspixel.net
1	geolocation.onetrust.com	cdnjs.cloudflare.com
1	pixel.quantserve.com	www.technologyreview.com
1	tags.bluekai.com	1 redirects
1	srv-2019-06-17-22.config.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	rules.quantcount.com	secure.quantserve.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	q.quora.com	www.technologyreview.com
1	alb.reddit.com	www.technologyreview.com
1	vars.hotjar.com	static.hotjar.com
1	s3.amazonaws.com	www.technologyreview.com
1	secure.quantserve.com	www.technologyreview.com
1	analytics.twitter.com	static.ads-twitter.com
1	www.linkedin.com	1 redirects
1	cdnjs.cloudflare.com	www.technologyreview.com
1	cdn.blueconic.net	www.googletagmanager.com
1	api.b2c.com	www.googletagmanager.com
1	www.redditstatic.com	www.technologyreview.com
1	a.quora.com	www.technologyreview.com
1	js.hs-scripts.com	www.googletagmanager.com
1	t.co	www.technologyreview.com
1	script.hotjar.com	static.hotjar.com
1	static.ads-twitter.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	sjs.bizographics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.technologyreview.com
1	trib.al	1 redirects
151	63

This site contains links to these domains. Also see Links.

Domain
onetrust.com
subscribe.technologyreview.com
go.technologyreview.com
events.technologyreview.com
mediakit.technologyreview.com
insights.techreview.com
twitter.com
www.facebook.com
www.instagram.com
www.linkedin.com
dragos.com
www.fireeye.com
www.npr.org
alertlogic.qa.hbr.org
theblog.adobe.com
reddit.com
linkedin.com
api.whatsapp.com
www.nytimes.com
www.congress.gov
apnews.com
tech.fb.com

Subject Issuer	Validity	Valid
*.technologyreview.com DigiCert SHA2 Secure Server CA	`2017-05-01` - `2020-07-08`	3 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2018-04-13` - `2020-04-17`	2 years	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2019-06-08` - `2019-09-06`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2018-08-16` - `2019-08-21`	a year	crt.sh
www.bing.com Microsoft IT TLS CA 5	`2017-07-20` - `2019-07-10`	2 years	crt.sh
*.scorecardresearch.com COMODO RSA Organization Validation Secure Server CA	`2018-11-28` - `2019-12-26`	a year	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2019-06-08` - `2019-09-06`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-06-06` - `2019-09-04`	3 months	crt.sh
ssl817718.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-05` - `2019-09-11`	6 months	crt.sh
*.quora.com DigiCert SHA2 Secure Server CA	`2018-08-15` - `2019-11-26`	a year	crt.sh
*.ml314.com Amazon	`2019-03-16` - `2020-04-16`	a year	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2018-08-17` - `2020-09-02`	2 years	crt.sh
*.b2c.com Amazon	`2019-03-24` - `2020-04-24`	a year	crt.sh
*.blueconic.net Thawte RSA CA 2018	`2017-12-13` - `2019-12-13`	2 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-02` - `2019-09-08`	6 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2018-10-16` - `2019-10-21`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-12-03` - `2019-10-25`	a year	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2019-06-08` - `2019-09-06`	3 months	crt.sh
sa437gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2018-05-17` - `2020-08-19`	2 years	crt.sh
alb.reddit.com Amazon	`2019-05-20` - `2020-06-20`	a year	crt.sh
ssl803643.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-05-29` - `2019-12-05`	6 months	crt.sh
ssl803670.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-05-29` - `2019-12-05`	6 months	crt.sh
ssl817706.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-05` - `2019-09-11`	6 months	crt.sh
*.simplereach.com Amazon	`2019-02-06` - `2020-03-06`	a year	crt.sh
*.config.parsely.com Amazon	`2019-02-27` - `2020-03-27`	a year	crt.sh
www.eyeota.com COMODO RSA Domain Validation Secure Server CA	`2018-02-12` - `2021-02-11`	3 years	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2018-03-12` - `2020-06-14`	2 years	crt.sh
www.google.de Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
*.pixel.parsely.com Amazon	`2019-02-27` - `2020-03-27`	a year	crt.sh
ssl817724.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-05` - `2019-09-11`	6 months	crt.sh
hubspot.com CloudFlare Inc ECC CA-2	`2019-06-16` - `2020-06-15`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
moatads.com DigiCert ECC Secure Server CA	`2018-11-10` - `2020-02-09`	a year	crt.sh
hubspot.net CloudFlare Inc ECC CA-2	`2019-04-16` - `2020-04-16`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Frame ID: 135E47CC4ECAD66BDD973E10F6A745E9
Requests: 123 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: 07D7FFD28BEA2C18F445F97AE72FEC7F
Requests: 1 HTTP requests in this frame

Frame: https://d8rk54i4mohrb.cloudfront.net/container.html?pid=5579ded9736b79d48fc40100&title=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&date=2019-03-05&authors=Martin%20Giles&channels=Computing&url=www.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&ignore_errors=false&referrer=&ref_url=&page_url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&cb=SPR.API.callbacks.cbfgpkceof&v=2.18.7&cache_buster=1560812352609
Frame ID: 1D508A701B9A3B1A250882E7539B7BF6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9C8F3A06FBE3D5C34B859703C1EC006C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPYDSc16DNG-alVM4ltJLxXrP5wCSW3GqsbmDz1VOA2whBFYRCYxt8Dlhy7idPVOoN1iww46nx6V9UBKoo4ZJRQ_uU46bexMuJ6UpP_7GNknXGuANstDJkTMirb3vhSduuDVjW7a6Fg8lkZSey60cO4I5juRIE19W77caaiMDOUepHtXqMkBr4OTbWUTDxTqhfZ58zcCREpxWQhtlQsZl26jru2q-UxwAaZlel8SF_94cmVAKjWjf4zxeiK9Fk3lUdI94zwueOBr1b85U&sai=AMfl-YRgqpO_-hlMkvbI1QCF6JqAFhihg9uVIAgkir6zybl7X6-aE9br7ROHrKwupHR9bUOplAD15ASdzRk9a-pQbce29W7FLt9OanU93Cdj2w&sig=Cg0ArKJSzKfilXT0aDtnEAE&adurl=
Frame ID: 3E90DFB21EDA5A5D57C591D3839D949B
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmRuE2ConCk0jYR7_WIXVKw_D0ldd98HTJIFVlxQgKgKnpOaxFLz_1RIFqzbJRAlfXz9Hm-12zjo0Z_f-6TNGTrPXKqWP31vJ02DGyLanRm-GqftqOUS9UPXNlUA1AmSWZQ9mKFOsnnNRrUyNz5FRhhFqJR5vYlVV-WwLgsHX3whJJBCIv-ksvRWUMoc6jgV6brdHCTkWCaEUNNDv2DIwy2wXhKv2BP9lK0eLwsT-sTm1LeMf-yAcJ1bdJJCRymmqVNjS-eFLvWvk6uKU&sai=AMfl-YSNPoNMmPJGgp585eEvlFtAn74Hbg8VsXnREnrldNrthPOmvKorGKM7b7EW-tra_2I9Oj8_veDAXCYCNx3tXk4XT_8ET2xCYtFcBMEP&sig=Cg0ArKJSzKmSO0-LZXLbEAE&adurl=
Frame ID: 7F17B43D4E2B69CFF5BD16EB6C2E8CED
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html
Frame ID: D3BFE48182A1DFB44F438690BAA65797
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFazh0JgyS2mBgI7jDgk7V8KZwIRGl-8d-Y-K6oQiNbAAp-WIT3_FGwXZlL5l6Ega1x_SNa_-QovW2407NnSBiRyGLexQhRZyAW7xKT2cVSmdsOmfuJllrts5tHMB8StDwEEYMY3FOdd66lDC864jBer4dzzBr2NJvv1K17ol_arNc-r5Ey8srr4uN9oEc00vhk9Rt5jxttLwAKS5eGkeexd6C3dRb1Tf1YD38pAF5v4Jv19_afG0QsSfmo0TjoOrm9fdbVUE7MYPX9FM&sai=AMfl-YR8KHRqPt6fF35uoYm8QIVruggnxAIt9u6qJ7dkSY8RRHYJaJjVxA2oxBVoTud4DBmKx_oYJpXZyt2UasqExwaill-TsX8uj2HReij6&sig=Cg0ArKJSzLnHc-_vYwB1EAE&adurl=
Frame ID: A1F20264F35231C919B1DF2F4A83C01F
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5dS_uASyKSPm9uCcuOElynm0ZMRvGvYq9M8mLyilaVwdLoeOjcZ6fPU7gpxtYJwMVOJ71Tl0isCyB7mzLuzWvJdFDhQ7KBHuzCbiRuM2ckIBt1uvxPym8qrbU9T9hkvLvXqZQrVS3ZeSKu2iH24jqHP2ecteg17Y79plHPjmQQzIEayq-Fo9XZIWzwoK4duE2UiRuoOCQlz9QSEg3i3TpxzVe_5hqkUK3F14nZ1X0hwZVUMA3u4nsiWVhsI7AP8Sox0k2lyVrDlGr-DhhNdcVXEUH6d4dbaDdhszkqqcGSsvgqaisOQ&sai=AMfl-YRzeyNV4cbTuz_y4vMq-vFbhTeZyfC3MsMVwesHtlE1uKN_uSAMT_vefOTgudXucz6U_xy4nfv_fsGa2dr3JRVzaMJzj4IwIXfKKVVl&sig=Cg0ArKJSzLiDdHex3SG1EAE&adurl=
Frame ID: D7B0E45DB03B10945DF583C5E31D04F6
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://trib.al/thyWej3 HTTP 301
https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr... Page URL

Detected technologies

Erlang (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Cowboy (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

151
Requests

99 %
HTTPS

50 %
IPv6

47
Domains

63
Subdomains

55
IPs

7
Countries

2338 kB
Transfer

7282 kB
Size

25
Cookies

57 Outgoing links

These are links going to different origins than the main page.

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://subscribe.technologyreview.com/ecom/mtr/app/live/subcustserv?pagemode=start&org=MTR&publ=TR&php=Y
Title: Manage your subscription

Search URL Search Domain Scan URL

URL: https://go.technologyreview.com/newsletters/the-download/
Title: Daily Briefing

Search URL Search Domain Scan URL

URL: https://go.technologyreview.com/newsletters/chain-letter/
Title: Blockchain and Cryptocurrency

Search URL Search Domain Scan URL

URL: https://go.technologyreview.com/newsletters/the-algorithm/
Title: Artificial Intelligence

Search URL Search Domain Scan URL

URL: https://go.technologyreview.com/newsletters/fwd-economy
Title: Future Economy

Search URL Search Domain Scan URL

URL: https://go.technologyreview.com/newsletters/the-airlock
Title: Space

Search URL Search Domain Scan URL

URL: https://go.technologyreview.com/newsletters
Title: View all newsletters

Search URL Search Domain Scan URL

URL: https://events.technologyreview.com/emtech/
Title: EmTech

Search URL Search Domain Scan URL

URL: https://events.technologyreview.com/emtech/digital/
Title: EmTech Digital

Search URL Search Domain Scan URL

URL: https://events.technologyreview.com/emtech/next/
Title: EmTech Next

Search URL Search Domain Scan URL

URL: https://events.technologyreview.com/presents/business-of-blockchain/2019/
Title: Business of Blockchain

Search URL Search Domain Scan URL

URL: https://events.technologyreview.com/video/
Title: View events video

Search URL Search Domain Scan URL

URL: https://events.technologyreview.com/events/
Title: View all events

Search URL Search Domain Scan URL

URL: https://mediakit.technologyreview.com/
Title: Advertise with us

Search URL Search Domain Scan URL

URL: http://insights.techreview.com/
Title: Insights

Search URL Search Domain Scan URL

URL: https://twitter.com/techreview

Search URL Search Domain Scan URL

URL: https://www.facebook.com/technologyreview

Search URL Search Domain Scan URL

URL: https://www.instagram.com/technologyreview/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mit-technology-review/

Search URL Search Domain Scan URL

URL: https://dragos.com/resource/xenotime/
Title: using some of the same digital tradecraft

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html
Title: was revealed

Search URL Search Domain Scan URL

URL: https://www.npr.org/2018/07/18/630164914/transcript-dan-coats-warns-of-continuing-russian-cyberattacks
Title: a speech last year

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2018/10/triton-attribution-russian-government-owned-lab-most-likely-built-tools.html
Title: published last October

Search URL Search Domain Scan URL

URL: http://alertlogic.qa.hbr.org/2018/04/internet-insecurity
Title: urging companies to revisit all their operations

Search URL Search Domain Scan URL

URL: https://theblog.adobe.com/adobe-research-and-uc-berkeley-detecting-facial-manipulations-in-adobe-photoshop/
Title: Adobe and UC Berkeley

Search URL Search Domain Scan URL

URL: https://go.technologyreview.com/newsletters/the-download/?_ga=2.237705664.1931400345.1555229637-1773775866.1536158157
Title: here

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=140586622674265&display=popup&title=Adobe%E2%80%99s%20new%20AI%20tool%20can%20spot%20when%20a%20face%20has%20been%20Photoshopped&href=https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613781%2Fadobes-new-ai-tool-can-spot-when-a-face-has-been-photoshopped%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Adobe%E2%80%99s%20new%20AI%20tool%20can%20spot%20when%20a%20face%20has%20been%20Photoshopped%20-%20via%20%40techreview&url=https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613781%2Fadobes-new-ai-tool-can-spot-when-a-face-has-been-photoshopped%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dtwitter%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?text=Adobe%E2%80%99s%20new%20AI%20tool%20can%20spot%20when%20a%20face%20has%20been%20Photoshopped&url=https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613781%2Fadobes-new-ai-tool-can-spot-when-a-face-has-been-photoshopped%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dreddit%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://linkedin.com/shareArticle?text=Adobe%E2%80%99s%20new%20AI%20tool%20can%20spot%20when%20a%20face%20has%20been%20Photoshopped&url=https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613781%2Fadobes-new-ai-tool-can-spot-when-a-face-has-been-photoshopped%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dlinkedin%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Adobe%E2%80%99s%20new%20AI%20tool%20can%20spot%20when%20a%20face%20has%20been%20Photoshopped%20https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613781%2Fadobes-new-ai-tool-can-spot-when-a-face-has-been-photoshopped%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dwhatsapp%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2019/06/15/us/politics/trump-cyber-russia-grid.html
Title: New York Times

Search URL Search Domain Scan URL

URL: https://www.congress.gov/bill/115th-congress/house-bill/5515/text
Title: law passed last summer,

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=140586622674265&display=popup&title=The%20US%20says%20it%20has%20inserted%20offensive%20malware%20into%20Russia%E2%80%99s%20power%20grid&href=https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613782%2Frussia-cybersecurity-power-stations-cyberattack-malware%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=The%20US%20says%20it%20has%20inserted%20offensive%20malware%20into%20Russia%E2%80%99s%20power%20grid%20-%20via%20%40techreview&url=https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613782%2Frussia-cybersecurity-power-stations-cyberattack-malware%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dtwitter%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?text=The%20US%20says%20it%20has%20inserted%20offensive%20malware%20into%20Russia%E2%80%99s%20power%20grid&url=https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613782%2Frussia-cybersecurity-power-stations-cyberattack-malware%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dreddit%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://linkedin.com/shareArticle?text=The%20US%20says%20it%20has%20inserted%20offensive%20malware%20into%20Russia%E2%80%99s%20power%20grid&url=https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613782%2Frussia-cybersecurity-power-stations-cyberattack-malware%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dlinkedin%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=The%20US%20says%20it%20has%20inserted%20offensive%20malware%20into%20Russia%E2%80%99s%20power%20grid%20https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613782%2Frussia-cybersecurity-power-stations-cyberattack-malware%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dwhatsapp%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://apnews.com/bc2f19097a4c4fffaa00de6770b8a60d
Title: the AP

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=140586622674265&display=popup&title=Deepfakes%20may%20be%20a%20useful%20tool%20for%20spies&href=https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613778%2Fdeepfakes-spies-espionage%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Deepfakes%20may%20be%20a%20useful%20tool%20for%20spies%20-%20via%20%40techreview&url=https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613778%2Fdeepfakes-spies-espionage%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dtwitter%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?text=Deepfakes%20may%20be%20a%20useful%20tool%20for%20spies&url=https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613778%2Fdeepfakes-spies-espionage%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dreddit%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://linkedin.com/shareArticle?text=Deepfakes%20may%20be%20a%20useful%20tool%20for%20spies&url=https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613778%2Fdeepfakes-spies-espionage%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dlinkedin%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Deepfakes%20may%20be%20a%20useful%20tool%20for%20spies%20https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613778%2Fdeepfakes-spies-espionage%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dwhatsapp%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://dragos.com/blog/industry-news/threat-proliferation-in-ics-cybersecurity-xenotime-now-targeting-electric-sector-in-addition-to-oil-and-gas/
Title: says it has uncovered evidence

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=140586622674265&display=popup&title=Hackers%20behind%20the%20world%E2%80%99s%20deadliest%20code%20are%20probing%20US%20power%20firms&href=https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613775%2Fhackers-behind-the-worlds-deadliest-code-are-probing-us-power-firms%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Hackers%20behind%20the%20world%E2%80%99s%20deadliest%20code%20are%20probing%20US%20power%20firms%20-%20via%20%40techreview&url=https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613775%2Fhackers-behind-the-worlds-deadliest-code-are-probing-us-power-firms%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dtwitter%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?text=Hackers%20behind%20the%20world%E2%80%99s%20deadliest%20code%20are%20probing%20US%20power%20firms&url=https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613775%2Fhackers-behind-the-worlds-deadliest-code-are-probing-us-power-firms%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dreddit%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://linkedin.com/shareArticle?text=Hackers%20behind%20the%20world%E2%80%99s%20deadliest%20code%20are%20probing%20US%20power%20firms&url=https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613775%2Fhackers-behind-the-worlds-deadliest-code-are-probing-us-power-firms%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dlinkedin%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Hackers%20behind%20the%20world%E2%80%99s%20deadliest%20code%20are%20probing%20US%20power%20firms%20https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613775%2Fhackers-behind-the-worlds-deadliest-code-are-probing-us-power-firms%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dwhatsapp%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://tech.fb.com/facebook-reality-labs-replica-simulations-help-advance-ai-and-ar/
Title: created a number of extremely realistic virtual homes and offices

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=140586622674265&display=popup&title=Facebook%20has%20built%20stunning%20virtual%20spaces%20for%20its%20AI%20programs%20to%20explore&href=https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613774%2Ffacebook-built-stunning-virtual-spaces-for-its-ai-programs-to-explore%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Facebook%20has%20built%20stunning%20virtual%20spaces%20for%20its%20AI%20programs%20to%20explore%20-%20via%20%40techreview&url=https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613774%2Ffacebook-built-stunning-virtual-spaces-for-its-ai-programs-to-explore%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dtwitter%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?text=Facebook%20has%20built%20stunning%20virtual%20spaces%20for%20its%20AI%20programs%20to%20explore&url=https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613774%2Ffacebook-built-stunning-virtual-spaces-for-its-ai-programs-to-explore%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dreddit%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://linkedin.com/shareArticle?text=Facebook%20has%20built%20stunning%20virtual%20spaces%20for%20its%20AI%20programs%20to%20explore&url=https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613774%2Ffacebook-built-stunning-virtual-spaces-for-its-ai-programs-to-explore%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dlinkedin%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Facebook%20has%20built%20stunning%20virtual%20spaces%20for%20its%20AI%20programs%20to%20explore%20https%3A%2F%2Fwww.technologyreview.com%2Ff%2F613774%2Ffacebook-built-stunning-virtual-spaces-for-its-ai-programs-to-explore%2F%3Futm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dwhatsapp%26utm_medium%3Dsocial_share%26utm_content%3D2019-06-17

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://trib.al/thyWej3 HTTP 301
https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://sb.scorecardresearch.com/b?c1=2&c2=16198136&ns__t=1560812352067&ns_c=UTF-8&c8=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&c7=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=16198136&ns__t=1560812352067&ns_c=UTF-8&c8=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&c7=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&c9=

Request Chain 32

https://px.ads.linkedin.com/collect/?time=1560812352382&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&fmt=js&s=1 HTTP 302
https://px.ads.linkedin.com/collect/?time=1560812352382&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&fmt=js&s=1&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1560812352382%26pid%3D8617%26url%3Dhttps%253A%252F%252Fwww.technologyreview.com%252Fs%252F613054%252Fcybersecurity-critical-infrastructure-triton-malware%252F%253Futm_medium%253Dtr_social%2526utm_campaign%253Dsite_visitor.unpaid.engagement%2526utm_source%253Dfacebook%26fmt%3Djs%26s%3D1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect/?time=1560812352382&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&fmt=js&s=1&cookiesTest=true&liSync=true

Request Chain 51

https://tags.bluekai.com/site/20486?limit=0&id=5978151479298404334&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151479298404334%26eid=50056 HTTP 302
https://ml314.com/csync.ashx?fp=iSQ11x9999OsuyC5&person_id=5978151479298404334&eid=50056

Request Chain 52

https://idsync.rlcdn.com/395886.gif?partner_uid=5978151479298404334 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTNTk3ODE1MTQ3OTI5ODQwNDMzNBAAGg0IwLag6AUSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=893f56a85bf53c7103a960631612801fbb40cb2fde9ba72742c90950500af282f4cb09cee1a4f8eb&person_id=5978151479298404334&eid=50082

Request Chain 53

https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151479298404334%26eid=50220 HTTP 302
https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151479298404334%26eid=50220&mm_bnc&mm_bct HTTP 302
https://ml314.com/csync.ashx?fp=3b835d08-0f14-4d00-9394-dc32d7910152&person_id=5978151479298404334&eid=50220

Request Chain 54

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151479298404334 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151479298404334 HTTP 302
https://ml314.com/csync.ashx?fp=6a581aaaf7f2d28347c03f08e47c84da&eid=50146&person_id=5978151479298404334

Request Chain 55

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2hCuZpEY24v_CCFf88k6GZ6Phgp7OldA-U2yeHUWLIXw&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil HTTP 302
https://ml314.com/csync.ashx?fp=2hCuZpEY24v_CCFf88k6GZ6Phgp7OldA-U2yeHUWLIXw&person_id=5978151479298404334&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil

Request Chain 70

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j76&tid=UA-7747898-26&cid=334881020.1560812353&jid=1844394036&gjid=38309174&_gid=916846743.1560812353&_u=aGBAgEAr~&z=832200636 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7747898-26&cid=334881020.1560812353&jid=1844394036&_v=j76&z=832200636 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7747898-26&cid=334881020.1560812353&jid=1844394036&_v=j76&z=832200636&slf_rd=1&random=3064255239

Request Chain 73

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1210433498&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&ul=en-us&de=UTF-8&dt=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=meter&ea=view&el=001&_u=aGDACEArB~&jid=634749605&gjid=1050691259&cid=334881020.1560812353&tid=UA-7747898-26&_gid=916846743.1560812353&_r=1&gtm=2wg651TRBQMN&cd5=1560812353150.krri0k6m&cd7=2019-06-17T22%3A59%3A13.151%2B00%3A00&cd8=02500&cd20=334881020.1560812353&z=1313618066 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7747898-26&cid=334881020.1560812353&jid=634749605&_gid=916846743.1560812353&gjid=1050691259&_v=j76&z=1313618066 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7747898-26&cid=334881020.1560812353&jid=634749605&_v=j76&z=1313618066 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7747898-26&cid=334881020.1560812353&jid=634749605&_v=j76&z=1313618066&slf_rd=1&random=635785429

Request Chain 78

https://api-34-211-241-234.b2c.com/api/x?lrR5dVsU5XeD2uir$dXJsJDAkaHR0cHM6Ly93d3cudGVjaG5vbG9neXJldmlldy5jb20vcy82MTMwNTQvY3liZXJzZWN1cml0eS1jcml0aWNhbC1pbmZyYXN0cnVjdHVyZS10cml0b24tbWFsd2FyZS8_dXRtX21lZGl1bT10cl9zb2NpYWwmdXRtX2NhbXBhaWduPXNpdGVfdmlzaXRvci51bnBhaWQuZW5nYWdlbWVudCZ1dG1fc291cmNlPWZhY2Vib29rIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCQiLCJ2aWRlbyQwJDE2MDB4MTIwMHgyNCIsImZyYW1lJDAkMCIsImhpZGRlbiQwJDAiLCJ2aXNpYmlsaXR5U3RhdGUkMCR2aXNpYmxlIiwiaGFzRm9jdXMkMCQxIiwid2luZG93JDAkMTU4NXgxMjAwIiwiaW5uZXIkMCQxNjAweDEyMDAiLCJvdXRlciQwJDE2MDB4MTIwMCIsImxvY2FsU3RvcmFnZSQxJEVycm9yOiBUeXBlRXJyb3I6IENhbm5vdCByZWFkIHByb3BlcnR5ICdzZXRJdGVtJyBvZiBudWxsIiwic2Vzc2lvblN0b3JhZ2UkMSQxIiwiYXBwQ29kZU5hbWUkMSRNb3ppbGxhIiwiYXBwTmFtZSQxJE5ldHNjYXBlIiwiYXBwVmVyc2lvbiQxJDUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNzQuMC4zNzI5LjE2OSBTYWZhcmkvNTM3LjM2IiwiY29va2llRW5hYmxlZCQxJHRydWUiLCJkb05vdFRyYWNrJDEkIiwiaGFyZHdhcmVDb25jdXJyZW5jeSQxJDgiLCJsYW5ndWFnZSQxJGVuLVVTIiwicGxhdGZvcm0kMSRMaW51eCB4ODZfNjQiLCJwcm9kdWN0JDEkR2Vja28iLCJwcm9kdWN0U3ViJDEkMjAwMzAxMDciLCJzZW5kQmVhY29uJDEkMSIsInVzZXJBZ2VudCQxJE1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJ2ZW5kb3IkMSRHb29nbGUgSW5jLiIsInZlbmRvclN1YiQxJCIsImZvbnRyZW5kZXIkNSQxIiwid2ViZ2wkNyRuL2EiLCJ3ZWJnbDIkNyQwIiwidGltZSQ3JDE1NjA4MTIzNTMwNTEiLCJ0aW1lem9uZSQ3JDAiLCJwbHVnaW5zJDckTm9uZSIsIm1lbS10b3RhbEpTSGVhcFNpemUkOCQzMC4yMDc5MTEiLCJtZW0tdXNlZEpTSGVhcFNpemUkOCQyNS45MzU0MjMiLCJtZW0tanNIZWFwU2l6ZUxpbWl0JDgkMjE5Ny44MTUyOTYiLCJ0aW1lLWZldGNoU3RhcnQkOCQzMDgiLCJ0aW1lLWRvbWFpbkxvb2t1cFN0YXJ0JDgkMzA5IiwidGltZS1kb21haW5Mb29rdXBFbmQkOCQzMjciLCJ0aW1lLWNvbm5lY3RTdGFydCQ4JDMyNyIsInRpbWUtY29ubmVjdEVuZCQ4JDUyMSIsInRpbWUtc2VjdXJlQ29ubmVjdGlvblN0YXJ0JDgkNDIwIiwidGltZS1yZXF1ZXN0U3RhcnQkOCQ1MjEiLCJ0aW1lLXJlc3BvbnNlU3RhcnQkOCQ2OTgiLCJ0aW1lLXJlc3BvbnNlRW5kJDgkODg4IiwidGltZS1kb21Mb2FkaW5nJDgkNzAwIiwidGltZS1kb21JbnRlcmFjdGl2ZSQ4JDEwNTciLCJ0aW1lLWRvbUNvbnRlbnRMb2FkZWRFdmVudFN0YXJ0JDgkMTA1NyIsInRpbWUtZG9tQ29udGVudExvYWRlZEV2ZW50RW5kJDgkMTA4MSIsIm5hdmlnYXRpb24tcmVkaXJlY3RDb3VudCQ4JDAiLCJuYXZpZ2F0aW9uLXR5cGUkOCRuYXZpZ2F0ZSIsImdsb2JhbHMtdGltZSQxMiQwLjMxNSIsImdsb2JhbHMkMTMkYjM5ZTY4OWIiLCJkb2N1bWVudC10aW1lJDIwJDAuNjYiLCJkb2N1bWVudCQyMCQxODgwOGRlNCIsImNvbm5lY3Rpb24kMjAkIiwiZG93bmxpbmtNYXgkMjAkIiwiZ2V0VXNlck1lZGlhJDIxJDIiLCJjbG9jayQyNSQ1NTY0IiwiYmF0dGVyeSQ1MiQxIDEgMCBJbmZpbml0eSIsImF1ZGlvY29udGV4dCQ3MCQ5NmUxNGJlZiIsInNvcnQkODQkMTIuNjIiLCJpbnRlcnNlY3Rpb24tc2l6ZSQ4NCQxNTg1eDEyMDAiLCJpbnRlcnNlY3Rpb24tZW50ZXIkODQkMHgwIDE1ODV4MTIwMCIsImludGVyc2VjdGlvbiQ4NCQ1MCIsImZyYW1lcmF0ZSQxMjgkNTA HTTP 302
https://api-34-211-241-234.b2c.com:444/api/4?lrR5dVsU5XeD2uir

151 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Redirect Chain

https://trib.al/thyWej3
https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook

249 KB
56 KB

389ms
176ms

Document
text/html

34.206.36.121
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.36.121 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-206-36-121.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: f62b6ecd6fff0ac17f3072d233c49866316a0c42a45a186d4e154ecb46db1899

Request headers

Host: www.technologyreview.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin,accept-encoding
Cache-Control: no-cache
Content-Encoding: gzip
Date: Mon, 17 Jun 2019 22:59:11 GMT
Transfer-Encoding: chunked
Via: 1.1 vegur

Redirect headers

status: 301
date: Mon, 17 Jun 2019 22:59:11 GMT
content-type: text/html;charset=utf-8
content-length: 423
location: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
server: CherryPy/7.1.0
cache-control: private, max-age=0, no-cache

GET
H/1.1 200
OK story.js Show response
www.technologyreview.com/_next/static/cg03eFKNXW9nNSr_DkV4K/pages/ 306 KB
52 KB 289ms
102ms Script
application/javascript 34.206.36.121
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.technologyreview.com/_next/static/cg03eFKNXW9nNSr_DkV4K/pages/story.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.36.121 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-206-36-121.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 950df35f0503bd1b62f69c3790490eb4dbd67c6132087f5b4c1571d26bdd1812

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:12 GMT
Content-Encoding: br
Last-Modified: Fri, 14 Jun 2019 21:08:11 GMT
Server: Cowboy
Etag: W/"ce67-16b57d1ba78"
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 vegur
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52839

GET
H/1.1 200
OK _app.js Show response
www.technologyreview.com/_next/static/cg03eFKNXW9nNSr_DkV4K/pages/ 10 KB
3 KB 291ms
98ms Script
application/javascript 34.206.36.121
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.technologyreview.com/_next/static/cg03eFKNXW9nNSr_DkV4K/pages/_app.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.36.121 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-206-36-121.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e2c8b1283f6a7b754bf9f5bd9ac7244c2ae87138caeecf2a27fe87cb9fd32786

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:12 GMT
Content-Encoding: br
Last-Modified: Fri, 14 Jun 2019 21:08:11 GMT
Server: Cowboy
Etag: W/"a0d-16b57d1ba78"
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 vegur
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2573

GET
H/1.1 200
OK _error.js Show response
www.technologyreview.com/_next/static/cg03eFKNXW9nNSr_DkV4K/pages/ 5 KB
2 KB 296ms
99ms Script
application/javascript 34.206.36.121
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.technologyreview.com/_next/static/cg03eFKNXW9nNSr_DkV4K/pages/_error.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.36.121 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-206-36-121.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: db174aeeae15ccfbddbc6b04facc8dfcbdfc74d230f3768d75c37fb517254f9e

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:12 GMT
Content-Encoding: br
Last-Modified: Fri, 14 Jun 2019 21:08:11 GMT
Server: Cowboy
Etag: W/"794-16b57d1ba78"
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 vegur
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1940

GET
H/1.1 200
OK webpack-0a7cb82f645d7b2217cc.js Show response
www.technologyreview.com/_next/static/runtime/ 2 KB
1 KB 297ms
100ms Script
application/javascript 34.206.36.121
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.technologyreview.com/_next/static/runtime/webpack-0a7cb82f645d7b2217cc.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.36.121 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-206-36-121.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 1f9b52dae567a3b84da5f9354cf6c5d27ed1b104f4d29a07be1a4cd0ee2d0987

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:12 GMT
Content-Encoding: br
Last-Modified: Fri, 14 Jun 2019 21:08:11 GMT
Server: Cowboy
Etag: W/"3e3-16b57d1ba78"
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 vegur
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 995

GET
H/1.1 200
OK commons.64c5e94d6e03807137f8.js Show response
www.technologyreview.com/_next/static/chunks/ 2 MB
202 KB 312ms
111ms Script
application/javascript 34.206.36.121
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.technologyreview.com/_next/static/chunks/commons.64c5e94d6e03807137f8.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.36.121 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-206-36-121.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 55799015bf957663b021810b7cbb4917348b9e2173a8e868f0bfb3c7c61609bc

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:12 GMT
Content-Encoding: br
Last-Modified: Fri, 14 Jun 2019 21:08:11 GMT
Server: Cowboy
Etag: W/"32661-16b57d1ba78"
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 vegur
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 206433

GET
H/1.1 200
OK main-ac179792834c94e323e6.js Show response
www.technologyreview.com/_next/static/runtime/ 9 KB
3 KB 314ms
109ms Script
application/javascript 34.206.36.121
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.technologyreview.com/_next/static/runtime/main-ac179792834c94e323e6.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.36.121 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-206-36-121.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e22013e95759c585e8610a1e1f73ee8c7dd68c1d6cbf76e0378b62dbb0730f37

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:12 GMT
Content-Encoding: br
Last-Modified: Fri, 14 Jun 2019 21:08:11 GMT
Server: Cowboy
Etag: W/"ba2-16b57d1ba78"
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 vegur
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2978

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 163 KB
38 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:81f::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN

Requested by

Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e3cb1b27fa3948eecefc3e5558b50a3fea2d62d0ff970d014202c933744c869

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 38926
x-xss-protection: 0
expires: Mon, 17 Jun 2019 22:59:12 GMT

GET
H/1.1 200
OK insight.min.js Show response
sjs.bizographics.com/ 15 KB
5 KB 40ms
7ms Script
application/x-javascript 2a02:26f0:6c00:293::3adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:293::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Dec 2018 23:03:30 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=49121
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4571

GET
H2 200 hotjar-531874.js Show response
static.hotjar.com/c/ 3 KB
2 KB 24ms
24ms Script
application/javascript 147.75.81.98
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-531874.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.81.98 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-30

Software

openresty /

Resource Hash

c6562b49285e2ec9b21e805dd9bcf6d3f64903f0820471e10e2667711ff45ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 106
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 1550
x-cache-hit: 1
server: openresty
x-frame-options: SAMEORIGIN
etag: W/b034bc7c75f20b4834f971146c0d16fd
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.072
accept-ranges: bytes
section-io-id: 8437caacad1ed172bd53531bbc918651

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 57ms
12ms Script
application/javascript 151.101.36.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.36.157 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
content-encoding: gzip
age: 27339
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-ams21041-AMS
last-modified: Tue, 23 Jan 2018 19:05:33 GMT
x-timer: S1560812352.146099,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 52ms
51ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: 134d9689dd766fbea01b7b16563704e655883a93b76f55a6acf999f67510f8b5

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
content-encoding: gzip
last-modified: Tue, 28 May 2019 20:50:22 GMT
x-msedge-ref: Ref A: B809511D624E4B5C8D57B619C2506694 Ref B: VIEEDGE0820 Ref C: 2019-06-17T22:59:12Z
access-control-allow-origin: *
etag: "03b90f79615d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7104

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=16198136&ns__t=1560812352067&ns_c=UTF-8&c8=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%...
https://sb.scorecardresearch.com/b2?c1=2&c2=16198136&ns__t=1560812352067&ns_c=UTF-8&c8=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT...

0
248 B

9ms
8ms

Image
text/plain

2.19.43.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=16198136&ns__t=1560812352067&ns_c=UTF-8&c8=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&c7=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&c9=
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-43-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:12 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=16198136&ns__t=1560812352067&ns_c=UTF-8&c8=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&c7=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&c9=
Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:12 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.31094306258710c05685.js Show response
script.hotjar.com/ 425 KB
89 KB 19ms
18ms Script
application/javascript 147.75.205.43
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.31094306258710c05685.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-531874.js?sv=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.205.43 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-31

Software

Resource Hash

02db9bd610431880577c759cb9cca168c71f01f33595c0826233846d1ed973d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 17 Jun 2019 13:59:38 GMT
access-control-allow-origin: *
etag: W/"0b894af1299c24f3e38ad09e2e175aea"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.051
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: 538f246f01d99f83407a4be7f074e8e6
content-length: 90732

GET
H2 200 mitspot1.jpg
cdn.technologyreview.com/i/images/ 85 KB
85 KB 72ms
14ms Image
image/jpeg 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/i/images/mitspot1.jpg?sw=550&cx=33&cy=58&cw=945&ch=887
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60341d50dfe7db7406dec0b23cac26dbacc996bd8af02f54d1517aabb0a0821f

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
via: 1.1 vegur
cf-cache-status: HIT
cf-polished: degrade=85, origSize=106818
status: 200
cf-bgj: imgq:85
content-length: 86730
last-modified: Wed, 06 Mar 2019 14:09:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 4e88a1f11a4bc29f-FRA
expires: Wed, 26 Jun 2019 19:16:35 GMT

GET
H2 200 nhaasgroteskdsstd-65md.woff
cdn.technologyreview.com/_/fonts/ 29 KB
30 KB 64ms
12ms Font
font/woff 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/fonts/nhaasgroteskdsstd-65md.woff
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 762e5fd7df3e5f35b2b9cf5c5cc01b0e67420fb73a4a9be8eb236184bf6ad763

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Origin: https://www.technologyreview.com

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
via: 1.1 vegur
cf-cache-status: HIT
status: 200
content-length: 30116
last-modified: Wed, 20 Feb 2019 21:00:09 GMT
server: cloudflare
etag: "844894e7fdbbe6f603a9d26e39e5b2ea9139fc21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: font/woff
access-control-allow-origin: https://www.technologyreview.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 4e88a1f11e33beec-FRA

GET
H2 200 nhaasgroteskdsstd-55rg.woff
cdn.technologyreview.com/_/fonts/ 28 KB
28 KB 69ms
18ms Font
font/woff 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/fonts/nhaasgroteskdsstd-55rg.woff
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cab9300f0ecfc026cc2e558aaea117dc5b536c0728deb27e763b27659a093118

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Origin: https://www.technologyreview.com

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
via: 1.1 vegur
cf-cache-status: HIT
status: 200
content-length: 28680
last-modified: Thu, 21 Feb 2019 22:29:54 GMT
server: cloudflare
etag: "0330073a9ff8526feae0b20a7f0232b3d98c3f45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: font/woff
access-control-allow-origin: https://www.technologyreview.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 4e88a1f11e34beec-FRA

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 independent-regular.woff
cdn.technologyreview.com/_/fonts/ 90 KB
90 KB 51ms
19ms Font
font/woff 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/fonts/independent-regular.woff
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd723f5329d3522cd5da7f69588cf84e297e23d03e3d05c55216f70706c31ab2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Origin: https://www.technologyreview.com

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
via: 1.1 vegur
cf-cache-status: HIT
status: 200
content-length: 92160
last-modified: Tue, 23 Apr 2019 18:07:48 GMT
server: cloudflare
etag: "946f71c31402a7d187b907d11cbc2fa985f84a97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: font/woff
access-control-allow-origin: https://www.technologyreview.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 4e88a1f12e36beec-FRA

GET
H2 200 nhaasgroteskdsstd-75bd.woff
cdn.technologyreview.com/_/fonts/ 31 KB
31 KB 50ms
19ms Font
font/woff 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/fonts/nhaasgroteskdsstd-75bd.woff
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e3e0c14cd2f2f6c9e3f7f49ca91e0285b0f748c29e82380e2ac77750f613958

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Origin: https://www.technologyreview.com

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
via: 1.1 vegur
cf-cache-status: HIT
status: 200
content-length: 31496
last-modified: Wed, 20 Feb 2019 21:00:09 GMT
server: cloudflare
etag: "10723ba58aa923a29a4cc4d4d8fd3bc9199915f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: font/woff
access-control-allow-origin: https://www.technologyreview.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 4e88a1f12e38beec-FRA

GET
H2 200 nhaasgroteskdsstd-35xlt.woff
cdn.technologyreview.com/_/fonts/ 28 KB
29 KB 54ms
23ms Font
font/woff 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/fonts/nhaasgroteskdsstd-35xlt.woff
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 623bbd6e9fc0d231a07dbde18fe91c2f1eccb1aaa13c0a2ca2be0bbb963408bb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Origin: https://www.technologyreview.com

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
via: 1.1 vegur
cf-cache-status: HIT
status: 200
content-length: 29076
last-modified: Tue, 19 Feb 2019 21:58:52 GMT
server: cloudflare
etag: "34eaf53dcd6d0f1be6717e94082cbfbaf930d167"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: font/woff
access-control-allow-origin: https://www.technologyreview.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 4e88a1f12e37beec-FRA

GET
H2 204 0
bat.bing.com/action/ 0
93 B 52ms
52ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=16002556&Ver=2&mid=ce06ad05-e41b-c66b-0fe1-68fc50b32442&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware,%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&p=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&r=&evt=pageLoad&msclkid=N&rn=593500
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Mon, 17 Jun 2019 22:59:12 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 2FC43407CAC1477D92AF730FF123BF8D Ref B: VIEEDGE0820 Ref C: 2019-06-17T22:59:12Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
486 B 152ms
122ms Image
image/gif 104.244.42.197
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nuwy6&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 114
pragma: no-cache
last-modified: Mon, 17 Jun 2019 22:59:12 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 2036037b14d6bbbaedef3809c3b9114f
x-transaction: 00accbbd003d1fcf
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 copy-link.svg
cdn.technologyreview.com/_/img/icons/ 1 KB
869 B 12ms
11ms Image
image/svg+xml 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/icons/copy-link.svg
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b92db08ee9bee1a2fc7be43cf10bca735a09c4350c2c6bb61da3402a700c89e

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2019 18:07:48 GMT
server: cloudflare
etag: "1552f1d3e7d90b8780b8aabc062952a5fa08642e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin,accept-encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
cf-ray: 4e88a1f19b16c29f-FRA
via: 1.1 vegur

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 53 KB
17 KB 33ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 16120
x-xss-protection: 0
pragma: public
x-fb-debug: uPO3zqWt+ZwKH9oPubrNXCvY7ld+5C5E+9ZGXpsABPpCMcFGvEz52k0GdVVRixkUwZB0lSD5+e0ePyj3Mjn7cA==
x-fb-trip-id: 1475214379
date: Mon, 17 Jun 2019 22:59:12 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 4518541.js Show response
js.hs-scripts.com/ 2 KB
1 KB 161ms
107ms Script
application/javascript 2606:4700::6811:d6cc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/4518541.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7129edbeec1d4e6b45c391d9b09e1db07ef21e36daffcad9409a8c2469a8240

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
server: cloudflare
access-control-allow-origin: https://www.technologyreview.com
x-trace: 2B5350EFE4C7BB827B06685DA0327FCE7F2544F713000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=utf-8
status: 200
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 4e88a1f27a439724-FRA
expires: Mon, 17 Jun 2019 23:00:12 GMT

GET
H2 200 qevents.js Show response
a.quora.com/ 11 KB
4 KB 61ms
6ms Script
binary/octet-stream 151.101.1.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc8f028bc9cf52473a5950065ffbfec78b928fa5d01feeb85f57bd685442b854

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: pgDa9kc8qtkAn9MEyH9qaqyrC653nHan
content-encoding: gzip
age: 2761
x-cache: HIT
status: 200
date: Mon, 17 Jun 2019 22:59:12 GMT
content-length: 3703
x-amz-id-2: fSnacmw5iSIh6mkeqkbQvdghMnZBRQAaIDhpONS1r4a45kUX2ioVMDSeIJ4RXAHkaUU95rI83RE=
x-served-by: cache-fra19149-FRA
last-modified: Fri, 24 May 2019 02:19:28 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1558664366/ctime:1558664365/gid:1000000/gname:employee/md5:bef10a8274525e30ae5d4b917056fd85/mode:33188/mtime:1149709104/uid:1000230/uname:xiao
x-timer: S1560812352.398473,VS0,VE0
etag: "bef10a8274525e30ae5d4b917056fd85"
vary: Accept-Encoding
x-amz-request-id: 11DD12BBA22864F6
via: 1.1 varnish
cache-control: max-age=7200
accept-ranges: bytes
content-type: binary/octet-stream
x-cache-hits: 290

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 26 KB
12 KB 168ms
29ms Script
application/javascript 34.252.62.73
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?175
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.62.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-252-62-73.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2bf96ddd3980547587d2dbb32c14e3892b59c5fc8b13b7e8dd14c0f71cf99628

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Jun 2019 05:44:32 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=24320
Connection: keep-alive
Content-Length: 11914
Expires: Tue, 18 Jun 2019 05:44:32 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 14 KB
5 KB 59ms
5ms Script
application/javascript 151.101.1.140
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: snooserv /
Resource Hash: 1772bb9221cb908badb4c99fa3eab2f23b638e14f72125673fe8394681bf4d32

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
content-encoding: gzip
age: 21
x-cache: HIT, HIT
status: 200
content-length: 4684
x-served-by: cache-iad2120-IAD, cache-fra19179-FRA
last-modified: Thu, 14 Mar 2019 17:58:22 GMT
server: snooserv
x-timer: S1560812352.398126,VS0,VE0
etag: "3d2d7b01680c9e57b1dc0af281c1b2da"
vary: Accept-Encoding,Origin
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=60
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 init-52995o7ppgh0h6k1w83.js Show response
api.b2c.com/api/ 12 KB
5 KB 554ms
174ms Script
text/javascript 2600:1f14:e96:5800:5571:ae82:1dfd:9bde
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/api/init-52995o7ppgh0h6k1w83.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:e96:5800:5571:ae82:1dfd:9bde Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: ebfe1a3410e3024a6c8c69d6473f1078f6b10e9c882c302854bacd57e4f3f4ab

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jun 2019 22:59:12 GMT
content-encoding: gzip
server: openresty
content-type: text/javascript
status: 200
cache-control: no-cache, no-store, must-revalidate
expires: -1

GET
H2 200 technologyreview.js Show response
cdn.blueconic.net/ 122 KB
37 KB 87ms
10ms Script
text/javascript 143.204.214.33
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.blueconic.net/technologyreview.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.214.33 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-214-33.fra53.r.cloudfront.net

Software

Apache /

Resource Hash

42773641b5ac446d198397e2bb9a1d00c0bd6353f52695e74e20ee624e3f0de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 233
x-cache: Hit from cloudfront
status: 200
content-length: 37439
x-xss-protection: 1; mode=block
last-modified: Wed, 12 Jun 2019 19:02:57 GMT
server: Apache
etag: "1e66b-58b250fbf2060-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
cache-control: public, max-age=600, s-maxage=500
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-amz-cf-id: K3sZmOdkN-vdTszaRQQgKCeqAbnUdSQ0SQGhVDGPCghc-bj15wqHqA==

GET
H2 200 ionicons.ttf
cdn.technologyreview.com/_/fonts/ 5 KB
3 KB 22ms
20ms Font
font/ttf 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/fonts/ionicons.ttf?v=3.0.6
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d75a1f31644f5b9d338d2afe2c41f449e90d226856d96cd39f5a8c9fe82e3f58

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Origin: https://www.technologyreview.com

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
via: 1.1 vegur
cf-cache-status: HIT
status: 200
content-encoding: gzip
last-modified: Tue, 23 Apr 2019 20:13:30 GMT
server: cloudflare
etag: W/"81c12a4ea43b6a8d674007e536bf669df81f0bba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: font/ttf
access-control-allow-origin: https://www.technologyreview.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
cf-ray: 4e88a1f23efabeec-FRA

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
29 KB 34ms
12ms Script
application/javascript 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:21:00 GMT
server: cloudflare
etag: W/"5afd497c-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 06 Jun 2020 22:59:12 GMT
cache-control: public, max-age=30672000
cf-ray: 4e88a1f27f7a96d4-FRA
served-in-seconds: 0.004

GET
H2

200

/ Show response
px.ads.linkedin.com/collect/
Redirect Chain

https://px.ads.linkedin.com/collect/?time=1560812352382&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_...
https://px.ads.linkedin.com/collect/?time=1560812352382&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1560812352382%26pid%3D8617%26url%3Dhttps%253A%252F%252Fwww.technologyreview.com%252Fs%252F613054...
https://px.ads.linkedin.com/collect/?time=1560812352382&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_...

0
87 B

104ms
103ms

Script
application/javascript

2a05:f500:11:101::b93f:9005
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/collect/?time=1560812352382&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&fmt=js&s=1&cookiesTest=true&liSync=true
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
content-encoding: gzip
server: Play
vary: Accept-Encoding
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 20
x-li-uuid: aDn/ZqAeqRUgvW70sSoAAA==

Redirect headers

date: Mon, 17 Jun 2019 22:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 302
x-li-pop: prod-efr5
content-length: 20
x-li-uuid: cjo+spAeqRUgzYzDoysAAA==
pragma: no-cache
server: Play
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect/?time=1560812352382&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&fmt=js&s=1&cookiesTest=true&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
672 B 157ms
119ms Script
application/javascript 104.244.42.195
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nuwy6&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 112
pragma: no-cache
last-modified: Mon, 17 Jun 2019 22:59:12 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: fa2de87b581602f6b576d0f2a8749453
x-transaction: 00ad153000563074
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 6 KB
3 KB 117ms
7ms Script
application/x-javascript 143.204.208.18
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.18 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-208-18.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 725913eab3460e2955a8ac4ec176f902c7d8d2db60757248b735cbf8698b0749

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 16 Jun 2019 00:41:56 GMT
Content-Encoding: gzip
Age: 80228
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Pragma: public
Last-Modified: Fri, 07 Mar 2014 00:45:07 GMT
Server: nginx
ETag: W/"53191693-19c1"
Content-Type: application/x-javascript
Via: 1.1 d7524ff4a82155dd51a24800cf39deec.cloudfront.net (CloudFront)
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: HhsvGYoapBe1mZPLQvffIGEcsAqdbh0siMOn0SxK-Ba1O0ioADOEcw==
Expires: Mon, 17 Jun 2019 00:41:56 GMT

GET
H2 200 reach.js Show response
d8rk54i4mohrb.cloudfront.net/js/ 17 KB
17 KB 53ms
7ms Script
application/javascript 2600:9000:200c:fc00:1f:573d:79c0:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d8rk54i4mohrb.cloudfront.net/js/reach.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:fc00:1f:573d:79c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 09eb9d37c75a12b307f3b00a7773cf46855eaf9c1c1c7f04b9d777c50609f4ac

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: K_AkTsmMGCYQe5N.MXGAt8myqV8s5Axn
via: 1.1 ed522e38bfbcd76f653d4691110d92a1.cloudfront.net (CloudFront)
age: 4518
x-cache: Hit from cloudfront
status: 200
date: Mon, 17 Jun 2019 22:29:41 GMT
x-amz-replication-status: COMPLETED
content-length: 17016
last-modified: Mon, 20 May 2019 16:25:53 GMT
server: AmazonS3
etag: "66a54a1925d6bc0bcfa90eba77df591a"
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-pop: FRA2
accept-ranges: bytes
x-amz-cf-id: dx-TP1aZr7fkDMogNb9cVT-1pnaj5CIlgJEDIFl1SaycGSavG_Go9A==

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 12 KB
6 KB 81ms
8ms Script
application/x-javascript 91.228.74.172
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.172 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17-Jun-2019 22:59:12 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Mon, 24 Jun 2019 22:59:12 GMT

GET
H/1.1 200
OK goal.min.js Show response
s3.amazonaws.com/downloads.mailchimp.com/js/ 3 KB
3 KB 423ms
111ms Script
application/javascript 52.216.228.11
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/goal.min.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.228.11 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95988cd724c335017a45083d6113304f8ff09502a3aa961b804f8ae03f4c3ada

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:13 GMT
Last-Modified: Mon, 20 Aug 2018 17:42:37 GMT
Server: AmazonS3
x-amz-request-id: EAB0B41BE35FCADF
ETag: "db78cc3fefd4dc191250a00cf7b530a3"
Content-Type: application/javascript
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
Content-Length: 2699
x-amz-id-2: Bb//cuMXgoG4SMLJkTvSQkaJUPlxw3Q5KSipyBjvvWKfV+w/b8HWTwdVuoo+Auxl9SMdZ69m0EA=

GET
H2 200 box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame 07D7 0
0 19ms
19ms Document
text/html 147.75.83.19
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-531874.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.83.19 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-24
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-90f3a29ef7448451db5af955688970d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook

Response headers

status: 200
date: Mon, 17 Jun 2019 22:59:12 GMT
content-type: text/html
content-length: 967
cache-control: max-age=31536000
last-modified: Thu, 02 May 2019 17:45:40 GMT
section-io-origin-status: 200
section-io-origin-time-seconds: 0.026
etag: W/"90f3a29ef7448451db5af955688970d7"
content-encoding: gzip
vary: Accept-Encoding
accept-ranges: bytes
section-io-id: beee163e0cf49e47043e6c6eb6aea73d

GET
H2 200 302431540264875 Show response
connect.facebook.net/signals/config/ 228 KB
60 KB 101ms
100ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/302431540264875?v=2.8.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

b7cea39904c6d5b56f46207aa6c093a0b7138779ca3e7db9110d4486fc60dd2a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: 0LSMeA+hK+oOnz467vN/KcpbCPHinRBNHzGev3wm3xVS/1b9rKBV6G2BWvfQYjGvpy49LmuJyIc495E3SJ9v7Q==
x-fb-trip-id: 1475214379
date: Mon, 17 Jun 2019 22:59:12 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 a321aa9c-3063-4225-abb6-0285fd5607e6.js Show response
cdn.cookielaw.org/consent/ 87 KB
17 KB 172ms
118ms Script
application/x-javascript 152.195.132.202
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/consent/a321aa9c-3063-4225-abb6-0285fd5607e6.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.202 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a9a2cdd94b8e35dd7a5007ca5d185fdc5ec02dbfd0a5a49d76ccbf83bcb63d86

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jun 2019 22:59:11 GMT
content-encoding: gzip
content-md5: DvoIEq8OKjrpeMAT7Hto2A==
x-cache: HIT
status: 200
content-length: 16528
x-ms-lease-status: unlocked
last-modified: Fri, 26 Apr 2019 16:20:36 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D6CA631D4A8A2A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8508b68e-c01e-00e1-5a60-253f93000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Tue, 18 Jun 2019 02:59:12 GMT

GET
H/1.1 200
OK rp.gif
alb.reddit.com/ 35 B
316 B 506ms
100ms Image
image/gif 34.231.31.77
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1560812352583&id=t2_25alwh0c&event=PageVisit&s=%2FDEnwQE7wOBEkUaeXjNF7ToA%2FFYe8ZG9WQeFTKJEPo0%3D
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.31.77 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-231-31-77.compute-1.amazonaws.com
Software: /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/584156a671384c9eabef3ba21775e0d4/ 43 B
458 B 411ms
98ms Image
image/gif 35.175.26.81
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://q.quora.com/_/ad/584156a671384c9eabef3ba21775e0d4/pixel?j=1&u=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&tag=ViewContent&ts=1560812352588
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.26.81 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-175-26-81.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:12 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: 81,31ae29fd188769928f8602170dce0bfd,10.0.0.139,47310,185.145.66.249,,15632120089,1,1560812352.948,0.001,,.,0,0,0.000,0.004,-,0,0,304,242,121,10,26847,,,,,,,
Content-Type: image/gif

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 793 B
1 KB 32ms
31ms Script
application/javascript 34.252.62.73
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=67059&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&pv=1560812352591_ssv25nlch&bl=en-us&cb=6463403&return=&ht=&d=&dc=&si=1560812352591_ssv25nlch&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?175
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.62.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-252-62-73.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 12242d7483400ffe3e68c1ee70edcbc0fc52d63579ca65ec594321d30bd53a13

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:11 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 486
Expires: 0

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 4 KB
2 KB 72ms
9ms Script
application/javascript 2606:4700::6811:74b0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4518541.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:74b0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d51d6ea76d390236cad248689efe6e0a8e1b282c2479ef1ffc0690cee84e2010

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
via: 1.1 824fe21e467658628899bdd8725649ee.cloudfront.net (CloudFront)
cf-cache-status: HIT
cf-ray: 4e88a1f42c316449-FRA
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: gzip
last-modified: Mon, 06 May 2019 07:28:47 GMT
server: cloudflare
etag: W/"2d6869bc3103e721fd0aa424a230bdf9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: IyHfktn0RJNr4B0HYCtKHqxGo3cTXIkD
cache-control: max-age=600
content-type: application/javascript; charset=utf-8
x-amz-cf-id: PHM9-Mis5LLVHS1TkkoUlUT3PmAI4LGDwRdcjweINz0xMUXl6e_vOA==

GET
H2 200 4518541.js Show response
js.hs-analytics.net/analytics/1560812100000/ 77 KB
26 KB 68ms
11ms Script
text/javascript 2606:4700::6811:43b0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1560812100000/4518541.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4518541.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bb847706f6ab24d9590d3b1dbfc287ac1d9b3ad4b1da10d1ab3e3fad070111b

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
content-encoding: gzip
cf-cache-status: HIT
status: 200
x-guploader-uploadid: AEnB2UpmNKasNOm8XMNgsS3yNWkKN2AcFsNcDMaV9vgv7pTTgtAP5NnrCvTNPgb2WCdhRGWF2_j9YcgjGWrfUoczhrep4aiwpg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Fri, 17 May 2019 20:05:36 GMT
server: cloudflare
etag: W/"6e74118100125c71798908d5dbde220f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=Opn9Yw==, md5=bnQRgQASXHF5iQjV294iDw==
content-type: text/javascript
x-goog-generation: 1558123536333577
cache-control: max-age=300, public
access-control-allow-credentials: false
x-goog-stored-content-length: 79197
cf-ray: 4e88a1f41fd6d6f5-FRA
expires: Mon, 17 Jun 2019 23:01:00 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 373 KB
60 KB 78ms
16ms Script
application/javascript 2606:4700::6811:e6cc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4518541.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e6cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 442a63a4947b79848b8c57fe659148646d132e2939fb6ba7af944002a0ff6a43

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Origin: https://www.technologyreview.com

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
via: 1.1 7f4d5d15a00b6ae82bb7aabc4560d3a7.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-cache: Miss from cloudfront
status: 200
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
content-type: application/javascript; charset=utf-8
last-modified: Mon, 13 May 2019 03:13:58 GMT
server: cloudflare
etag: W/"47a1f205b496f390c6bc7a1c47139d4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: ET4X9Gad3zjGhIuhN.Hd1R0kjk1_nK5J
access-control-allow-origin: *
cache-control: max-age=600
cf-ray: 4e88a1f4298f9796-FRA
x-amz-cf-id: WYqnFezLWuP7GRwf8GOgHClfZ9DOO1ie1EuFW9mmpPm8pdP6Z7Nfwg==

GET
H2 200 container.html
d8rk54i4mohrb.cloudfront.net/ Frame 1D50 0
0 9ms
9ms Document
text/html 2600:9000:200c:fc00:1f:573d:79c0:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d8rk54i4mohrb.cloudfront.net/container.html?pid=5579ded9736b79d48fc40100&title=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&date=2019-03-05&authors=Martin%20Giles&channels=Computing&url=www.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&ignore_errors=false&referrer=&ref_url=&page_url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&cb=SPR.API.callbacks.cbfgpkceof&v=2.18.7&cache_buster=1560812352609
Requested by: Host: d8rk54i4mohrb.cloudfront.net
URL: https://d8rk54i4mohrb.cloudfront.net/js/reach.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:fc00:1f:573d:79c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: d8rk54i4mohrb.cloudfront.net
:scheme: https
:path: /container.html?pid=5579ded9736b79d48fc40100&title=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&date=2019-03-05&authors=Martin%20Giles&channels=Computing&url=www.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&ignore_errors=false&referrer=&ref_url=&page_url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&cb=SPR.API.callbacks.cbfgpkceof&v=2.18.7&cache_buster=1560812352609
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 6497
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 May 2019 16:25:53 GMT
x-amz-version-id: K6OjCBG6ulFcvIajkX.jb.v0TJEap7I.
accept-ranges: bytes
server: AmazonS3
date: Mon, 17 Jun 2019 22:09:46 GMT
etag: "dbc3f083f6de56d0b91c2002d26a3f6d"
cache-control: no-cache
age: 7487
x-cache: Hit from cloudfront
via: 1.1 ed522e38bfbcd76f653d4691110d92a1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2
x-amz-cf-id: aPe1sWcSrj_0uxlRkCHb2HJ-swSAUnDAftgrOZP8eXnvHo7Ep3PkLg==

GET
H/1.1 200
OK n Show response
edge.simplereach.com/ 373 B
965 B 424ms
102ms Script
application/javascript 2406:da00:ff00::36e1:cec6
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.simplereach.com/n?pid=5579ded9736b79d48fc40100&title=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&date=2019-03-05&authors=Martin%20Giles&channels=Computing&url=www.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&ignore_errors=false&referrer=&ref_url=&page_url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&cb=SPR.API.callbacks.cbfgpkceof&v=2.18.7
Requested by: Host: d8rk54i4mohrb.cloudfront.net
URL: https://d8rk54i4mohrb.cloudfront.net/js/reach.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da00:ff00::36e1:cec6 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: b33c1c5a81ceb1fcb6ab33a5e13b5dbf3df3804644be7ec0bbfaeffdcfb4fe66

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:13 GMT
Server: nginx/1.8.0
Connection: keep-alive
Content-Length: 373
Content-Type: application/javascript

GET
H2 200 rules-p-ffE9vWW7lzZG-.js Show response
rules.quantcount.com/ 3 B
355 B 57ms
6ms Script
application/x-javascript 2600:9000:200c:9a00:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-ffE9vWW7lzZG-.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:9a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 02:36:53 GMT
via: 1.1 d41256fff4c52560b6f36cf42caee95d.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 21:08:19 GMT
server: AmazonS3
age: 73340
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA2
accept-ranges: bytes
content-length: 3
x-amz-cf-id: zbk1oXHRHxvQQ6gF888Q7CNT5i7YOajY61v0wpEqeOiDzPxsj49N-A==

GET
H/1.1 200
OK technologyreview.com Show response
srv-2019-06-17-22.config.parsely.com/config/ 418 B
836 B 430ms
99ms Script
text/javascript 52.206.73.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://srv-2019-06-17-22.config.parsely.com/config/technologyreview.com
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.73.13 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-206-73-13.compute-1.amazonaws.com
Software: / Express
Resource Hash: f917d6132ac65ec70a5b070623b42891243ff740d6e325f5c01a68570db6c9e6

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:13 GMT
Cache-Control: private, no-cache
Connection: keep-alive
X-Powered-By: Express
ETag: W/"1a2-2iscAV65IrZSH5F0YKhj5g"
Content-Length: 418
Content-Type: text/javascript; charset=utf-8

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://tags.bluekai.com/site/20486?limit=0&id=5978151479298404334&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151479298404334%26eid=50056
https://ml314.com/csync.ashx?fp=iSQ11x9999OsuyC5&person_id=5978151479298404334&eid=50056

43 B
312 B

33ms
31ms

Image
image/gif

34.252.62.73
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=iSQ11x9999OsuyC5&person_id=5978151479298404334&eid=50056
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.62.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-252-62-73.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:12 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Tue, 18 Jun 2019 18:59:13 GMT

Redirect headers

Location: https://ml314.com/csync.ashx?fp=iSQ11x9999OsuyC5&person_id=5978151479298404334&eid=50056
Date: Mon, 17 Jun 2019 22:59:12 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: e0dd
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=5978151479298404334
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTNTk3ODE1MTQ3OTI5ODQwNDMzNBAAGg0IwLag6AUSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=893f56a85bf53c7103a960631612801fbb40cb2fde9ba72742c90950500af282f4cb09cee1a4f8eb&person_id=5978151479298404334&eid=50082

43 B
312 B

33ms
31ms

Image
image/gif

34.252.62.73
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=893f56a85bf53c7103a960631612801fbb40cb2fde9ba72742c90950500af282f4cb09cee1a4f8eb&person_id=5978151479298404334&eid=50082
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.62.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-252-62-73.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:12 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Tue, 18 Jun 2019 18:59:13 GMT

Redirect headers

date: Mon, 17 Jun 2019 22:59:13 GMT
via: 1.1 google
location: https://ml314.com/csync.ashx?fp=893f56a85bf53c7103a960631612801fbb40cb2fde9ba72742c90950500af282f4cb09cee1a4f8eb&person_id=5978151479298404334&eid=50082
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 307
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151479298404334%26eid=50220
https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151479298404334%26eid=50220&mm_bnc&mm_bct
https://ml314.com/csync.ashx?fp=3b835d08-0f14-4d00-9394-dc32d7910152&person_id=5978151479298404334&eid=50220

43 B
312 B

31ms
30ms

Image
image/gif

34.252.62.73
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=3b835d08-0f14-4d00-9394-dc32d7910152&person_id=5978151479298404334&eid=50220
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.62.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-252-62-73.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:12 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Tue, 18 Jun 2019 18:59:12 GMT

Redirect headers

Date: Mon, 17 Jun 2019 22:59:12 GMT
Server: MT3 1152 af30a16 master cdg-pixel-x8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://ml314.com/csync.ashx?fp=3b835d08-0f14-4d00-9394-dc32d7910152&person_id=5978151479298404334&eid=50220
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Mon, 17 Jun 2019 22:59:11 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151479298404334
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151479298404334
https://ml314.com/csync.ashx?fp=6a581aaaf7f2d28347c03f08e47c84da&eid=50146&person_id=5978151479298404334

43 B
312 B

29ms
29ms

Image
image/gif

34.252.62.73
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=6a581aaaf7f2d28347c03f08e47c84da&eid=50146&person_id=5978151479298404334
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.62.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-252-62-73.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:12 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Tue, 18 Jun 2019 18:59:13 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:13 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: https://ml314.com/csync.ashx?fp=6a581aaaf7f2d28347c03f08e47c84da&eid=50146&person_id=5978151479298404334
Cache-Control: no-cache
X-Server: 10.45.13.52
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2hCuZpEY24v_CCFf88k6GZ6Phgp7OldA-U2yeHUWLIXw&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil
https://ml314.com/csync.ashx?fp=2hCuZpEY24v_CCFf88k6GZ6Phgp7OldA-U2yeHUWLIXw&person_id=5978151479298404334&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil

70 B
171 B

8ms
7ms

Image
image/gif

18.185.83.216
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.185.83.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-185-83-216.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:13 GMT
Content-Length: 70
Content-Type: image/gif

Redirect headers

Date: Mon, 17 Jun 2019 22:59:12 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Cache-Control: private
Connection: keep-alive
Content-Length: 168
Expires: Tue, 18 Jun 2019 18:59:13 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 1 KB
1 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.51

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 772
x-xss-protection: 0
pragma: public
x-fb-debug: dHf/9ARxlqLISukSK6V8uzb8hu5DlNQAT/Uwv/0/PWAO+SwSi+MsITZdzmAUXA9pufIey+6m3JtBjCHQM28HHg==
x-fb-trip-id: 1475214379
date: Mon, 17 Jun 2019 22:59:12 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
322 B 26ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302431540264875&ev=PageView&dl=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&rl=&if=false&ts=1560812352706&sw=1600&sh=1200&v=2.8.51&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1560812352705.330175303&it=1560812352560&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 17 Jun 2019 22:59:12 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
99 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302431540264875&ev=ViewContent&dl=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&rl=&if=false&ts=1560812352708&cd[content_ids]=%5B%22613054%22%5D&cd[content_category]=Computing&sw=1600&sh=1200&v=2.8.51&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1560812352705.330175303&it=1560812352560&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 17 Jun 2019 22:59:12 GMT

GET
H/1.1 200
OK pixel;r=1234234435;labels=undefined;rf=0;a=p-ffE9vWW7lzZG-;url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social...
pixel.quantserve.com/ 35 B
479 B 64ms
8ms Image
image/gif 91.228.74.192
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=1234234435;labels=undefined;rf=0;a=p-ffE9vWW7lzZG-;url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook;fpan=1;fpa=P0-1919434112-1560812352740;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1560812352740;tzo=0;ogl=title.Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%252C%20and%20it%E2%80%99s%20spreading%2Cdescription.The%20rogue%20code%20can%20disable%20safety%20systems%20designed%20to%20prevent%20catastrophic%20indus%2Ctype.article%2Csite_name.MIT%20Technology%20Review%2Curl.https%3A%2F%2Fwww%252Etechnologyreview%252Ecom%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-%2Cimage.https%3A%2F%2Fcdn%252Etechnologyreview%252Ecom%2Fi%2Fimages%2Fmitheaderfinalv4%252Ejpg%3Fcx%3D0%26cy%3D109%26cw%3D27%2Cimage%3Aurl.https%3A%2F%2Fcdn%252Etechnologyreview%252Ecom%2Fi%2Fimages%2Fmitheaderfinalv4%252Ejpg%3Fcx%3D0%26cy%3D109%26cw%3D27%2Cimage%3Atype.image%2Fjpeg%2Cupdated_time.2019-03-06T05%3A52%3A31-05%3A00
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.192 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:13 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 optanon.css
cdn.cookielaw.org/skins/4.8.0/default_flat_top_two_button_black/v2/css/ 23 KB
6 KB 10ms
9ms Stylesheet
text/css 152.195.132.202
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/skins/4.8.0/default_flat_top_two_button_black/v2/css/optanon.css
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/a321aa9c-3063-4225-abb6-0285fd5607e6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.202 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F50) /
Resource Hash: 2d60d068778b4af2913f52dcd1f8fcd110295e51bedf959b2aa4e37ed290f150

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 17 Jun 2019 22:59:12 GMT
content-encoding: gzip
content-md5: iK/qJYkI6lRubIC8gEscgQ==
x-cache: HIT
status: 200
content-length: 5545
x-ms-lease-status: unlocked
last-modified: Tue, 07 May 2019 23:18:03 GMT
server: ECAcc (frc/8F50)
etag: 0x8D6D3424105F77E
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: db6af611-a01e-00d8-768e-0f7f37000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Tue, 18 Jun 2019 02:59:12 GMT

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
325 B 50ms
20ms Script
application/json 2606:4700:10::6814:b844
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery33108998089717281006_1560812352577&_=1560812352578
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
status: 200
cf-ray: 4e88a1f67da9d6c5-FRA
content-length: 32

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 May 2019 23:53:44 GMT
server: Golfe2
age: 726
date: Mon, 17 Jun 2019 22:47:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17595
expires: Tue, 18 Jun 2019 00:47:07 GMT

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 0
361 B 54ms
30ms Script
application/javascript 34.252.62.73
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=67059&ct=js&pi=5978151479298404334&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&pv=1560812352966_f95s2nj5d&bl=en-us&cb=6896647&return=&ht=&d=&dc=&si=1560812352591_ssv25nlch&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?175
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.62.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-252-62-73.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:12 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
Expires: 0

GET
H/1.1 200
OK / Show response
www.technologyreview.com/api/feed/ 30 KB
9 KB 168ms
167ms Fetch
application/json 34.206.36.121
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.technologyreview.com/api/feed/?offset=0&limit=10
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/_next/static/chunks/commons.64c5e94d6e03807137f8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.36.121 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-206-36-121.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 95ff5b5bbf850b61f62c28ec91d4591526730688a3e571cfa585cb9471a3bee3

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:13 GMT
Content-Encoding: gzip
Server: Cowboy
Vary: origin,accept-encoding
Content-Type: application/json; charset=utf-8
Via: 1.1 vegur
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK ad.gif
api-34-211-241-234.b2c.com/api/ 43 B
233 B 550ms
177ms Image
image/gif 2600:1f14:e96:5800:2ac1:df32:cad0:ed7e
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-34-211-241-234.b2c.com/api/ad.gif
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:e96:5800:2ac1:df32:cad0:ed7e Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:13 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
919 B 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:44:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 911
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 856
x-xss-protection: 0
expires: Mon, 17 Jun 2019 23:44:02 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 1900
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1296
x-xss-protection: 0
expires: Mon, 17 Jun 2019 23:27:33 GMT

POST
H2 200 json Show response
technologyreview.blueconic.net/DG/DEFAULT/rest/rpc/ 31 KB
5 KB 329ms
101ms XHR
application/json 54.152.84.119
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://technologyreview.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&bcsessionid=&bctempid=&overruleReferrer=&time=2019-06-17T22%3A59%3A13%2B00%3A00&ts=1560812353113

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/technologyreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.152.84.119 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-152-84-119.compute-1.amazonaws.com

Software

- /

Resource Hash

863c53621a17262fdbf712221c2adbb48ec9a3a1e41d177a5336bc3473167f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Origin: https://www.technologyreview.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Jun 2019 22:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 4899
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 6ms
5ms Image
image/gif 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j76&aip=1&a=1210433498&t=pageview&_s=1&dl=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&dp=%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&ul=en-us&de=UTF-8&dt=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAgEAr~&jid=1844394036&gjid=38309174&cid=334881020.1560812353&tid=UA-7747898-26&_gid=916846743.1560812353&gtm=2wg651TRBQMN&cd1=no&cd2=logged%20out%20%7C%20insider%3Dno&cd5=1560812352963.ugh565pm&cd6=2019-03-05&cd7=2019-06-17T22%3A59%3A12.963%2B00%3A00&cd8=02500&cd11=normal%20pageview&cd13=Martin%20Giles&cd14=News&cd15=Computing&cd20=334881020.1560812353&z=191245032

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jun 2019 09:23:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1431373
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j76&tid=UA-7747898-26&cid=334881020.1560812353&jid=1844394036&gjid=38309174&_gid=916846743.1560812353&_u=aGBAgEAr~&z=832200636
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7747898-26&cid=334881020.1560812353&jid=1844394036&_v=j76&z=832200636
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7747898-26&cid=334881020.1560812353&jid=1844394036&_v=j76&z=832200636&slf_rd=1&random=3064255239

42 B
109 B

19ms
18ms

Image
image/gif

2a00:1450:4001:820::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7747898-26&cid=334881020.1560812353&jid=1844394036&_v=j76&z=832200636&slf_rd=1&random=3064255239

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jun 2019 22:59:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Jun 2019 22:59:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7747898-26&cid=334881020.1560812353&jid=1844394036&_v=j76&z=832200636&slf_rd=1&random=3064255239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK event Show response
edge.simplereach.com/ 46 B
205 B 101ms
99ms Script
application/javascript 2406:da00:ff00::36e1:cec6
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.simplereach.com/event?event=csd&sd%5B25%5D=true&sd%5B50%5D=true&pid=5579ded9736b79d48fc40100&title=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&date=2019-03-05&authors=Martin%20Giles&channels=Computing&url=www.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&ignore_errors=false&referrer=&ref_url=&page_url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&cb=SPR.API.callbacks.cbxkucewn&v=2.18.7&cache_buster=1560812352609
Requested by: Host: d8rk54i4mohrb.cloudfront.net
URL: https://d8rk54i4mohrb.cloudfront.net/js/reach.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da00:ff00::36e1:cec6 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: 69041da1f1d48c4b2c868639134bf865c819d8f551285ca5573462102de7eb56

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:13 GMT
Server: nginx/1.8.0
Connection: keep-alive
Content-Length: 46
Content-Type: application/javascript

GET
H/1.1 200
OK ptrack-v1.3.1-engagedtime.js Show response
d1z2jf7jlzjs58.cloudfront.net/code/ 37 KB
15 KB 8ms
7ms Script
application/x-javascript 143.204.208.18
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/code/ptrack-v1.3.1-engagedtime.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.18 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-208-18.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 6490a25d62798071f40cb1c72bf6db2ffd03c6572a7653615e0d5bd3c683abef

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 07 Jun 2019 23:31:29 GMT
Content-Encoding: gzip
Age: 862058
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Pragma: public
Last-Modified: Fri, 07 Jun 2019 23:29:03 GMT
Server: nginx
ETag: W/"5cfaf33f-924c"
Content-Type: application/x-javascript
Via: 1.1 d7524ff4a82155dd51a24800cf39deec.cloudfront.net (CloudFront)
Cache-Control: max-age=315360000, public
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: Dn8VAaWlQKb8BMit5QTGafmb0nVGlm0hjCBQyD0-Vvgvfq8RV6TJiw==
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1210433498&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7747898-26&cid=334881020.1560812353&jid=634749605&_gid=916846743.1560812353&gjid=1050691259&_v=j76&z=1313618066
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7747898-26&cid=334881020.1560812353&jid=634749605&_v=j76&z=1313618066
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7747898-26&cid=334881020.1560812353&jid=634749605&_v=j76&z=1313618066&slf_rd=1&random=635785429

42 B
109 B

21ms
20ms

Image
image/gif

2a00:1450:4001:820::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7747898-26&cid=334881020.1560812353&jid=634749605&_v=j76&z=1313618066&slf_rd=1&random=635785429

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jun 2019 22:59:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Jun 2019 22:59:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7747898-26&cid=334881020.1560812353&jid=634749605&_v=j76&z=1313618066&slf_rd=1&random=635785429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
srv-2019-06-17-22.pixel.parsely.com/plogger/ 43 B
229 B 403ms
93ms Image
image/gif 3.216.32.87
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-2019-06-17-22.pixel.parsely.com/plogger/?rand=1560812353170&plid=21136581&idsite=technologyreview.com&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely_uuid%22%3A%228a4ef6f2-8a85-4b58-be70-0d1607e5da03%22%2C%22parsely_site_uuid%22%3A%22a84b68ca-579c-4b53-b2d0-c3f75928e17c%22%7D&sid=1&surl=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&sref=&sts=1560812353167&slts=0&title=Triton+is+the+world%E2%80%99s+most+murderous+malware%2C+and+it%E2%80%99s+spreading+-+MIT+Technology+Review&date=Mon+Jun+17+2019+22%3A59%3A13+GMT%2B0000+(Coordinated+Universal+Time)&action=pageview&js=1&action_name=virtualPageView&pvid=62154639&u=a84b68ca-579c-4b53-b2d0-c3f75928e17c
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.32.87 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-216-32-87.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:13 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 armlogoblue150md.png
cdn.technologyreview.com/i/images/ 2 KB
2 KB 11ms
11ms Image
image/png 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/i/images/armlogoblue150md.png?sw=200
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3474b1d4feac155e23e276beda5f5b41457a785217b8d7a9c6c84454ffa62483

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:13 GMT
via: 1.1 vegur
cf-cache-status: HIT
cf-polished: pngoptimizer, origSize=3151
status: 200
cf-bgj: imgq:85
content-length: 2275
last-modified: Tue, 14 May 2019 14:01:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 4e88a1f81e64c29f-FRA
expires: Thu, 27 Jun 2019 14:06:12 GMT

GET
H2 200 bbva-logo_5.png
cdn.technologyreview.com/i/images/ 1 KB
1 KB 10ms
9ms Image
image/png 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/i/images/bbva-logo_5.png?sw=200
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09559fc5a6fc5e8f46ca54a5ddb76385be771e03b2c836e5f691b5f5f3b2e784

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:13 GMT
via: 1.1 vegur
cf-cache-status: HIT
cf-polished: pngoptimizer, origSize=1970
status: 200
cf-bgj: imgq:85
content-length: 1146
last-modified: Fri, 14 Jun 2019 15:00:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 4e88a1f81e65c29f-FRA
expires: Fri, 28 Jun 2019 17:09:22 GMT

POST
H2 200 /
www.facebook.com/tr/ Frame 9C8F 0
0 19ms
18ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 4913
pragma: no-cache
cache-control: no-cache
origin: https://www.technologyreview.com
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
accept-encoding: gzip, deflate, br
cookie: fr=0cBcFrCrxF0tWeB02..BdCBtA...1.0.BdCBtA.
Origin: https://www.technologyreview.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://www.technologyreview.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
server: proxygen-bolt
date: Mon, 17 Jun 2019 22:59:13 GMT

GET
H/1.1

302
Moved Temporarily

4 Show response
api-34-211-241-234.b2c.com/api/
Redirect Chain

https://api-34-211-241-234.b2c.com/api/x?lrR5dVsU5XeD2uir$dXJsJDAkaHR0cHM6Ly93d3cudGVjaG5vbG9neXJldmlldy5jb20vcy82MTMwNTQvY3liZXJzZWN1cml0eS1jcml0aWNhbC1pbmZyYXN0cnVjdHVyZS10cml0b24tbWFsd2FyZS8_dXR...
https://api-34-211-241-234.b2c.com:444/api/4?lrR5dVsU5XeD2uir

0
-1 B

547ms
189ms

XHR
text/html

2600:1f14:e96:5800:2ac1:df32:cad0:ed7e
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api-34-211-241-234.b2c.com:444/api/4?lrR5dVsU5XeD2uir
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:e96:5800:2ac1:df32:cad0:ed7e Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:13 GMT
Server: openresty
Access-Control-Allow-Origin: https://www.technologyreview.com
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: https://api-34-211-241-234.b2c.com:444/api/4?lrR5dVsU5XeD2uir
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 142

Redirect headers

Date: Mon, 17 Jun 2019 22:59:13 GMT
Server: openresty
Location: https://api-34-211-241-234.b2c.com:444/api/4?lrR5dVsU5XeD2uir
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: https://www.technologyreview.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 142

GET
H2 200 c6a5ab87e32b63f24c402e56c62fa4d8 Show response
technologyreview.blueconic.net/plugin/plugin/ 32 KB
8 KB 100ms
100ms Script
text/javascript 54.152.84.119
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://technologyreview.blueconic.net/plugin/plugin/c6a5ab87e32b63f24c402e56c62fa4d8

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/technologyreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.152.84.119 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-152-84-119.compute-1.amazonaws.com

Software

- /

Resource Hash

cfc0fb030c97a44892f093a0d41e6ba1b3e2f6a240ac0b2ac0b5ff86e217944d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
server: -
etag: c6a5ab87e32b63f24c402e56c62fa4d8
p3p: policyref="", CP="DSP"
status: 200
x-permitted-cross-domain-policies: master-only
cache-control: private, max-age=31536000
x-robots-tag: noindex, nofollow
content-length: 7828
x-xss-protection: 1; mode=block
expires: Tue, 16 Jun 2020 22:59:13 GMT

GET
H2 200 04a143cf0e7cf873e56eadd52d86e1e3 Show response
technologyreview.blueconic.net/plugin/library/ 230 KB
71 KB 103ms
103ms Script
text/javascript 54.152.84.119
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://technologyreview.blueconic.net/plugin/library/04a143cf0e7cf873e56eadd52d86e1e3

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/technologyreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.152.84.119 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-152-84-119.compute-1.amazonaws.com

Software

- /

Resource Hash

db5fd7a156574cf16149d26d68910770bd839b5f9aae6e6a3c93df836d0d9f8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
server: -
etag: 04a143cf0e7cf873e56eadd52d86e1e3
p3p: policyref="", CP="DSP"
status: 200
x-permitted-cross-domain-policies: master-only
cache-control: private, max-age=31536000
x-robots-tag: noindex, nofollow
content-length: 72518
x-xss-protection: 1; mode=block
expires: Tue, 16 Jun 2020 22:59:13 GMT

POST
H2 200 LB-Zone-3 Show response
technologyreview.blueconic.net/DG/DEFAULT/rest/rpc/json/ 1 KB
1 KB 297ms
297ms XHR
application/json 54.152.84.119
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://technologyreview.blueconic.net/DG/DEFAULT/rest/rpc/json/LB-Zone-3?referer=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&bcsessionid=&bctempid=d200a5c4-668a-4223-803d-982a95b35a69&overruleReferrer=&time=2019-06-17T22%3A59%3A13%2B00%3A00&ts=1560812353557

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/technologyreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.152.84.119 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-152-84-119.compute-1.amazonaws.com

Software

- /

Resource Hash

3edcd422135672056c1158850e950b65950b1776a34b32c350901f303b470adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Origin: https://www.technologyreview.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Jun 2019 22:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 615
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK x
api-34-211-241-234.b2c.com/api/ 0
394 B 180ms
179ms Other
text/plain 2600:1f14:e96:5800:2ac1:df32:cad0:ed7e
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api-34-211-241-234.b2c.com/api/x?lrR5dVsU5XeD2uir$YWRibG9jayQ1NzgkMA
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:e96:5800:2ac1:df32:cad0:ed7e Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Origin: https://www.technologyreview.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:13 GMT
Server: openresty
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.technologyreview.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: -1

POST
H2 200 json Show response
technologyreview.blueconic.net/DG/DEFAULT/rest/rpc/ 195 B
681 B 103ms
103ms XHR
application/json 54.152.84.119
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://technologyreview.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&bcsessionid=d200a5c4-668a-4223-803d-982a95b35a69&bctempid=&overruleReferrer=&time=2019-06-17T22%3A59%3A13%2B00%3A00&ts=1560812353897

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/technologyreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.152.84.119 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-152-84-119.compute-1.amazonaws.com

Software

- /

Resource Hash

9b1405c9563fd03332c72696704797277c7b041a19e483bfef7ca613626a4c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Origin: https://www.technologyreview.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Jun 2019 22:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 118
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/16198136/ 0
400 B 8ms
7ms Script
application/x-javascript 2.19.43.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/16198136/cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-43-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Thu, 20 Jun 2019 22:59:13 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/ 32 B
587 B 168ms
119ms XHR
application/json 2606:4700::6811:cccc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/json?portalId=4518541

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c318f7e927701be1a5cb370e210b91c26df66249b47ed0d331c9550452221d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Origin: https://www.technologyreview.com

Response headers

date: Mon, 17 Jun 2019 22:59:14 GMT
content-encoding: br
status: 200
server: cloudflare
x-trace: 2B4CC89CC0DE89D3AF492DC90D40CF2D2B6C33B392000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.technologyreview.com
access-control-max-age: 180
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 4e88a1fc4bf79790-FRA
access-control-allow-headers: *

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
447 B 71ms
17ms Image
image/gif 2606:4700::6810:fb05
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1202221907&v=1.1&a=4518541&rcu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&pu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&t=Triton+is+the+world%E2%80%99s+most+murderous+malware%2C+and+it%E2%80%99s+spreading+-+MIT+Technology+Review&cts=1560812353912&vi=fc5dc1a4b2652e311275391bd46021d8&nc=true&u=12316075.fc5dc1a4b2652e311275391bd46021d8.1560812353906.1560812353906.1560812353906.1&b=12316075.1.1560812353906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fb05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 4e88a1fc5af79766-FRA
date: Mon, 17 Jun 2019 22:59:13 GMT
content-type: image/gif
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK 9.e00c5bda336cd1ad1697.js Show response
www.technologyreview.com/_next/static/chunks/ 28 KB
8 KB 105ms
104ms Script
application/javascript 34.206.36.121
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.technologyreview.com/_next/static/chunks/9.e00c5bda336cd1ad1697.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/_next/static/runtime/webpack-0a7cb82f645d7b2217cc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.36.121 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-206-36-121.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: b234e48df29f3f155d00011679004042fe11895f8c3210e755d5a3d9b9d1449b

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:13 GMT
Content-Encoding: br
Last-Modified: Fri, 14 Jun 2019 21:08:11 GMT
Server: Cowboy
Etag: W/"1c9f-16b57d1ba78"
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 vegur
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7327

GET
H/1.1 200
OK 4 Show response
api-34-211-241-234.b2c.com/api/ 43 B
441 B 700ms
176ms XHR
image/gif 34.211.241.234
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api-34-211-241-234.b2c.com:444/api/4?lrR5dVsU5XeD2uir
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.211.241.234 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-211-241-234.us-west-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Origin: null

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:14 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: null
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
Expires: -1

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 42 KB
4 KB 182ms
129ms XHR
application/json 2606:4700::6810:fd05
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=4518541&utk=fc5dc1a4b2652e311275391bd46021d8&__hstc=12316075.fc5dc1a4b2652e311275391bd46021d8.1560812353906.1560812353906.1560812353906.1&__hssc=12316075.1.1560812353906&currentUrl=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fd05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4cfc289e42797b8e9f3fa94e9cea5f2f39e1221a47c5e7bcf1a304e8c9f3fa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Origin: https://www.technologyreview.com

Response headers

date: Mon, 17 Jun 2019 22:59:14 GMT
content-encoding: br
x-robots-tag: none
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 4e88a1fc890ed6d1-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 33 KB
11 KB 68ms
39ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.technologyreview.com
URL: https://www.technologyreview.com/_next/static/chunks/9.e00c5bda336cd1ad1697.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

00456d627a113bb9466e3d5f48bdeb79415281ad07762afc851301b09a61ee38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "199 / 892 of 1000 / last-modified: 1560807676"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10993
x-xss-protection: 0
expires: Mon, 17 Jun 2019 22:59:14 GMT

POST
H2 200 json Show response
technologyreview.blueconic.net/DG/DEFAULT/rest/rpc/ 98 B
674 B 109ms
108ms XHR
application/json 54.152.84.119
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://technologyreview.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&bcsessionid=d200a5c4-668a-4223-803d-982a95b35a69&bctempid=&overruleReferrer=&time=2019-06-17T22%3A59%3A14%2B00%3A00&ts=1560812354082

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/technologyreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.152.84.119 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-152-84-119.compute-1.amazonaws.com

Software

- /

Resource Hash

eb0871f0dedc8f3a331f00a61144114c6a979deb9e5a5dcfbabc80755d7ffbb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Origin: https://www.technologyreview.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Jun 2019 22:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 109
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
481 B 45ms
16ms Script
application/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.technologyreview.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
481 B 40ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.technologyreview.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019061301.js Show response
securepubads.g.doubleclick.net/gpt/ 149 KB
55 KB 68ms
40ms Script
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019061301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

sffe /

Resource Hash

30980ca8ed30305e9a77ab58d8540da7cae17480c8ee3f5a509d724d4aa7000a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 Jun 2019 13:06:55 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 55726
x-xss-protection: 0
expires: Mon, 17 Jun 2019 22:59:14 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
123 B 14ms
13ms Image
image/gif 2606:4700::6810:fb05
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=87f2f4fb-d8ba-4442-8197-e57c3562e2c3&lfi=413099&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1202221907&v=1.1&a=4518541&rcu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&pu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&t=Triton+is+the+world%E2%80%99s+most+murderous+malware%2C+and+it%E2%80%99s+spreading+-+MIT+Technology+Review&cts=1560812354142&vi=fc5dc1a4b2652e311275391bd46021d8&nc=true&u=12316075.fc5dc1a4b2652e311275391bd46021d8.1560812353906.1560812353906.1560812353906.1&b=12316075.1.1560812353906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fb05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 4e88a1fd6bc09766-FRA
date: Mon, 17 Jun 2019 22:59:14 GMT
content-type: image/gif
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
11 KB 50ms
50ms XHR
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4006361474669770&correlator=1376742507752189&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=21063636&vrg=2019061301&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-33&ecs=20190617&iu=%2F3293%2F__site%2F__leaderboard&sz=728x90&scp=hostname%3Dwww.technologyreview.com%26pathname%3D%252Fs%252F613054%252Fcybersecurity-critical-infrastructure-triton-malware%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1560812354&dt=1560812354252&dlt=1560812352016&idt=2208&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=20&adk=3115668371&uci=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&dssz=71&icsg=15737290688&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=334881020.1560812353&ga_sid=1560812354&ga_hid=1210433498&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

0f039302c882a880897227d93df75dfec50cd443941b64b590efca95189a9e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Origin: https://www.technologyreview.com

Response headers

date: Mon, 17 Jun 2019 22:59:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10571
x-xss-protection: 0
google-lineitem-id: 5062229960
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138270556651
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019061301.js Show response
securepubads.g.doubleclick.net/gpt/ 66 KB
25 KB 40ms
39ms Script
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

sffe /

Resource Hash

a08845e2eddff2da6f2b64ec9a9dd91767a9311dc0dc971c8011fb9831623a2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 Jun 2019 13:06:55 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 25526
x-xss-protection: 0
expires: Mon, 17 Jun 2019 22:59:14 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/ 0
0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
10 KB 49ms
48ms XHR
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4006361474669770&correlator=3911092929111671&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&adsid=NT&eid=21063636&vrg=2019061301&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-33&ecs=20190617&iu=%2F3293%2F__site%2F__square-only&sz=300x250&scp=hostname%3Dwww.technologyreview.com%26pathname%3D%252Fs%252F613054%252Fcybersecurity-critical-infrastructure-triton-malware%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1560812354&dt=1560812354263&dlt=1560812352016&idt=2208&frm=20&biw=1585&bih=1200&oid=3&adx=1129&ady=834&adk=2351425115&uci=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&dssz=72&icsg=15737290688&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=334881020.1560812353&ga_sid=1560812354&ga_hid=1210433498&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

9e63b88a62fbe310454e043b25ea5568964d4231d36f6ae6afc1fee611ae2ec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Origin: https://www.technologyreview.com

Response headers

date: Mon, 17 Jun 2019 22:59:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10558
x-xss-protection: 0
google-lineitem-id: 5054127574
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138269138952
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 7 KB
3 KB 53ms
53ms XHR
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4006361474669770&correlator=3124791788899954&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&adsid=NT&eid=21063636&vrg=2019061301&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-33&ecs=20190617&iu=%2F3293%2F__site%2F__slider&sz=320x187&scp=hostname%3Dwww.technologyreview.com%26pathname%3D%252Fs%252F613054%252Fcybersecurity-critical-infrastructure-triton-malware%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1560812354&dt=1560812354268&dlt=1560812352016&idt=2208&frm=20&biw=1585&bih=1200&oid=3&adx=1585&ady=943&adk=3348403339&uci=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&dssz=72&icsg=15737290688&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=334881020.1560812353&ga_sid=1560812354&ga_hid=1210433498&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

80bd11a9d1e2374cb716b5a79bf1ef16d447453bdf72bb6fd3529c3fd69a8545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Origin: https://www.technologyreview.com

Response headers

date: Mon, 17 Jun 2019 22:59:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 3043
x-xss-protection: 0
google-lineitem-id: 5075649574
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138271378308
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
11 KB 60ms
60ms XHR
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4006361474669770&correlator=3604567364062276&output=json_html&callback=googletag.impl.pubads.callbackProxy4&impl=fif&adsid=NT&eid=21063636&vrg=2019061301&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-33&ecs=20190617&iu=%2F3293%2F__site%2F__postitial&sz=320x480&scp=hostname%3Dwww.technologyreview.com%26pathname%3D%252Fs%252F613054%252Fcybersecurity-critical-infrastructure-triton-malware%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1560812354&dt=1560812354272&dlt=1560812352016&idt=2208&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=343797740&uci=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&dssz=72&icsg=15737290688&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&blev=1&bisch=1&ga_vid=334881020.1560812353&ga_sid=1560812354&ga_hid=1210433498&fws=128

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

6ccdd6a4fb592bc2642edd77080e8377dfddefdaa19e7b98b27234d6c4daa4a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Origin: https://www.technologyreview.com

Response headers

date: Mon, 17 Jun 2019 22:59:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10575
x-xss-protection: 0
google-lineitem-id: 5054018829
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138270271322
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
10 KB 54ms
53ms XHR
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4006361474669770&correlator=1233095067132118&output=json_html&callback=googletag.impl.pubads.callbackProxy5&impl=fif&adsid=NT&eid=21063636&vrg=2019061301&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-33&ecs=20190617&iu=%2F3293%2F__site%2F__square-only&sz=300x250&scp=hostname%3Dwww.technologyreview.com%26pathname%3D%252Fs%252F613054%252Fcybersecurity-critical-infrastructure-triton-malware%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1560812354&dt=1560812354281&dlt=1560812352016&idt=2208&frm=20&biw=1585&bih=1200&oid=3&adx=242&ady=4629&adk=1693455420&uci=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&dssz=72&icsg=15737290688&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=676x-1&msz=676x-1&blev=1&bisch=1&ga_vid=334881020.1560812353&ga_sid=1560812354&ga_hid=1210433498&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

5190a323f0feab6299b7c9784758f21be88ceea6585f7fba02377bb128cead83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
Origin: https://www.technologyreview.com

Response headers

date: Mon, 17 Jun 2019 22:59:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10565
x-xss-protection: 0
google-lineitem-id: 5054127574
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138269138952
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 3E90 0
273 B 20ms
19ms Fetch
image/gif 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPYDSc16DNG-alVM4ltJLxXrP5wCSW3GqsbmDz1VOA2whBFYRCYxt8Dlhy7idPVOoN1iww46nx6V9UBKoo4ZJRQ_uU46bexMuJ6UpP_7GNknXGuANstDJkTMirb3vhSduuDVjW7a6Fg8lkZSey60cO4I5juRIE19W77caaiMDOUepHtXqMkBr4OTbWUTDxTqhfZ58zcCREpxWQhtlQsZl26jru2q-UxwAaZlel8SF_94cmVAKjWjf4zxeiK9Fk3lUdI94zwueOBr1b85U&sai=AMfl-YRgqpO_-hlMkvbI1QCF6JqAFhihg9uVIAgkir6zybl7X6-aE9br7ROHrKwupHR9bUOplAD15ASdzRk9a-pQbce29W7FLt9OanU93Cdj2w&sig=Cg0ArKJSzKfilXT0aDtnEAE&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Jun 2019 22:59:14 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Mon, 17 Jun 2019 22:59:14 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20190612/r20110914/ Frame 3E90 30 KB
11 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190612/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

238a34c16b3b9e29ee7e72631c068731759aac0bb22c48c292f744f600019995

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 00:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 11290
x-xss-protection: 0
server: cafe
etag: 12524661438965131630
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jun 2019 00:14:51 GMT

GET
H2 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20190612/r20110914/client/ Frame 3E90 2 KB
1 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190612/r20110914/client/window_focus.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4dfca649e59a9cefb91ffe46b878bf59d0c8d1a442a99d428ad696aa8daa5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 01:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1056
x-xss-protection: 0
server: cafe
etag: 10388620150615422707
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jun 2019 01:02:14 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3E90 74 KB
28 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

53947745ef8bde129bdbdcb24ff294ce4d1eacf3ffd6014d97cf961f70ee56bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1560510989559007"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28166
x-xss-protection: 0
expires: Mon, 17 Jun 2019 22:59:14 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/mittechnologyreviewdfp991240917930/ Frame 3E90 260 KB
88 KB 53ms
8ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/mittechnologyreviewdfp991240917930/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c6b1ce31b40530fda2b686385f1ded3ce2012d696d9752e2a990598245fb960f

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jun 2019 17:07:56 GMT
Server: AmazonS3
x-amz-request-id: 0485CAA045D262E8
ETag: "ab4c96aa1afe30159497408fbe484abd"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=4455
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89696
x-amz-id-2: 8TT0W0Bf/urWtcOLtJ0avCGSJycIDc1i5ZMJhZT1MBIfV3DHPLu4dPmB7KLyQbYNUMRlrIJg/gY=

GET
H2 200 8602593469555969342
tpc.googlesyndication.com/simgad/ Frame 3E90 56 KB
56 KB 30ms
12ms Image
image/png 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8602593469555969342

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

09b584bdafcf16365c39b0d734ab0f2645419f8dcf039c7d73ffd054435c518e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 02 Jun 2019 17:31:44 GMT
x-content-type-options: nosniff
age: 1315650
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 57233
x-xss-protection: 0
last-modified: Wed, 15 May 2019 18:15:30 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Jun 2020 17:31:44 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 75 KB
28 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

72f43d97a6b80bc91e467b99ee9b255dd767dd19ef7bb59ac8fca3ed04363b16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1560510989559007"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28264
x-xss-protection: 0
expires: Mon, 17 Jun 2019 22:59:14 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 7F17 0
255 B 23ms
18ms Fetch
image/gif 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmRuE2ConCk0jYR7_WIXVKw_D0ldd98HTJIFVlxQgKgKnpOaxFLz_1RIFqzbJRAlfXz9Hm-12zjo0Z_f-6TNGTrPXKqWP31vJ02DGyLanRm-GqftqOUS9UPXNlUA1AmSWZQ9mKFOsnnNRrUyNz5FRhhFqJR5vYlVV-WwLgsHX3whJJBCIv-ksvRWUMoc6jgV6brdHCTkWCaEUNNDv2DIwy2wXhKv2BP9lK0eLwsT-sTm1LeMf-yAcJ1bdJJCRymmqVNjS-eFLvWvk6uKU&sai=AMfl-YSNPoNMmPJGgp585eEvlFtAn74Hbg8VsXnREnrldNrthPOmvKorGKM7b7EW-tra_2I9Oj8_veDAXCYCNx3tXk4XT_8ET2xCYtFcBMEP&sig=Cg0ArKJSzKmSO0-LZXLbEAE&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Jun 2019 22:59:14 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Mon, 17 Jun 2019 22:59:14 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20190612/r20110914/ Frame 7F17 30 KB
11 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190612/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

238a34c16b3b9e29ee7e72631c068731759aac0bb22c48c292f744f600019995

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 00:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 11290
x-xss-protection: 0
server: cafe
etag: 12524661438965131630
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jun 2019 00:14:51 GMT

GET
H2 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20190612/r20110914/client/ Frame 7F17 2 KB
1 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190612/r20110914/client/window_focus.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4dfca649e59a9cefb91ffe46b878bf59d0c8d1a442a99d428ad696aa8daa5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 01:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1056
x-xss-protection: 0
server: cafe
etag: 10388620150615422707
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jun 2019 01:02:14 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F17 74 KB
28 KB 44ms
39ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

53947745ef8bde129bdbdcb24ff294ce4d1eacf3ffd6014d97cf961f70ee56bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1560510989559007"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28166
x-xss-protection: 0
expires: Mon, 17 Jun 2019 22:59:14 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/mittechnologyreviewdfp991240917930/ Frame 7F17 260 KB
88 KB 39ms
8ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/mittechnologyreviewdfp991240917930/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c6b1ce31b40530fda2b686385f1ded3ce2012d696d9752e2a990598245fb960f

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jun 2019 17:07:56 GMT
Server: AmazonS3
x-amz-request-id: 0485CAA045D262E8
ETag: "ab4c96aa1afe30159497408fbe484abd"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=4455
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89696
x-amz-id-2: 8TT0W0Bf/urWtcOLtJ0avCGSJycIDc1i5ZMJhZT1MBIfV3DHPLu4dPmB7KLyQbYNUMRlrIJg/gY=

GET
H2 200 8985805443648418314
tpc.googlesyndication.com/simgad/ Frame 7F17 77 KB
78 KB 21ms
19ms Image
image/png 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8985805443648418314

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c05a7aac89e9ee1220e94813f2f78d025d1627797ae178efd8f20a9cfa963b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Jun 2019 21:39:37 GMT
x-content-type-options: nosniff
age: 350377
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 79228
x-xss-protection: 0
last-modified: Fri, 10 May 2019 19:08:12 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jun 2020 21:39:37 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/ Frame D3BF 0
0 18ms
15ms Document
text/html 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-33/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 3444
date: Fri, 14 Jun 2019 00:12:37 GMT
expires: Sat, 13 Jun 2020 00:12:37 GMT
last-modified: Tue, 16 Apr 2019 19:37:56 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 341197
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame A1F2 0
57 B 21ms
21ms Fetch
image/gif 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFazh0JgyS2mBgI7jDgk7V8KZwIRGl-8d-Y-K6oQiNbAAp-WIT3_FGwXZlL5l6Ega1x_SNa_-QovW2407NnSBiRyGLexQhRZyAW7xKT2cVSmdsOmfuJllrts5tHMB8StDwEEYMY3FOdd66lDC864jBer4dzzBr2NJvv1K17ol_arNc-r5Ey8srr4uN9oEc00vhk9Rt5jxttLwAKS5eGkeexd6C3dRb1Tf1YD38pAF5v4Jv19_afG0QsSfmo0TjoOrm9fdbVUE7MYPX9FM&sai=AMfl-YR8KHRqPt6fF35uoYm8QIVruggnxAIt9u6qJ7dkSY8RRHYJaJjVxA2oxBVoTud4DBmKx_oYJpXZyt2UasqExwaill-TsX8uj2HReij6&sig=Cg0ArKJSzLnHc-_vYwB1EAE&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Jun 2019 22:59:14 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 8985805443648418314
tpc.googlesyndication.com/simgad/ Frame A1F2 77 KB
77 KB 9ms
6ms Image
image/png 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8985805443648418314

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c05a7aac89e9ee1220e94813f2f78d025d1627797ae178efd8f20a9cfa963b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 13 Jun 2019 21:39:37 GMT
x-content-type-options: nosniff
age: 350377
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 79228
x-xss-protection: 0
last-modified: Fri, 10 May 2019 19:08:12 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jun 2020 21:39:37 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20190612/r20110914/ Frame A1F2 30 KB
11 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190612/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

238a34c16b3b9e29ee7e72631c068731759aac0bb22c48c292f744f600019995

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 00:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 11290
x-xss-protection: 0
server: cafe
etag: 12524661438965131630
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jun 2019 00:14:51 GMT

GET
H2 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20190612/r20110914/client/ Frame A1F2 2 KB
1 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190612/r20110914/client/window_focus.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4dfca649e59a9cefb91ffe46b878bf59d0c8d1a442a99d428ad696aa8daa5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 01:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1056
x-xss-protection: 0
server: cafe
etag: 10388620150615422707
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jun 2019 01:02:14 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A1F2 74 KB
28 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

53947745ef8bde129bdbdcb24ff294ce4d1eacf3ffd6014d97cf961f70ee56bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1560510989559007"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28166
x-xss-protection: 0
expires: Mon, 17 Jun 2019 22:59:14 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/mittechnologyreviewdfp991240917930/ Frame A1F2 260 KB
88 KB 25ms
8ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/mittechnologyreviewdfp991240917930/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c6b1ce31b40530fda2b686385f1ded3ce2012d696d9752e2a990598245fb960f

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jun 2019 17:07:56 GMT
Server: AmazonS3
x-amz-request-id: 0485CAA045D262E8
ETag: "ab4c96aa1afe30159497408fbe484abd"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=52323
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89696
x-amz-id-2: 8TT0W0Bf/urWtcOLtJ0avCGSJycIDc1i5ZMJhZT1MBIfV3DHPLu4dPmB7KLyQbYNUMRlrIJg/gY=

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame D7B0 0
57 B 26ms
19ms Fetch
image/gif 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5dS_uASyKSPm9uCcuOElynm0ZMRvGvYq9M8mLyilaVwdLoeOjcZ6fPU7gpxtYJwMVOJ71Tl0isCyB7mzLuzWvJdFDhQ7KBHuzCbiRuM2ckIBt1uvxPym8qrbU9T9hkvLvXqZQrVS3ZeSKu2iH24jqHP2ecteg17Y79plHPjmQQzIEayq-Fo9XZIWzwoK4duE2UiRuoOCQlz9QSEg3i3TpxzVe_5hqkUK3F14nZ1X0hwZVUMA3u4nsiWVhsI7AP8Sox0k2lyVrDlGr-DhhNdcVXEUH6d4dbaDdhszkqqcGSsvgqaisOQ&sai=AMfl-YRzeyNV4cbTuz_y4vMq-vFbhTeZyfC3MsMVwesHtlE1uKN_uSAMT_vefOTgudXucz6U_xy4nfv_fsGa2dr3JRVzaMJzj4IwIXfKKVVl&sig=Cg0ArKJSzLiDdHex3SG1EAE&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Jun 2019 22:59:14 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20190612/r20110914/ Frame D7B0 30 KB
11 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190612/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

238a34c16b3b9e29ee7e72631c068731759aac0bb22c48c292f744f600019995

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 00:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 11290
x-xss-protection: 0
server: cafe
etag: 12524661438965131630
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jun 2019 00:14:51 GMT

GET
H2 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20190612/r20110914/client/ Frame D7B0 2 KB
1 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190612/r20110914/client/window_focus.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4dfca649e59a9cefb91ffe46b878bf59d0c8d1a442a99d428ad696aa8daa5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 01:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1056
x-xss-protection: 0
server: cafe
etag: 10388620150615422707
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jun 2019 01:02:14 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame D7B0 74 KB
28 KB 45ms
39ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

53947745ef8bde129bdbdcb24ff294ce4d1eacf3ffd6014d97cf961f70ee56bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1560510989559007"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28166
x-xss-protection: 0
expires: Mon, 17 Jun 2019 22:59:14 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/mittechnologyreviewdfp991240917930/ Frame D7B0 260 KB
88 KB 23ms
8ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/mittechnologyreviewdfp991240917930/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c6b1ce31b40530fda2b686385f1ded3ce2012d696d9752e2a990598245fb960f

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jun 2019 17:07:56 GMT
Server: AmazonS3
x-amz-request-id: 0485CAA045D262E8
ETag: "ab4c96aa1afe30159497408fbe484abd"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=52323
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89696
x-amz-id-2: 8TT0W0Bf/urWtcOLtJ0avCGSJycIDc1i5ZMJhZT1MBIfV3DHPLu4dPmB7KLyQbYNUMRlrIJg/gY=

GET
H2 200 14280404477663853268
tpc.googlesyndication.com/simgad/ Frame D7B0 163 KB
163 KB 13ms
8ms Image
image/png 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14280404477663853268

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d507737c7c9d3696154a355417c8250317256bfda9c75d716e2efd5e205f0761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 03:27:26 GMT
x-content-type-options: nosniff
age: 1279908
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 166803
x-xss-protection: 0
last-modified: Wed, 15 May 2019 18:10:33 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jun 2020 03:27:26 GMT

GET
DATA 200
OK truncated
/ Frame 3E90 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2785198a229799c363f0d50c9034a09a0557493edb93f09f8161d934f2bbaae

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7F17 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7986600927ecffdfb2bae75d7b87c2b49b1262d31120ad4152e1ef8f886a43af

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 89ms
7ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=MITTECHREVIEWDFP1&hp=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&o=3&t=1560812354513&de=218083618331&m=0&ar=b3d80b92f2-clean&q=2&cb=0&ym=0&cu=1560812354513&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4451373307%3A2537960330%3A5054127574%3A138269138952&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&id=1&bo=32883227&bd=32886827&gw=mittechnologyreviewdfp991240917930&fd=1&ac=1&it=500&fs=165964&na=1187485893&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:14 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 17 Jun 2019 22:59:14 GMT

GET
DATA 200
OK truncated
/ Frame A1F2 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc0386e682d1c9a12b7db5b6e152cbb8d1d956d0640524018da0ce1b1459e8d4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 16ms
14ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F8985805443648418314&i=MITTECHREVIEWDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tW%2490vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DNCLmT%23%3CF%2B1S%2BapY%3C%5ECUo1vOJ%3D%3A9)NpU7efcH%3BH%3BB__PyDN(%2BWx*h~%3F03*%5B)%2C2iVSWfV%7D%2F%2FRA7R.eJKx%7Ci6sGm!ryh%7Cek)3.%5BqC%7Dq%5BDgh%2C%7BtNQS1%5EPmKmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&id=1&f=0&j=&o=3&t=1560812354513&de=218083618331&cu=1560812354513&m=73&ar=b3d80b92f2-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8196&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&as=0&ag=24&an=0&gf=24&gg=0&ix=24&ic=24&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=24&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=48&cd=0&ah=48&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4451373307%3A2537960330%3A5054127574%3A138269138952&bo=32883227&bd=32886827&gw=mittechnologyreviewdfp991240917930&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=165964&na=1282189239&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:14 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 17 Jun 2019 22:59:14 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 13ms
12ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=MITTECHREVIEWDFP1&hp=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&o=3&t=1560812354595&de=448869557439&m=0&ar=b3d80b92f2-clean&q=5&cb=0&ym=0&cu=1560812354595&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4451373307%3A2537960330%3A5062229960%3A138270556651&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&id=1&bo=32883227&bd=32883347&gw=mittechnologyreviewdfp991240917930&fd=1&ac=1&it=500&fs=165964&na=1638121509&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:14 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 17 Jun 2019 22:59:14 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 7ms
7ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F8602593469555969342&i=MITTECHREVIEWDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tW%2490vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DNCLmT%23%3CF%2B1S%2BapY%3C%5ECUo1vOJ%3D%3A9)NpU7efcH%3BH%3BB__PyDN(%2BWx*h~%3F03*%5B)%2C2iVSWfV%7D%2F%2FRA7R.eJKx%7Ci6sGm!ryh%7Cek)3.%5BqC%7Dq%5BDgh%2C%7BtNQS1%5EPmKmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&id=1&f=0&j=&o=3&t=1560812354595&de=448869557439&cu=1560812354595&m=43&ar=b3d80b92f2-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8196&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&as=0&ag=17&an=0&gf=17&gg=0&ix=17&ic=17&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=17&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=33&cd=0&ah=33&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4451373307%3A2537960330%3A5062229960%3A138270556651&bo=32883227&bd=32883347&gw=mittechnologyreviewdfp991240917930&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=165964&na=683624545&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:14 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 17 Jun 2019 22:59:14 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 9ms
9ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=MITTECHREVIEWDFP1&hp=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&o=3&t=1560812354682&de=626328696493&m=0&ar=b3d80b92f2-clean&q=8&cb=0&ym=0&cu=1560812354682&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4451373307%3A2537960330%3A5054127574%3A138269138952&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&id=1&bo=32883227&bd=32886827&gw=mittechnologyreviewdfp991240917930&fd=1&ac=1&it=500&fs=165964&na=1571260609&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:14 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 17 Jun 2019 22:59:14 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 7ms
7ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F8985805443648418314&i=MITTECHREVIEWDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tW%2490vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DNCLmT%23%3CF%2B1S%2BapY%3C%5ECUo1vOJ%3D%3A9)NpU7efcH%3BH%3BB__PyDN(%2BWx*h~%3F03*%5B)%2C2iVSWfV%7D%2F%2FRA7R.eJKx%7Ci6sGm!ryh%7Cek)3.%5BqC%7Dq%5BDgh%2C%7BtNQS1%5EPmKmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&id=1&f=0&j=&o=3&t=1560812354682&de=626328696493&cu=1560812354682&m=52&ar=b3d80b92f2-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8196&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=0&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=20&cd=0&ah=20&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4451373307%3A2537960330%3A5054127574%3A138269138952&bo=32883227&bd=32886827&gw=mittechnologyreviewdfp991240917930&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=2%3A&tc=0&fs=165964&na=476935223&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:14 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 17 Jun 2019 22:59:14 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 9ms
8ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=MITTECHREVIEWDFP1&hp=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&o=3&t=1560812354741&de=10547770944&m=0&ar=b3d80b92f2-clean&q=11&cb=0&ym=0&cu=1560812354741&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4451373307%3A2537960330%3A5054018829%3A138270271322&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&id=1&bo=32883227&bd=21755558690&gw=mittechnologyreviewdfp991240917930&fd=1&ac=1&it=500&fs=165964&na=1645421039&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:14 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 17 Jun 2019 22:59:14 GMT

GET
H2 200 promo__the-download.png
cdn2.hubspot.net/hubfs/4518541/Technologyreview_August2018%20Theme/images/ 49 KB
50 KB 80ms
13ms Image
image/webp 2606:4700::6811:f2cc
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.hubspot.net/hubfs/4518541/Technologyreview_August2018%20Theme/images/promo__the-download.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9781f6b2c8fc26eb98fed17e44147c5b5b67bb87d5b57d8b5931571b5703789c

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 22:59:15 GMT
via: 1.1 1d0fc03b30809d10a25a905ba30d8170.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-6097954457,FD-6080722250,P-4518541,FLS-ALL
x-amz-cf-pop: FRA53
cf-polished: origFmt=png, origSize=82805
edge-cache-tag: F-6097954457,FD-6080722250,P-4518541,FLS-ALL
status: 200
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.setCacheTagHeaders 43
x-amz-request-id: 2BBB7E681FD088AC
x-amz-id-2: 3tLYk3X1zH6W6p0vIqRbjMsZjGiVGWxC628T4mmXtDBoYrq9bhr2DT0TLcxXD4gNnCPo+zW8Jeo=
accept-ranges: bytes
last-modified: Thu, 23 Aug 2018 04:51:07 GMT
server: cloudflare
etag: "cc6545963a161f63dbbf7972f9c470cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
content-disposition: inline; filename="promo__the-download.webp"
cache-control: s-maxage=1209600, max-age=1209600
x-amz-version-id: 1JfOXYUMCR5e49cHQjEGGsOOGtTsxYF6
content-length: 49808
cf-ray: 4e88a2041a6bd6fd-FRA
x-amz-cf-id: wCE8mw0szDGJ-qlFrwZJI91PJ7fq6PrdLHSrRvRMIeIaYT2tbvQjfg==
cf-bgj: imgq:85

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 8ms
7ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tW%2490vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DNCLmT%23%3CF%2B1S%2BapY%3C%5ECUo1vOJ%3D%3A9)NpU7efcH%3BH%3BB__PyDN(%2BWx*h~%3F03*%5B)%2C2iVSWfV%7D%2F%2FRA7R.eJKx%7Ci6sGm!ryh%7Cek)3.%5BqC%7Dq%5BDgh%2C%7BtNQS1%5EPmKmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&id=1&f=0&j=&o=3&t=1560812354513&de=218083618331&cu=1560812354513&m=1074&ar=b3d80b92f2-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8196&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1034&an=24&gi=1&gf=1034&gg=24&ix=1034&ic=1034&ez=1&ck=1034&kw=856&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1034&bx=24&ci=1034&jz=856&dj=1&aa=0&ad=908&cn=0&gk=908&gl=0&ik=908&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=856&cd=48&ah=856&am=48&rf=0&re=1&ft=908&fv=0&fw=908&wb=1&cl=0&at=0&d=4451373307%3A2537960330%3A5054127574%3A138269138952&bo=32883227&bd=32886827&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=165964&na=537416465&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:15 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 17 Jun 2019 22:59:15 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 9ms
8ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tW%2490vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DNCLmT%23%3CF%2B1S%2BapY%3C%5ECUo1vOJ%3D%3A9)NpU7efcH%3BH%3BB__PyDN(%2BWx*h~%3F03*%5B)%2C2iVSWfV%7D%2F%2FRA7R.eJKx%7Ci6sGm!ryh%7Cek)3.%5BqC%7Dq%5BDgh%2C%7BtNQS1%5EPmKmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&id=1&f=0&j=&o=3&t=1560812354513&de=218083618331&cu=1560812354513&m=1076&ar=b3d80b92f2-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8196&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1034&an=1034&gi=1&gf=1034&gg=1034&ix=1034&ic=1034&ez=1&ck=1034&kw=856&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1034&bx=1034&ci=1034&jz=856&dj=1&aa=0&ad=908&cn=908&gk=908&gl=908&ik=908&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=856&cd=856&ah=856&am=856&rf=0&re=1&ft=908&fv=908&fw=908&wb=1&cl=0&at=0&d=4451373307%3A2537960330%3A5054127574%3A138269138952&bo=32883227&bd=32886827&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=165964&na=1582804066&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:15 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 17 Jun 2019 22:59:15 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 12ms
7ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tW%2490vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DNCLmT%23%3CF%2B1S%2BapY%3C%5ECUo1vOJ%3D%3A9)NpU7efcH%3BH%3BB__PyDN(%2BWx*h~%3F03*%5B)%2C2iVSWfV%7D%2F%2FRA7R.eJKx%7Ci6sGm!ryh%7Cek)3.%5BqC%7Dq%5BDgh%2C%7BtNQS1%5EPmKmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&id=1&f=0&j=&o=3&t=1560812354513&de=218083618331&cu=1560812354513&m=1077&ar=b3d80b92f2-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8196&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1034&an=1034&gi=1&gf=1034&gg=1034&ix=1034&ic=1034&ez=1&ck=1034&kw=856&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1034&bx=1034&ci=1034&jz=856&dj=1&aa=0&ad=908&cn=908&gk=908&gl=908&ik=908&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=856&cd=856&ah=856&am=856&rf=0&re=1&ft=908&fv=908&fw=908&wb=1&cl=0&at=0&d=4451373307%3A2537960330%3A5054127574%3A138269138952&bo=32883227&bd=32886827&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=165964&na=1465503424&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:15 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 17 Jun 2019 22:59:15 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3E90 42 B
425 B 39ms
14ms Image
image/gif 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1pFRzjarxH6T--pKVxzysye_Laox2RFUnlyKAbNyWDLKmzcrPu7GGXMJbjqDO7KRwMHoilmIfLFuJ84yih6Gys3qOm0IKRdOh_CwTrXY&sig=Cg0ArKJSzE0l0DMEStXDEAE&adk=3115668371&tt=1252&bs=1585%2C1200&mtos=1038,1038,1038,1038,1038&tos=1038,0,0,0,0&p=20,428.5,110,1156.5&sbeos=1&hac=2&mcvt=1038&rs=3&ht=0&tfs=233&tls=1271&mc=1&lte=1&bas=0&bac=0&avms=nio&niot_obs=16&niot_cbk=155&md=2&avms_sel=14&first_poll=1271&rst=1560812354324&rpt=178&isd=0&msd=0&lm=2&phel=0&phell=0&oseid=3&xdi=0&ps=1585%2C8196&ss=1600%2C1200&pt=20&deb=1-5-5-11-13-21-71-11&tvt=1262&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=728x90&itpl=3&v=20190614

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jun 2019 22:59:15 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7F17 42 B
110 B 38ms
15ms Image
image/gif 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvN-a4fxxZNz4cBnshRsBmgnqGNDIVfRDdYevxq3wnUw1LHrv2VKh9AAopzh4nJDHpOqPatpO7eUgMx60HdVMdVjYakpg2IZgCLt5bYACA&sig=Cg0ArKJSzAwzjz8BWDn2EAE&adk=2351425115&tt=1252&bs=1585%2C1200&mtos=1038,1038,1038,1038,1038&tos=1038,0,0,0,0&p=834.015625,1128.5,1084.015625,1428.5&mcvt=1038&rs=3&ht=0&tfs=233&tls=1271&mc=1&lte=1&bas=0&bac=0&avms=nio&niot_obs=16&niot_cbk=155&md=2&avms_sel=14&first_poll=1271&rst=1560812354338&rpt=165&isd=0&msd=0&lm=2&phel=0&phell=0&oseid=3&xdi=0&ps=1585%2C8196&ss=1600%2C1200&pt=20&deb=1-5-5-11-13-21-71-11&tvt=1262&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=300x250&itpl=3&v=20190614

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jun 2019 22:59:15 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 9ms
7ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tW%2490vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DNCLmT%23%3CF%2B1S%2BapY%3C%5ECUo1vOJ%3D%3A9)NpU7efcH%3BH%3BB__PyDN(%2BWx*h~%3F03*%5B)%2C2iVSWfV%7D%2F%2FRA7R.eJKx%7Ci6sGm!ryh%7Cek)3.%5BqC%7Dq%5BDgh%2C%7BtNQS1%5EPmKmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&id=1&f=0&j=&o=3&t=1560812354513&de=218083618331&cu=1560812354513&m=1279&ar=b3d80b92f2-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8196&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1240&an=1034&gi=1&gf=1240&gg=1034&ix=1240&ic=1240&ez=1&ck=1034&kw=856&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1240&bx=1034&ci=1034&jz=856&dj=1&aa=1&ad=1114&cn=908&gn=1&gk=1114&gl=908&ik=1114&co=1114&cp=1058&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1058&cd=856&ah=1058&am=856&rf=0&re=1&ft=1114&fv=908&fw=908&wb=1&cl=0&at=0&d=4451373307%3A2537960330%3A5054127574%3A138269138952&bo=32883227&bd=32886827&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=165964&na=1258915931&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:15 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 17 Jun 2019 22:59:15 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 11ms
10ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tW%2490vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DNCLmT%23%3CF%2B1S%2BapY%3C%5ECUo1vOJ%3D%3A9)NpU7efcH%3BH%3BB__PyDN(%2BWx*h~%3F03*%5B)%2C2iVSWfV%7D%2F%2FRA7R.eJKx%7Ci6sGm!ryh%7Cek)3.%5BqC%7Dq%5BDgh%2C%7BtNQS1%5EPmKmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&id=1&f=0&j=&o=3&t=1560812354595&de=448869557439&cu=1560812354595&m=1211&ar=b3d80b92f2-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8196&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1189&an=17&gi=1&gf=1189&gg=17&ix=1189&ic=1189&ez=1&ck=1189&kw=1004&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1189&bx=17&ci=1189&jz=1004&dj=1&aa=1&ad=1089&cn=0&gn=1&gk=1089&gl=0&ik=1089&co=1089&cp=1004&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1004&cd=33&ah=1004&am=33&rf=0&re=1&ft=1089&fv=0&fw=1089&wb=1&cl=0&at=0&d=4451373307%3A2537960330%3A5062229960%3A138270556651&bo=32883227&bd=32883347&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=165964&na=301296050&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:15 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 17 Jun 2019 22:59:15 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 10ms
9ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tW%2490vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DNCLmT%23%3CF%2B1S%2BapY%3C%5ECUo1vOJ%3D%3A9)NpU7efcH%3BH%3BB__PyDN(%2BWx*h~%3F03*%5B)%2C2iVSWfV%7D%2F%2FRA7R.eJKx%7Ci6sGm!ryh%7Cek)3.%5BqC%7Dq%5BDgh%2C%7BtNQS1%5EPmKmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&id=1&f=0&j=&o=3&t=1560812354595&de=448869557439&cu=1560812354595&m=1213&ar=b3d80b92f2-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8196&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1189&an=1189&gi=1&gf=1189&gg=1189&ix=1189&ic=1189&ez=1&ck=1189&kw=1004&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1189&bx=1189&ci=1189&jz=1004&dj=1&aa=1&ad=1089&cn=1089&gn=1&gk=1089&gl=1089&ik=1089&co=1089&cp=1004&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1004&cd=1004&ah=1004&am=1004&rf=0&re=1&ft=1089&fv=1089&fw=1089&wb=1&cl=0&at=0&d=4451373307%3A2537960330%3A5062229960%3A138270556651&bo=32883227&bd=32883347&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=165964&na=1710061561&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:15 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 17 Jun 2019 22:59:15 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 11ms
10ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tW%2490vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DNCLmT%23%3CF%2B1S%2BapY%3C%5ECUo1vOJ%3D%3A9)NpU7efcH%3BH%3BB__PyDN(%2BWx*h~%3F03*%5B)%2C2iVSWfV%7D%2F%2FRA7R.eJKx%7Ci6sGm!ryh%7Cek)3.%5BqC%7Dq%5BDgh%2C%7BtNQS1%5EPmKmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&id=1&f=0&j=&o=3&t=1560812354595&de=448869557439&cu=1560812354595&m=1214&ar=b3d80b92f2-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8196&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1189&an=1189&gi=1&gf=1189&gg=1189&ix=1189&ic=1189&ez=1&ck=1189&kw=1004&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1189&bx=1189&ci=1189&jz=1004&dj=1&aa=1&ad=1089&cn=1089&gn=1&gk=1089&gl=1089&ik=1089&co=1089&cp=1004&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1004&cd=1004&ah=1004&am=1004&rf=0&re=1&ft=1089&fv=1089&fw=1089&wb=1&cl=0&at=0&d=4451373307%3A2537960330%3A5062229960%3A138270556651&bo=32883227&bd=32883347&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=165964&na=110604473&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:15 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 17 Jun 2019 22:59:15 GMT

GET
H/1.1 200
OK t Show response
edge.simplereach.com/ 103 B
263 B 101ms
100ms Script
application/javascript 2406:da00:ff00::36e1:cec6
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.simplereach.com/t?pid=5579ded9736b79d48fc40100&title=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&date=2019-03-05&authors=Martin%20Giles&channels=Computing&url=www.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&ignore_errors=false&referrer=&ref_url=&page_url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&cb=SPR.API.callbacks.cbvarvpg&v=2.18.7&cache_buster=1560812352609&t=5000&e=5000&s=0
Requested by: Host: d8rk54i4mohrb.cloudfront.net
URL: https://d8rk54i4mohrb.cloudfront.net/js/reach.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da00:ff00::36e1:cec6 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: 912c8b8dfaf588494d0e4c6d7150927fe6613595938ab84e5542b812a00dd77f

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:17 GMT
Server: nginx/1.8.0
Connection: keep-alive
Content-Length: 103
Content-Type: application/javascript

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 7ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tW%2490vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DNCLmT%23%3CF%2B1S%2BapY%3C%5ECUo1vOJ%3D%3A9)NpU7efcH%3BH%3BB__PyDN(%2BWx*h~%3F03*%5B)%2C2iVSWfV%7D%2F%2FRA7R.eJKx%7Ci6sGm!ryh%7Cek)3.%5BqC%7Dq%5BDgh%2C%7BtNQS1%5EPmKmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&id=1&f=0&j=&o=3&t=1560812354513&de=218083618331&cu=1560812354513&m=5104&ar=b3d80b92f2-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8196&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=5064&an=1240&gi=1&gf=5064&gg=1240&ix=5064&ic=5064&ez=1&ck=1034&kw=856&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5064&bx=1240&ci=1034&jz=856&dj=1&aa=1&ad=4938&cn=1114&gn=1&gk=4938&gl=1114&ik=4938&co=1114&cp=1058&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4887&cd=1058&ah=4887&am=1058&rf=0&re=1&ft=4838&fv=1114&fw=908&wb=2&cl=0&at=0&d=4451373307%3A2537960330%3A5054127574%3A138269138952&bo=32883227&bd=32886827&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=165964&na=212617505&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:19 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 17 Jun 2019 22:59:19 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 7ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tW%2490vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DNCLmT%23%3CF%2B1S%2BapY%3C%5ECUo1vOJ%3D%3A9)NpU7efcH%3BH%3BB__PyDN(%2BWx*h~%3F03*%5B)%2C2iVSWfV%7D%2F%2FRA7R.eJKx%7Ci6sGm!ryh%7Cek)3.%5BqC%7Dq%5BDgh%2C%7BtNQS1%5EPmKmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&id=1&f=0&j=&o=3&t=1560812354595&de=448869557439&cu=1560812354595&m=5034&ar=b3d80b92f2-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8196&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=5013&an=1189&gi=1&gf=5013&gg=1189&ix=5013&ic=5013&ez=1&ck=1189&kw=1004&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5013&bx=1189&ci=1189&jz=1004&dj=1&aa=1&ad=4913&cn=1089&gn=1&gk=4913&gl=1089&ik=4913&co=1089&cp=1004&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4828&cd=1004&ah=4828&am=1004&rf=0&re=1&ft=4913&fv=1089&fw=1089&wb=2&cl=0&at=0&d=4451373307%3A2537960330%3A5062229960%3A138270556651&bo=32883227&bd=32883347&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=165964&na=1324282299&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:19 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 17 Jun 2019 22:59:19 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 10ms
9ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tW%2490vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DNCLmT%23%3CF%2B1S%2BapY%3C%5ECUo1vOJ%3D%3A9)NpU7efcH%3BH%3BB__PyDN(%2BWx*h~%3F03*%5B)%2C2iVSWfV%7D%2F%2FRA7R.eJKx%7Ci6sGm!ryh%7Cek)3.%5BqC%7Dq%5BDgh%2C%7BtNQS1%5EPmKmPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&id=1&f=0&j=&o=3&t=1560812354682&de=626328696493&cu=1560812354682&m=5240&ar=b3d80b92f2-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8196&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5030&cd=20&ah=5030&am=20&rf=0&re=1&wb=1&cl=0&at=0&d=4451373307%3A2537960330%3A5054127574%3A138269138952&bo=32883227&bd=32886827&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=2%3A&tc=0&fs=165964&na=1987399851&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 22:59:19 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 17 Jun 2019 22:59:19 GMT

GET
H/1.1 200
OK /
srv-2019-06-17-22.pixel.parsely.com/plogger/ 43 B
229 B 94ms
93ms Image
image/gif 3.216.32.87
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-2019-06-17-22.pixel.parsely.com/plogger/?rand=1560812363670&plid=21136581&idsite=technologyreview.com&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely_uuid%22%3A%228a4ef6f2-8a85-4b58-be70-0d1607e5da03%22%2C%22parsely_site_uuid%22%3A%22a84b68ca-579c-4b53-b2d0-c3f75928e17c%22%7D&sid=1&surl=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&sref=&sts=1560812363669&slts=0&date=Mon+Jun+17+2019+22%3A59%3A23+GMT%2B0000+(Coordinated+Universal+Time)&action=heartbeat&inc=5&tt=4900&pvid=62154639&u=a84b68ca-579c-4b53-b2d0-c3f75928e17c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.32.87 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-216-32-87.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 22:59:23 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.simplereach.com/	1970-01-19 01:33:34	Name: __srss Value: 861f635a-9153-11e9-ae0c-22000a33893d
.simplereach.com/	1970-01-19 10:20:34	Name: __srui Value: 861f6366-9153-11e9-ae0c-22000a33893d
.technologyreview.com/	1970-01-19 01:33:34	Name: __hssc Value: 12316075.1.1560812353906
.technologyreview.com/	1970-01-19 10:55:08	Name: hubspotutk Value: fc5dc1a4b2652e311275391bd46021d8
.technologyreview.com/	1970-01-19 10:55:08	Name: __hstc Value: 12316075.fc5dc1a4b2652e311275391bd46021d8.1560812353906.1560812353906.1560812353906.1
www.technologyreview.com/	1969-12-31 23:59:59	Name: BCRevision_1560812353901 Value: %7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22visitedsites%22%3A%5B%22www.technologyreview.com%22%5D%2C%22_hl_visit_time%22%3A%5B%22%7B%5C%22TIME%5C%22%3A1560812353877%2C%5C%22data%5C%22%3A%5B%7B%5C%22n%5C%22%3A%5C%2210%20PM%20-%2011%20PM%5C%22%2C%5C%22p%5C%22%3A1%2C%5C%22d%5C%22%3A654%7D%5D%7D%22%5D%2C%22_preferred_main_category%22%3A%5B%22%7B%5C%22TIME%5C%22%3A1560812353893%2C%5C%22s%5C%22%3A%7B%5C%22p2724%5C%22%3A1%7D%7D%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22visitedsites%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1560812353901%22%7D
.technologyreview.com/	1970-01-19 10:58:01	Name: __qca Value: P0-1919434112-1560812352740
.technologyreview.com/	1970-01-19 01:33:34	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/?utm_medium=tr_social&utm_campaign=site_visitor.unpaid.engagement&utm_source=facebook%22%2C%22sref%22:%22%22%2C%22sts%22:1560812353167%2C%22slts%22:0}
edge.simplereach.com/	1970-01-19 10:20:34	Name: __srui Value: 861f6366-9153-11e9-ae0c-22000a33893d
.technologyreview.com/	1970-01-19 10:19:08	Name: __cfduid Value: da81df3f9f18b090b2289cbeb3a7834131560812352
.www.technologyreview.com/	1970-01-19 10:19:08	Name: OptanonConsent Value: landingPath=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F%3Futm_medium%3Dtr_social%26utm_campaign%3Dsite_visitor.unpaid.engagement%26utm_source%3Dfacebook&datestamp=Mon+Jun+17+2019+22%3A59%3A13+GMT%2B0000+(Coordinated+Universal+Time)&version=4.8.0&EU=true&groups=112%3A1%2C1%3A1%2C105%3A1%2C106%3A1%2C116%3A1%2C2%3A1%2C118%3A1%2C3%3A1%2C107%3A1%2C104%3A1%2C108%3A1%2C4%3A1%2C126%3A1%2C109%3A1%2C110%3A1%2C129%3A1%2C111%3A1%2C113%3A1%2C114%3A1%2C115%3A1%2C117%3A1%2C119%3A1%2C120%3A1%2C121%3A1%2C122%3A1%2C123%3A1%2C124%3A1%2C125%3A1%2C127%3A1%2C128%3A1%2C130%3A1%2C101%3A1%2C102%3A1%2C131%3A1%2C103%3A1%2C0_100147%3A1%2C0_121150%3A1%2C0_121119%3A1
.technologyreview.com/	1970-01-19 01:33:32	Name: _gat_UA-7747898-26 Value: 1
.technologyreview.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
www.technologyreview.com/	1970-01-19 10:19:08	Name: BCSessionID Value: d200a5c4-668a-4223-803d-982a95b35a69
.technologyreview.com/	1970-01-19 03:43:08	Name: _gcl_au Value: 1.1.857858625.1560812352
.technologyreview.com/	1970-01-19 11:02:56	Name: _parsely_visitor Value: {%22id%22:%22a84b68ca-579c-4b53-b2d0-c3f75928e17c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1560812353167}
www.technologyreview.com/	1970-01-27 11:03:50	Name: __srui Value: 861f6366-9153-11e9-ae0c-22000a33893d
.technologyreview.com/	1970-01-19 01:33:32	Name: _dc_gtm_UA-7747898-26 Value: 1
.technologyreview.com/	1970-01-19 01:34:58	Name: _gid Value: GA1.2.916846743.1560812353
.technologyreview.com/	1970-01-19 19:04:44	Name: _ga Value: GA1.2.334881020.1560812353
.technologyreview.com/	1970-01-19 03:43:08	Name: _fbp Value: fb.1.1560812352705.330175303
edge.simplereach.com/	1970-01-19 01:33:34	Name: __srss Value: 861f635a-9153-11e9-ae0c-22000a33893d
www.technologyreview.com/	1970-01-22 17:09:32	Name: _ccmaid Value: 5978151479298404334
www.technologyreview.com/	1970-01-27 11:03:50	Name: __srret Value: 1
www.technologyreview.com/	1970-01-22 17:09:32	Name: _ccmsi Value: 1560812352591_ssv25nlch\|1560812352591

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.technologyreview.com/_next/static/cg03eFKNXW9nNSr_DkV4K/pages/story.js(Line 1) Message: METER HIT: NEW ARTICLE
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 25) Message: [Facebook Pixel] - Duplicate Pixel ID: 302431540264875.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019061301.js(Line 1) Message: updateCorrelator has been deprecated. Please see the Google Ad Manager help page on "Pageviews in GPT" for more information: https://support.google.com/admanager/answer/183281?hl=en
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019061301.js(Line 1) Message: updateCorrelator has been deprecated. Please see the Google Ad Manager help page on "Pageviews in GPT" for more information: https://support.google.com/admanager/answer/183281?hl=en
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019061301.js(Line 1) Message: updateCorrelator has been deprecated. Please see the Google Ad Manager help page on "Pageviews in GPT" for more information: https://support.google.com/admanager/answer/183281?hl=en
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019061301.js(Line 1) Message: updateCorrelator has been deprecated. Please see the Google Ad Manager help page on "Pageviews in GPT" for more information: https://support.google.com/admanager/answer/183281?hl=en
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019061301.js(Line 1) Message: updateCorrelator has been deprecated. Please see the Google Ad Manager help page on "Pageviews in GPT" for more information: https://support.google.com/admanager/answer/183281?hl=en

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.quora.com
adservice.google.com
adservice.google.de
alb.reddit.com
analytics.twitter.com
api-34-211-241-234.b2c.com
api.b2c.com
api.hubapi.com
bat.bing.com
cdn.blueconic.net
cdn.cookielaw.org
cdn.technologyreview.com
cdn2.hubspot.net
cdnjs.cloudflare.com
connect.facebook.net
d1z2jf7jlzjs58.cloudfront.net
d8rk54i4mohrb.cloudfront.net
edge.simplereach.com
forms.hubspot.com
geolocation.onetrust.com
idsync.rlcdn.com
js.hs-analytics.net
js.hs-scripts.com
js.hsadspixel.net
js.hsleadflows.net
ml314.com
pagead2.googlesyndication.com
pixel.mathtag.com
pixel.quantserve.com
ps.eyeota.net
px.ads.linkedin.com
px.moatads.com
q.quora.com
rules.quantcount.com
s3.amazonaws.com
sb.scorecardresearch.com
script.hotjar.com
secure.quantserve.com
securepubads.g.doubleclick.net
sjs.bizographics.com
srv-2019-06-17-22.config.parsely.com
srv-2019-06-17-22.pixel.parsely.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
sync.crwdcntrl.net
t.co
tags.bluekai.com
technologyreview.blueconic.net
tpc.googlesyndication.com
track.hubspot.com
trib.al
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.redditstatic.com
www.technologyreview.com
z.moatads.com
tpc.googlesyndication.com
104.111.241.32
104.244.42.195
104.244.42.197
143.204.208.18
143.204.214.33
147.75.205.43
147.75.81.98
147.75.83.19
151.101.1.140
151.101.1.2
151.101.36.157
152.195.132.202
172.217.22.66
18.185.83.216
2.18.235.40
2.19.43.224
2406:da00:ff00::36e1:cec6
2600:1f14:e96:5800:2ac1:df32:cad0:ed7e
2600:1f14:e96:5800:5571:ae82:1dfd:9bde
2600:9000:200c:9a00:6:44e3:f8c0:93a1
2600:9000:200c:fc00:1f:573d:79c0:21
2606:4700:10::6814:1bee
2606:4700:10::6814:b844
2606:4700::6810:fb05
2606:4700::6810:fd05
2606:4700::6811:43b0
2606:4700::6811:74b0
2606:4700::6811:cccc
2606:4700::6811:d6cc
2606:4700::6811:e6cc
2606:4700::6811:f2cc
2606:4700::6813:c497
2620:1ec:c11::200
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:819::2002
2a00:1450:4001:81a::200e
2a00:1450:4001:81b::2001
2a00:1450:4001:81b::2002
2a00:1450:4001:81f::2008
2a00:1450:4001:820::2003
2a00:1450:400c:c08::9d
2a02:26f0:6c00:293::3adf
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
2a05:f500:11:101::b93f:9005
3.216.32.87
34.206.36.121
34.211.241.234
34.231.31.77
34.252.62.73
34.95.92.78
35.175.26.81
52.206.73.13
52.210.188.213
52.216.228.11
52.72.61.95
54.152.84.119
91.228.74.172
91.228.74.192
92.122.252.239
00456d627a113bb9466e3d5f48bdeb79415281ad07762afc851301b09a61ee38
02db9bd610431880577c759cb9cca168c71f01f33595c0826233846d1ed973d4
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
09559fc5a6fc5e8f46ca54a5ddb76385be771e03b2c836e5f691b5f5f3b2e784
09b584bdafcf16365c39b0d734ab0f2645419f8dcf039c7d73ffd054435c518e
09eb9d37c75a12b307f3b00a7773cf46855eaf9c1c1c7f04b9d777c50609f4ac
0f039302c882a880897227d93df75dfec50cd443941b64b590efca95189a9e1e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12242d7483400ffe3e68c1ee70edcbc0fc52d63579ca65ec594321d30bd53a13
12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4
134d9689dd766fbea01b7b16563704e655883a93b76f55a6acf999f67510f8b5
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1772bb9221cb908badb4c99fa3eab2f23b638e14f72125673fe8394681bf4d32
1f9b52dae567a3b84da5f9354cf6c5d27ed1b104f4d29a07be1a4cd0ee2d0987
238a34c16b3b9e29ee7e72631c068731759aac0bb22c48c292f744f600019995
2bf96ddd3980547587d2dbb32c14e3892b59c5fc8b13b7e8dd14c0f71cf99628
2d60d068778b4af2913f52dcd1f8fcd110295e51bedf959b2aa4e37ed290f150
30980ca8ed30305e9a77ab58d8540da7cae17480c8ee3f5a509d724d4aa7000a
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
3474b1d4feac155e23e276beda5f5b41457a785217b8d7a9c6c84454ffa62483
3b92db08ee9bee1a2fc7be43cf10bca735a09c4350c2c6bb61da3402a700c89e
3edcd422135672056c1158850e950b65950b1776a34b32c350901f303b470adf
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
42773641b5ac446d198397e2bb9a1d00c0bd6353f52695e74e20ee624e3f0de7
442a63a4947b79848b8c57fe659148646d132e2939fb6ba7af944002a0ff6a43
5190a323f0feab6299b7c9784758f21be88ceea6585f7fba02377bb128cead83
53947745ef8bde129bdbdcb24ff294ce4d1eacf3ffd6014d97cf961f70ee56bc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55799015bf957663b021810b7cbb4917348b9e2173a8e868f0bfb3c7c61609bc
60341d50dfe7db7406dec0b23cac26dbacc996bd8af02f54d1517aabb0a0821f
623bbd6e9fc0d231a07dbde18fe91c2f1eccb1aaa13c0a2ca2be0bbb963408bb
6490a25d62798071f40cb1c72bf6db2ffd03c6572a7653615e0d5bd3c683abef
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
69041da1f1d48c4b2c868639134bf865c819d8f551285ca5573462102de7eb56
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6ccdd6a4fb592bc2642edd77080e8377dfddefdaa19e7b98b27234d6c4daa4a0
6e3e0c14cd2f2f6c9e3f7f49ca91e0285b0f748c29e82380e2ac77750f613958
725913eab3460e2955a8ac4ec176f902c7d8d2db60757248b735cbf8698b0749
72f43d97a6b80bc91e467b99ee9b255dd767dd19ef7bb59ac8fca3ed04363b16
762e5fd7df3e5f35b2b9cf5c5cc01b0e67420fb73a4a9be8eb236184bf6ad763
7986600927ecffdfb2bae75d7b87c2b49b1262d31120ad4152e1ef8f886a43af
80bd11a9d1e2374cb716b5a79bf1ef16d447453bdf72bb6fd3529c3fd69a8545
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
863c53621a17262fdbf712221c2adbb48ec9a3a1e41d177a5336bc3473167f3c
8bb847706f6ab24d9590d3b1dbfc287ac1d9b3ad4b1da10d1ab3e3fad070111b
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
912c8b8dfaf588494d0e4c6d7150927fe6613595938ab84e5542b812a00dd77f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
950df35f0503bd1b62f69c3790490eb4dbd67c6132087f5b4c1571d26bdd1812
95988cd724c335017a45083d6113304f8ff09502a3aa961b804f8ae03f4c3ada
95ff5b5bbf850b61f62c28ec91d4591526730688a3e571cfa585cb9471a3bee3
9781f6b2c8fc26eb98fed17e44147c5b5b67bb87d5b57d8b5931571b5703789c
9b1405c9563fd03332c72696704797277c7b041a19e483bfef7ca613626a4c3a
9c318f7e927701be1a5cb370e210b91c26df66249b47ed0d331c9550452221d8
9e3cb1b27fa3948eecefc3e5558b50a3fea2d62d0ff970d014202c933744c869
9e63b88a62fbe310454e043b25ea5568964d4231d36f6ae6afc1fee611ae2ec9
a08845e2eddff2da6f2b64ec9a9dd91767a9311dc0dc971c8011fb9831623a2d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a9a2cdd94b8e35dd7a5007ca5d185fdc5ec02dbfd0a5a49d76ccbf83bcb63d86
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b234e48df29f3f155d00011679004042fe11895f8c3210e755d5a3d9b9d1449b
b33c1c5a81ceb1fcb6ab33a5e13b5dbf3df3804644be7ec0bbfaeffdcfb4fe66
b4cfc289e42797b8e9f3fa94e9cea5f2f39e1221a47c5e7bcf1a304e8c9f3fa8
b7cea39904c6d5b56f46207aa6c093a0b7138779ca3e7db9110d4486fc60dd2a
bc0386e682d1c9a12b7db5b6e152cbb8d1d956d0640524018da0ce1b1459e8d4
bc8f028bc9cf52473a5950065ffbfec78b928fa5d01feeb85f57bd685442b854
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
c05a7aac89e9ee1220e94813f2f78d025d1627797ae178efd8f20a9cfa963b0b
c6562b49285e2ec9b21e805dd9bcf6d3f64903f0820471e10e2667711ff45ed9
c6b1ce31b40530fda2b686385f1ded3ce2012d696d9752e2a990598245fb960f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cab9300f0ecfc026cc2e558aaea117dc5b536c0728deb27e763b27659a093118
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc0fb030c97a44892f093a0d41e6ba1b3e2f6a240ac0b2ac0b5ff86e217944d
d2785198a229799c363f0d50c9034a09a0557493edb93f09f8161d934f2bbaae
d507737c7c9d3696154a355417c8250317256bfda9c75d716e2efd5e205f0761
d51d6ea76d390236cad248689efe6e0a8e1b282c2479ef1ffc0690cee84e2010
d75a1f31644f5b9d338d2afe2c41f449e90d226856d96cd39f5a8c9fe82e3f58
db174aeeae15ccfbddbc6b04facc8dfcbdfc74d230f3768d75c37fb517254f9e
db5fd7a156574cf16149d26d68910770bd839b5f9aae6e6a3c93df836d0d9f8b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd723f5329d3522cd5da7f69588cf84e297e23d03e3d05c55216f70706c31ab2
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e22013e95759c585e8610a1e1f73ee8c7dd68c1d6cbf76e0378b62dbb0730f37
e2c8b1283f6a7b754bf9f5bd9ac7244c2ae87138caeecf2a27fe87cb9fd32786
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb0871f0dedc8f3a331f00a61144114c6a979deb9e5a5dcfbabc80755d7ffbb8
eb4dfca649e59a9cefb91ffe46b878bf59d0c8d1a442a99d428ad696aa8daa5d
ebfe1a3410e3024a6c8c69d6473f1078f6b10e9c882c302854bacd57e4f3f4ab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f62b6ecd6fff0ac17f3072d233c49866316a0c42a45a186d4e154ecb46db1899
f7129edbeec1d4e6b45c391d9b09e1db07ef21e36daffcad9409a8c2469a8240
f917d6132ac65ec70a5b070623b42891243ff740d6e325f5c01a68570db6c9e6

www.technologyreview.com Open in urlscan Pro 34.206.36.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

151 Requests

99 %HTTPS

50 %IPv6

47 Domains

63 Subdomains

55 IPs

7 Countries

2338 kBTransfer

7282 kBSize

25 Cookies

57 Outgoing links

Page URL History

Redirected requests

151 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.technologyreview.com Open in urlscan Pro
34.206.36.121 Public Scan

Screenshot
Live screenshot

Full Image

151
Requests

99 %
HTTPS

50 %
IPv6

47
Domains

63
Subdomains

55
IPs

7
Countries

2338 kB
Transfer

7282 kB
Size

25
Cookies

151 HTTP transactions
5 data transactions