blog.comae.io Open in urlscan Pro
52.6.3.192 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
Effective URL:
https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
Submission: On June 29 via manual (June 29th 2017, 4:40:05 pm UTC) from US

Summary HTTP 51 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 7 domains to perform 51 HTTP transactions. The main IP is 52.6.3.192, located in Ashburn, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is blog.comae.io.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on August 2nd 2016. Valid for: a year.

This is the only time blog.comae.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	52.6.3.192 52.6.3.192	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
13	2400:cb00:204... 2400:cb00:2048:1::6810:7991	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
2	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE - Google Inc.)
5	104.16.89.50 104.16.89.50	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
5	2400:cb00:204... 2400:cb00:2048:1::6810:7591	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
5	2400:cb00:204... 2400:cb00:2048:1::6810:797f	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
5	2400:cb00:204... 2400:cb00:2048:1::6810:787f	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
4	104.244.43.204 104.244.43.204	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	2606:2800:234... 2606:2800:234:1a46:1c04:1676:610:129d	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
4	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
51	12

4 52.6.3.192 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-6-3-192.compute-1.amazonaws.com

blog.comae.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2400:cb00:2048:1::6810:7991 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

cdn-static-1.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-images-1.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.89.50 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

i.embed.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2400:cb00:2048:1::6810:7591 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

cdn-images-1.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2400:cb00:2048:1::6810:797f (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2400:cb00:2048:1::6810:787f (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.244.43.204 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:1a46:1c04:1676:610:129d (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	medium.com cdn-static-1.medium.com cdn-images-1.medium.com medium.com	2 MB
5	twimg.com cdn.syndication.twimg.com pbs.twimg.com ton.twimg.com	71 KB
5	twitter.com platform.twitter.com syndication.twitter.com	50 KB
5	embed.ly i.embed.ly	8 KB
4	comae.io blog.comae.io	30 KB
2	google-analytics.com www.google-analytics.com	12 KB
0	lightstep.com Failed collector-medium.lightstep.com Failed
51	7

	Domain	Requested by
13	cdn-images-1.medium.com	blog.comae.io
10	medium.com	cdn-static-1.medium.com blog.comae.io
5	i.embed.ly	blog.comae.io
5	cdn-static-1.medium.com	blog.comae.io cdn-static-1.medium.com
4	platform.twitter.com	blog.comae.io platform.twitter.com
4	blog.comae.io	blog.comae.io cdn-static-1.medium.com
2	ton.twimg.com	platform.twitter.com
2	pbs.twimg.com	blog.comae.io
2	www.google-analytics.com	blog.comae.io
1	cdn.syndication.twimg.com	platform.twitter.com
1	syndication.twitter.com	blog.comae.io
0	collector-medium.lightstep.com Failed	cdn-static-1.medium.com
51	12

This site contains links to these domains. Also see Links.

Domain
twitter.com
medium.com
www.comae.io
www.google.com
securelist.com
connect.ed-diamond.com
blog.malwarebytes.com
blog.checkpoint.com
blogs.technet.microsoft.com
www.virustotal.com
gist.github.com
www.wired.com
www.washingtonpost.com
www.brighttalk.com
noteworthy.medium.com

Subject Issuer	Validity	Valid
blog.comae.io COMODO RSA Domain Validation Secure Server CA	`2016-08-02` - `2017-08-02`	a year	crt.sh
*.medium.com DigiCert SHA2 Secure Server CA	`2015-05-21` - `2018-08-18`	3 years	crt.sh
*.google-analytics.com Google Internet Authority G2	`2017-06-21` - `2017-09-13`	3 months	crt.sh
*.embed.ly RapidSSL SHA256 CA - G3	`2015-08-30` - `2018-10-31`	3 years	crt.sh
medium.com DigiCert SHA2 Extended Validation Server CA	`2017-06-01` - `2019-08-30`	2 years	crt.sh
platform.twitter.com DigiCert SHA2 High Assurance Server CA	`2017-04-04` - `2018-05-25`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2015-07-30` - `2018-08-03`	3 years	crt.sh
*.twvid.com DigiCert SHA2 High Assurance Server CA	`2016-08-04` - `2019-10-02`	3 years	crt.sh
*.twimg.com DigiCert SHA2 Secure Server CA	`2016-11-28` - `2017-12-06`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
Frame ID: 5670.1
Requests: 45 HTTP requests in this frame

Frame: https://blog.comae.io/media/37881a5965a1577ba617259538966d50?postId=9ea1d8961d3b
Frame ID: 5670.7
Requests: 7 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/879757772300050433/7VxOxsQy?format=jpg&name=600x314
Frame ID: 5670.12
Requests: 10 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 5670.20
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

51
Requests

96 %
HTTPS

64 %
IPv6

7
Domains

12
Subdomains

12
IPs

2
Countries

2673 kB
Transfer

4906 kB
Size

10
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/comaeio

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?redirect=https%3A%2F%2Fblog.comae.io%2Fpetya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
Title: Sign in / Sign up

Search URL Search Domain Scan URL

URL: https://www.comae.io/about.html
Title: About

Search URL Search Domain Scan URL

URL: https://www.google.com/search?q=shamoon+wiper&oq=shamoon+wiper&aqs=chrome.0.69i59j69i60l3j69i59j69i60.1358j0j7&sourceid=chrome&ie=UTF-8
Title: wiper

Search URL Search Domain Scan URL

URL: https://securelist.com/expetrpetyanotpetya-is-a-wiper-not-ransomware/78902/
Title: similar conclusion

Search URL Search Domain Scan URL

URL: https://twitter.com/msuiche/status/880041005638180864
Title: Today, we spent more time to understand

Search URL Search Domain Scan URL

URL: http://connect.ed-diamond.com/MISC/MISC-086/Pleased-to-meet-you-my-name-is-Petya
Title: French

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/threat-analysis/2016/04/petya-ransomware/
Title: 1

Search URL Search Domain Scan URL

URL: http://blog.checkpoint.com/2016/04/11/decrypting-the-petya-ransomware/
Title: 2

Search URL Search Domain Scan URL

URL: https://blogs.technet.microsoft.com/mmpc/2017/06/27/new-ransomware-old-techniques-petya-adds-worm-capabilities/
Title: a very descriptive analys

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/en/file/542a38bf52afa6a4a008089a6fbf22c9d68ef5d6c634dd2c0773d859a8ae2bbf/analysis/
Title: 542a38bf52afa6a4a008089a6fbf22c9d68ef5d6c634dd2c0773d859a8ae2bbf

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/en/file/027cc450ef5f8c5f653329641ec1fed91f694e0d229928963b30f6b0d7d3a745/analysis/
Title: 027cc450ef5f8c5f653329641ec1fed91f694e0d229928963b30f6b0d7d3a745

Search URL Search Domain Scan URL

URL: https://gist.github.com/msuiche/cf268fddd16aaa3f67cacc5838d60c1e#file-wipemeornot-c-L102
Title: hash command

Search URL Search Domain Scan URL

URL: https://gist.github.com/msuiche/cf268fddd16aaa3f67cacc5838d60c1e
Title: The hash command generation

Search URL Search Domain Scan URL

URL: https://www.wired.com/story/russian-hackers-attack-ukraine/
Title: Power Grids being shut down

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/news/democracy-post/wp/2017/06/27/a-killing-in-kiev-shows-how-the-west-continues-to-fail-ukraine/?utm_term=.e23f570226d5
Title: the car a top military intelligence officer

Search URL Search Domain Scan URL

URL: https://www.brighttalk.com/webcast/15591/268285?utm_source=Kaspersky+Lab&utm_medium=brighttalk&utm_campaign=268285
Title: come join Kaspersky & Comae tomorrow Thursday 29 @ 10AM EST for a technical webinar on Petya

Search URL Search Domain Scan URL

URL: http://twitter.com/comaeio
Title: @comaeio

Search URL Search Domain Scan URL

URL: http://twitter.com/CloudVolumes
Title: @CloudVolumes

Search URL Search Domain Scan URL

URL: http://twitter.com/VMWare
Title: @VMWare

Search URL Search Domain Scan URL

URL: https://noteworthy.medium.com/baratunde-thurston-e60e99d2966?source=promo-lo_81fa09f1619b--13-----readnext_noteworthybaratunde_062817

Search URL Search Domain Scan URL

URL: https://medium.com/@Medium/personalize-your-medium-experience-with-users-publications-tags-26a41ab1ee0c#.hx4zuv3mg
Title: Learn more

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 56

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

51 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
S

200

Primary Request petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b Show response
blog.comae.io/
Redirect Chain

https://medium.com/m/global-identity?redirectUrl=https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

141 KB
29 KB

724ms
724ms

Document
text/html

52.6.3.192
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.6.3.192 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-6-3-192.compute-1.amazonaws.com

Software

nginx / Medium

Resource Hash

05b5efc7a3ac6b1860f3372be2861ca8becdd398e90a486fd53e1e783ada5714

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://getpocket.com https://blog.comae.io https://.blog.comae.io https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://.lightstep.com https://app.zencoder.com 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Medium
x-obvious-info: 29607-c58c23b,c58c23b
status: 200
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
pragma: no-cache
x-obvious-tid: 1498754393037:1814fcb2e13
server: nginx
tk: T
x-frame-options: sameorigin
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://getpocket.com https://blog.comae.io https://*.blog.comae.io https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://app.zencoder.com 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
link: <https://medium.com/humans.txt>; rel="humans"
expires: Thu, 09 Sep 1999 09:09:09 GMT

Redirect headers

date: Thu, 29 Jun 2017 16:39:52 GMT
x-content-type-options: nosniff
x-powered-by: Medium
x-obvious-info: 29607-c58c23b,c58c23b
status: 302
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
pragma: no-cache
x-obvious-tid: 1498754392748:7f7e3da32984
server: cloudflare-nginx
x-frame-options: sameorigin
tk: T
strict-transport-security: max-age=15552000; includeSubDomains; preload
location: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://getpocket.com https://medium.com:443 https://*.medium.com:443 https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://app.zencoder.com 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
cf-ray: 376a530a5b64235a-FRA
link: <https://medium.com/humans.txt>; rel="humans"
expires: Thu, 09 Sep 1999 09:09:09 GMT

GET
S 200 fonts-latin-base.141WxxXgxGxNcfeza73H7Q.css
cdn-static-1.medium.com/_/fp/css/ 155 KB
114 KB 14ms
13ms Stylesheet
text/css 2400:cb00:2048:1::6810:7991
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-static-1.medium.com/_/fp/css/fonts-latin-base.141WxxXgxGxNcfeza73H7Q.css

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:7991 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

b17bbe57baf1d370070427f9b403adade56d49685972f1fe13ecdf510e3581ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: 5AD879E985E5EE3C
status: 200
vary: Accept-Encoding
content-length: 116712
x-amz-id-2: FBe8KrRNpNMTOpudoqONvFILgcJobG1zetiCbEejWm9DGYWTPDXIrdyEPeaGhc3NDHqEq57dOgg=
last-modified: Tue, 20 Dec 2016 23:29:53 GMT
server: cloudflare-nginx
etag: "217dc158bb43f23021a2069f827013e3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 376a530ffa126373-FRA
expires: Fri, 29 Jun 2018 16:39:53 GMT

GET
S 200 main-base.O1y6CwjeRbkdCPLPj0GrxQ.css
cdn-static-1.medium.com/_/fp/css/ 287 KB
46 KB 19ms
18ms Stylesheet
text/css 2400:cb00:2048:1::6810:7991
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-static-1.medium.com/_/fp/css/main-base.O1y6CwjeRbkdCPLPj0GrxQ.css

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:7991 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

36eff65a35a409d20762cb8a77ddc6a8502d7269b699c040f6ea651e5740cbb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: F91904D932468EB7
status: 200
vary: Accept-Encoding
content-length: 47542
x-amz-id-2: Jzs33ldhYLPFFps/TdPE/EFL8AVGhDz29l3YKKVY9fXfTEtACOeIb0V/5h+HJUx71rAZZKejyfI=
last-modified: Wed, 28 Jun 2017 19:09:50 GMT
server: cloudflare-nginx
etag: "e3751c32aa2c81fe5c8ac3ff77b6571b"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 376a530ffa136373-FRA
expires: Fri, 29 Jun 2018 16:39:53 GMT

GET
S 200 analytics.js Show response
www.google-analytics.com/ 29 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81b::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

765010cbfccaf06cb5b9166023a22b655a10b37075c91e276a5550c5ecd855ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Jun 2017 00:25:39 GMT
server: Golfe2
age: 1363
date: Thu, 29 Jun 2017 16:17:10 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 12343
expires: Thu, 29 Jun 2017 18:17:10 GMT

GET
S 200 1*5A5IZd3sy39eMxZvpTwETA.png
cdn-images-1.medium.com/letterbox/600/72/50/50/ 7 KB
7 KB 128ms
127ms Image
image/png 2400:cb00:2048:1::6810:7991
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/letterbox/600/72/50/50/1*5A5IZd3sy39eMxZvpTwETA.png?source=logoAvatar-lo_81fa09f1619b---a0f5d7eac75e

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:7991 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Geomyidae artificij

Resource Hash

819d3f4d628236fd1951ae91141dfa3ba2d177eac54e10e103293826273dcf2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 2926-f18d8a7
status: 200
vary: Accept-Encoding
content-length: 7292
pragma: public
server: cloudflare-nginx
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 376a53102a2c6373-FRA
expires: Sat, 29 Jul 2017 16:39:53 GMT

GET
S 200 1*n28WCQjaxWBRGTyyP_L1KQ.jpeg
cdn-images-1.medium.com/fit/c/120/120/ 6 KB
6 KB 11ms
10ms Image
image/jpeg 2400:cb00:2048:1::6810:7991
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/fit/c/120/120/1*n28WCQjaxWBRGTyyP_L1KQ.jpeg

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:7991 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Geomyidae artificij

Resource Hash

34f986942a371419006628d9ba4d949d3600b876849e85dc832d6511ac2e2254

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 2866-f18d8a7
status: 200
vary: Accept-Encoding
content-length: 6567
pragma: public
server: cloudflare-nginx
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 376a53103a366373-FRA
expires: Sat, 29 Jul 2017 16:39:53 GMT

GET
H/1.1 200
OK resize
i.embed.ly/1/display/ 2 KB
2 KB 341ms
10ms Image
image/jpeg 104.16.89.50
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.embed.ly/1/display/resize?url=https%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F781819734459293696%2FGjY6aPRY_400x400.jpg&key=a19fcc184b9711e1b4764040d3dc5c07&width=40
Requested by: Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.50 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: be89266a932aa5f1570205d57ade831b29a95742a334ac3425b953b16e845626

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
Origin: https://blog.comae.io

Response headers

Date: Thu, 29 Jun 2017 16:39:53 GMT
CF-Cache-Status: HIT
Last-Modified: Fri, 30 Sep 2016 11:33:24 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range,content-length,accept-ranges
Cache-Control: public, max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: *
CF-RAY: 376a53124a16267e-FRA
Access-Control-Allow-Headers: range
Expires: Fri, 30 Jun 2017 04:39:53 GMT

GET
S 200 1*CCCk0WWXp0PHRWDAQwGDTQ.png
cdn-images-1.medium.com/freeze/max/60/ 1 KB
1 KB 1517ms
1497ms Image
image/png 2400:cb00:2048:1::6810:7591
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/freeze/max/60/1*CCCk0WWXp0PHRWDAQwGDTQ.png?q=20

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:7591 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Geomyidae artificij

Resource Hash

7cd5089ae9fa5423b40797cdc859d50d0bc0cb158e203ba7c4d247d890b52c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
Origin: https://blog.comae.io

Response headers

date: Thu, 29 Jun 2017 16:39:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 2924-f18d8a7
status: 200
vary: Accept-Encoding
content-length: 1210
pragma: public
server: cloudflare-nginx
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 376a53105873279e-FRA
expires: Sat, 29 Jul 2017 16:39:54 GMT

GET
S 200 1*QahrmjNAnT8YlC56evTRJA.png
cdn-images-1.medium.com/freeze/max/60/ 2 KB
2 KB 31ms
11ms Image
image/png 2400:cb00:2048:1::6810:7591
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/freeze/max/60/1*QahrmjNAnT8YlC56evTRJA.png?q=20

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:7591 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Geomyidae artificij

Resource Hash

c7258a42015b8b0029aa25ddc32cc6fd1bbe352bb1df495f11d636da3b994005

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
Origin: https://blog.comae.io

Response headers

date: Thu, 29 Jun 2017 16:39:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 2924-f18d8a7
status: 200
vary: Accept-Encoding
content-length: 2199
pragma: public
server: cloudflare-nginx
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 376a53105875279e-FRA
expires: Sat, 29 Jul 2017 16:39:53 GMT

GET
H/1.1 200
OK resize
i.embed.ly/1/display/ 679 B
691 B 340ms
9ms Image
image/jpeg 104.16.89.50
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.embed.ly/1/display/resize?url=https%3A%2F%2Fpbs.twimg.com%2Fmedia%2FDDaDA3NXgAACdco.jpg%3Alarge&key=4fce0568f2ce49e8b54624ef71a8a5bd&width=40
Requested by: Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.50 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 8435d139cee7c7266b924934626a0908b9a2cc429588b370a837fa7d4a71f7fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
Origin: https://blog.comae.io

Response headers

Date: Thu, 29 Jun 2017 16:39:53 GMT
CF-Cache-Status: HIT
Last-Modified: Wed, 28 Jun 2017 12:05:07 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range,content-length,accept-ranges
Cache-Control: public, max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: *
CF-RAY: 376a531249c526b4-FRA
Access-Control-Allow-Headers: range
Expires: Fri, 30 Jun 2017 04:39:53 GMT

GET
S 200 1*UHTdNfs9FTU6NXBQj79mmg.png
cdn-images-1.medium.com/freeze/max/60/ 2 KB
2 KB 33ms
13ms Image
image/png 2400:cb00:2048:1::6810:7591
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/freeze/max/60/1*UHTdNfs9FTU6NXBQj79mmg.png?q=20

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:7591 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Geomyidae artificij

Resource Hash

f62b7484d5fc708a7991b7163e8667713e5c55746565411ae6e5b6f00f88384e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
Origin: https://blog.comae.io

Response headers

date: Thu, 29 Jun 2017 16:39:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 2924-f18d8a7
status: 200
vary: Accept-Encoding
content-length: 1781
pragma: public
server: cloudflare-nginx
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 376a53105874279e-FRA
expires: Sat, 29 Jul 2017 16:39:53 GMT

GET
S 200 1*KF-pNcVWxlth87veF5LzbA.png
cdn-images-1.medium.com/freeze/max/60/ 2 KB
2 KB 36ms
16ms Image
image/png 2400:cb00:2048:1::6810:7591
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/freeze/max/60/1*KF-pNcVWxlth87veF5LzbA.png?q=20

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:7591 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Geomyidae artificij

Resource Hash

416b887c06917dcd7d98c7ad4a81f72a0ebf79d4a0277c920be12482d03198e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
Origin: https://blog.comae.io

Response headers

date: Thu, 29 Jun 2017 16:39:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 2924-f18d8a7
status: 200
vary: Accept-Encoding
content-length: 1904
pragma: public
server: cloudflare-nginx
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 376a53105876279e-FRA
expires: Sat, 29 Jul 2017 16:39:53 GMT

GET
S 200 1*rftQoNP9L1SX6n38S6HvQQ.png
cdn-images-1.medium.com/freeze/max/60/ 2 KB
2 KB 26ms
16ms Image
image/png 2400:cb00:2048:1::6810:7591
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/freeze/max/60/1*rftQoNP9L1SX6n38S6HvQQ.png?q=20

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:7591 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Geomyidae artificij

Resource Hash

6b4908e55c5ce7862aa694d6f78cf067de12e4015f4897d1070d22e8f9a63668

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
Origin: https://blog.comae.io

Response headers

date: Thu, 29 Jun 2017 16:39:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 2924-f18d8a7
status: 200
vary: Accept-Encoding
content-length: 2232
pragma: public
server: cloudflare-nginx
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 376a53105877279e-FRA
expires: Sat, 29 Jul 2017 16:39:53 GMT

GET
H/1.1 200
OK resize
i.embed.ly/1/display/ 2 KB
2 KB 341ms
10ms Image
image/jpeg 104.16.89.50
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.embed.ly/1/display/resize?url=https%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F760412031421906944%2FVyahD-YX_400x400.jpg&key=a19fcc184b9711e1b4764040d3dc5c07&width=40
Requested by: Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.50 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 3e9d89a7b4dba6d4251889810697d52dba22816b2158ad65bcf15d5f7b5b372d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
Origin: https://blog.comae.io

Response headers

Date: Thu, 29 Jun 2017 16:39:53 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 02 Aug 2016 09:46:50 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range,content-length,accept-ranges
Cache-Control: public, max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: *
CF-RAY: 376a53124b0f63df-FRA
Access-Control-Allow-Headers: range
Expires: Fri, 30 Jun 2017 04:39:53 GMT

GET
H/1.1 200
OK resize
i.embed.ly/1/display/ 1 KB
1 KB 345ms
14ms Image
image/jpeg 104.16.89.50
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.embed.ly/1/display/resize?url=https%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F810809499950977024%2F0Cezb3Ya_400x400.jpg&key=a19fcc184b9711e1b4764040d3dc5c07&width=40
Requested by: Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.50 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: c4657076bf2523a60f1bfdd34abbbf079b0f2eba1ea2cd290d52ce39d46366c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
Origin: https://blog.comae.io

Response headers

Date: Thu, 29 Jun 2017 16:39:53 GMT
CF-Cache-Status: HIT
Last-Modified: Mon, 19 Dec 2016 11:28:23 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range,content-length,accept-ranges
Cache-Control: public, max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: *
CF-RAY: 376a53124b1063df-FRA
Access-Control-Allow-Headers: range
Expires: Fri, 30 Jun 2017 04:39:53 GMT

GET
H/1.1 200
OK resize
i.embed.ly/1/display/ 2 KB
2 KB 308ms
8ms Image
image/png 104.16.89.50
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.embed.ly/1/display/resize?url=https%3A%2F%2Favatars3.githubusercontent.com%2Fu%2F1621145%3Fv%3D3%26s%3D400&key=a19fcc184b9711e1b4764040d3dc5c07&width=40
Requested by: Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.50 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: c01d07f64bd2b8b00b3f33a3f983e68e43250140ccffd184c2072988b219de49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
Origin: https://blog.comae.io

Response headers

Date: Thu, 29 Jun 2017 16:39:53 GMT
CF-Cache-Status: HIT
Last-Modified: Fri, 15 Jul 2016 11:32:15 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range,content-length,accept-ranges
Cache-Control: public, max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: *
CF-RAY: 376a53124bfe2744-FRA
Access-Control-Allow-Headers: range
Expires: Fri, 30 Jun 2017 04:39:53 GMT

GET
S 200 1*mT_IwSa1MsAwwZUKP1WRJg.png
cdn-images-1.medium.com/fit/c/120/120/ 5 KB
5 KB 10ms
9ms Image
image/png 2400:cb00:2048:1::6810:7991
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/fit/c/120/120/1*mT_IwSa1MsAwwZUKP1WRJg.png

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:7991 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Geomyidae artificij

Resource Hash

f4cd1a3712663c0b470c05dbbdcb15765166f84adaa79ff5be864a562ad55ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 2882-f18d8a7
status: 200
vary: Accept-Encoding
content-length: 5583
pragma: public
server: cloudflare-nginx
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 376a53107a4e6373-FRA
expires: Sat, 29 Jul 2017 16:39:53 GMT

GET
S 200 1*mT_IwSa1MsAwwZUKP1WRJg.png
cdn-images-1.medium.com/fit/c/80/80/ 3 KB
3 KB 10ms
9ms Image
image/png 2400:cb00:2048:1::6810:7991
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/fit/c/80/80/1*mT_IwSa1MsAwwZUKP1WRJg.png

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:7991 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Geomyidae artificij

Resource Hash

b6f9849eb62105a69afe3d18476e23c28c534daacbd451068ecc8775a30f68b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 2901-f18d8a7
status: 200
vary: Accept-Encoding
content-length: 2934
pragma: public
server: cloudflare-nginx
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 376a53107a516373-FRA
expires: Sat, 29 Jul 2017 16:39:53 GMT

GET
S 200 main-base.bundle.53Tvaru1y-ly2H0bmNjn9g.js Show response
cdn-static-1.medium.com/_/fp/gen-js/ 1 MB
320 KB 12ms
11ms Script
application/javascript 2400:cb00:2048:1::6810:7991
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.53Tvaru1y-ly2H0bmNjn9g.js

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:7991 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

d73c9502fd26295f0a7e71f6d144e038ad170ba647f94119ca495b59fa07cc6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: 56723232856A83FC
status: 200
vary: Accept-Encoding
content-length: 327405
x-amz-id-2: bppSMg/6f0SwArCR9e0Wr7GihFyEtybxKhHUjwDYgu5RnSYvd5aDAJI4xNvAdnu7hnKmWpE+Oqs=
last-modified: Wed, 28 Jun 2017 22:12:15 GMT
server: cloudflare-nginx
etag: "330d7b21a9cc63cd0416d7f3031cafc1"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 376a53107a526373-FRA
expires: Fri, 29 Jun 2018 16:39:53 GMT

GET
S 200 stat
blog.comae.io/_/ 43 B
52 B 128ms
127ms Image
image/gif 52.6.3.192
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.comae.io/_/stat?event=pixel.load&origin=https%3A%2F%2Fblog.comae.io

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.6.3.192 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-6-3-192.compute-1.amazonaws.com

Software

nginx / Medium

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://getpocket.com https://blog.comae.io https://.blog.comae.io https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://.lightstep.com https://app.zencoder.com 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:53 GMT
x-content-type-options: nosniff
x-powered-by: Medium
x-obvious-info: 29607-c58c23b,c58c23b
status: 200
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
pragma: no-cache
x-obvious-tid: 1498754393711:216aaca34df3
server: nginx
tk: T
x-frame-options: sameorigin
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://getpocket.com https://blog.comae.io https://*.blog.comae.io https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://app.zencoder.com 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
link: <https://medium.com/humans.txt>; rel="humans"
expires: Thu, 09 Sep 1999 09:09:09 GMT

GET
DATA 200
OK truncated
/ 16 KB
0 Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 928b52b82370710b4e0158ed6827736909ba0224413abc641008bd917a40975d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Origin: https://blog.comae.io

Response headers

Access-Control-Allow-Origin: *
Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 15 KB
0 Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ca855110f92ac1322df47b2ec8533be97c829ff6078aee53cf560f5c1374bf6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Origin: https://blog.comae.io

Response headers

Access-Control-Allow-Origin: *
Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 16 KB
0 Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2df8e1db3dd927f456d5f70dd08397293d37a70e699f14f88819a9df4e729ce9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Origin: https://blog.comae.io

Response headers

Access-Control-Allow-Origin: *
Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 17 KB
0 Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ec494102d87ca3450eb2b5fa1df7b706fdb74a084cc62ecf7457f70d963ce4d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Origin: https://blog.comae.io

Response headers

Access-Control-Allow-Origin: *
Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 15 KB
0 Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02d6110640ed3283e1e979ef557c6ea8f707cd8c561235cf6cd2861345360671

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Origin: https://blog.comae.io

Response headers

Access-Control-Allow-Origin: *
Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 17 KB
0 Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4acaada1baaf028346d33ed3548eb6d1356447b1121fe6b005510fd59d63f78f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Origin: https://blog.comae.io

Response headers

Access-Control-Allow-Origin: *
Content-Type: font/opentype

GET
S 200 collect
www.google-analytics.com/r/ 35 B
44 B 14ms
14ms Image
image/gif 2a00:1450:4001:81b::200e
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j56&a=1219260836&t=pageview&_s=1&dl=https%3A%2F%2Fblog.comae.io%2Fpetya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b%3Fgi%3Db3ae443001b5&ul=en-us&de=UTF-8&dt=Petya.2017%20is%20a%20wiper%20not%20a%20ransomware%20%E2%80%93%20Comae%20Technologies&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEABI~&jid=669867223&gjid=1916114854&cid=412659461.1498754394&tid=UA-24232453-2&_gid=530761604.1498754394&_r=1&z=1581217229

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81b::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2017 16:39:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
S 204 upvotes Show response
medium.com/p/9ea1d8961d3b/ 0
0 145ms
129ms XHR
text/plain 2400:cb00:2048:1::6810:797f
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.com/p/9ea1d8961d3b/upvotes

Requested by

Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.53Tvaru1y-ly2H0bmNjn9g.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:797f , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Medium

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://getpocket.com https://medium.com:443 https://.medium.com:443 https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://.lightstep.com https://app.zencoder.com 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Request-Method: GET
Origin: https://blog.comae.io
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Access-Control-Request-Headers: content-type,x-client-date,x-obvious-cid,x-opentracing,x-xsrf-token

Response headers

date: Thu, 29 Jun 2017 16:39:54 GMT
x-content-type-options: nosniff
x-powered-by: Medium
x-obvious-info: 29607-c58c23b,c58c23b
status: 204
access-control-max-age: 86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
access-control-allow-headers: Accept, Content-Type, Origin, User-Agent, DNT, Cache-Control, X-Xsrf-Token, X-Obvious-Cid, X-Client-Date, x-opentracing
x-obvious-tid: 1498754394070:fdab1f385e80
server: cloudflare-nginx
x-frame-options: sameorigin
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: https://blog.comae.io
cache-control: no-cache
access-control-allow-credentials: true
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://getpocket.com https://medium.com:443 https://*.medium.com:443 https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://app.zencoder.com 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
cf-ray: 376a53129ccc26d2-FRA
link: <https://medium.com/humans.txt>; rel="humans"

GET
S 200 main-common-async.bundle.XCwstfMk0w3yIQwZv4atCQ.js Show response
cdn-static-1.medium.com/_/fp/gen-js/ 915 KB
244 KB 12ms
12ms Script
application/javascript 2400:cb00:2048:1::6810:7991
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-static-1.medium.com/_/fp/gen-js/main-common-async.bundle.XCwstfMk0w3yIQwZv4atCQ.js

Requested by

Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.53Tvaru1y-ly2H0bmNjn9g.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:7991 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

ff2cd8ec2b8ed66ae5ee366db108d0190cd303039f8f4cc997e3543c259b147e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: A1028CD4DA73BE42
status: 200
vary: Accept-Encoding
content-length: 249670
x-amz-id-2: p3LjDCXMayTDa7iMHYR5rAb0/Bq9fAYpPWw9Z/dJKCsftgwBCa4QvEys5zJfekeNStPUj4PsaIM=
last-modified: Wed, 28 Jun 2017 22:12:15 GMT
server: cloudflare-nginx
etag: "0eaa8a6127afef5b3a623c4876dac616"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 376a53128b2b6373-FRA
expires: Fri, 29 Jun 2018 16:39:54 GMT

GET
S 200 1*CCCk0WWXp0PHRWDAQwGDTQ.png
cdn-images-1.medium.com/max/1600/ 21 KB
21 KB 18ms
17ms Image
image/png 2400:cb00:2048:1::6810:7991
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/1600/1*CCCk0WWXp0PHRWDAQwGDTQ.png

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:7991 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Geomyidae artificij

Resource Hash

8199777eca522388d49d6d85e4cb6b72ef25d13dfc5f9a2b14253d312217b8fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 2924-f18d8a7
status: 200
vary: Accept-Encoding
content-length: 21553
pragma: public
server: cloudflare-nginx
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 376a53128b2d6373-FRA
expires: Sat, 29 Jul 2017 16:39:54 GMT

GET
S 200 37881a5965a1577ba617259538966d50 Show response
blog.comae.io/media/ Frame 5670 2 KB
1 KB 152ms
151ms Document
text/html 52.6.3.192
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.comae.io/media/37881a5965a1577ba617259538966d50?postId=9ea1d8961d3b

Requested by

Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.53Tvaru1y-ly2H0bmNjn9g.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.6.3.192 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-6-3-192.compute-1.amazonaws.com

Software

nginx / Medium

Resource Hash

89c318752e8b0713181345cf123f0cf1cb0f8dcb1d5807e8ed2ad5c02bd87155

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://getpocket.com https://blog.comae.io https://.blog.comae.io https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://.lightstep.com https://app.zencoder.com 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Medium
x-obvious-info: 29607-c58c23b,c58c23b
status: 200
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
pragma: no-cache
x-obvious-tid: 1498754394073:d239d307ef81
server: nginx
tk: T
x-frame-options: sameorigin
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://getpocket.com https://blog.comae.io https://*.blog.comae.io https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://app.zencoder.com 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
link: <https://medium.com/humans.txt>; rel="humans"
expires: Thu, 09 Sep 1999 09:09:09 GMT

GET
S 200 upvotes Show response
medium.com/p/9ea1d8961d3b/ 5 KB
2 KB 584ms
583ms XHR
application/json 2400:cb00:2048:1::6810:787f
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.com/p/9ea1d8961d3b/upvotes

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:787f , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Medium

Resource Hash

b21051c1c8c8b06b1dbd6154b215222ad3eed5fc77462ff40dc8e7eb29eea302

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

X-Client-Date: 1498754393995
Origin: https://blog.comae.io
X-XSRF-Token: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Content-Type: application/json
X-Obvious-CID: web
Accept: application/json
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
x-opentracing: {"ot-tracer-spanid":"101b11c670545d","ot-tracer-traceid":"280c507229275ffb","ot-tracer-sampled":"true"}

Response headers

date: Thu, 29 Jun 2017 16:39:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Medium
x-obvious-info: 29607-c58c23b,c58c23b
status: 200
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
pragma: no-cache
x-obvious-tid: 1498754394607:843d329cb81d
server: cloudflare-nginx
x-frame-options: sameorigin
tk: T
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blog.comae.io
access-control-expose-headers: X-Xsrf-Token, X-Obvious-Cid, X-Client-Date, X-Obvious-Profiling, X-Diagnostics, x-opentracing
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 376a53136902235a-FRA
link: <https://medium.com/humans.txt>; rel="humans"
expires: Thu, 09 Sep 1999 09:09:09 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ Frame 5670 113 KB
32 KB 23ms
6ms Script
application/javascript 104.244.43.204
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: blog.comae.io
URL: https://blog.comae.io/media/37881a5965a1577ba617259538966d50?postId=9ea1d8961d3b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.43.204 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software: /
Resource Hash: 40c29fb1c88fb37e6c0eed70617f0d3a2ce78830e28efe5f101160ec3fc9f6f1

Request headers

Referer: https://blog.comae.io/media/37881a5965a1577ba617259538966d50?postId=9ea1d8961d3b
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date: Thu, 29 Jun 2017 16:39:54 GMT
Content-Encoding: gzip
Age: 632
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 33039
X-Served-By: cache-tw-fra1-cr1-17-TWFRA1
Last-Modified: Wed, 28 Jun 2017 16:43:33 GMT
X-Timer: S1498754394.202070,VS0,VE0
Etag: "f39569b80aee173a69b7004ddc6aaf3d+gzip"
Vary: Accept-Encoding,Host
Content-Type: application/javascript; charset=utf-8
Via: 1.1 varnish
Cache-Control: public, max-age=1800
Accept-Ranges: bytes

GET
H/1.1 200
OK tweet.6352a9eebf6f1aa3bcc0a57d66d2a72d.js Show response
platform.twitter.com/js/ Frame 5670 19 KB
6 KB 6ms
6ms Script
application/javascript 104.244.43.204
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/tweet.6352a9eebf6f1aa3bcc0a57d66d2a72d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.43.204 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software: /
Resource Hash: 31105cae519ba6761ca4f644340c07c58b883712c8c212dd694584ba05273417

Request headers

Referer: https://blog.comae.io/media/37881a5965a1577ba617259538966d50?postId=9ea1d8961d3b
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date: Thu, 29 Jun 2017 16:39:54 GMT
Content-Encoding: gzip
Age: 81660
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 6485
X-Served-By: cache-tw-fra1-cr1-17-TWFRA1
Last-Modified: Wed, 28 Jun 2017 16:43:19 GMT
X-Timer: S1498754394.242973,VS0,VE0
Etag: "f8e5c01e96b29f8c3cc7d757df9cc10f+gzip"
Vary: Accept-Encoding,Host
Content-Type: application/javascript; charset=utf-8
Via: 1.1 varnish
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes

GET
S 200 syndication
syndication.twitter.com/i/jot/ Frame 5670 43 B
74 B 123ms
107ms Image
image/gif 104.244.42.200
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?dnt=1&l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1498754394251%2C%22dnt%22%3Atrue%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.comae.io/media/37881a5965a1577ba617259538966d50?postId=9ea1d8961d3b
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 1; mode=block
x-response-time: 101
pragma: no-cache
last-modified: Thu, 29 Jun 2017 16:39:54 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: ec9a2410fbc9e68c52d27b1a259c56d8
x-transaction: 00b3785e00f280d5
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK tweets.json Show response
cdn.syndication.twimg.com/ Frame 5670 11 KB
3 KB 190ms
154ms Script
application/javascript 2606:2800:234:1a46:1c04:1676:610:129d
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb0&ids=880129927659520000-t&lang=en&suppress_response_codes=true

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:234:1a46:1c04:1676:610:129d , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

tsa_o /

Resource Hash

352d6ef0bfacd923c167b7c50f10ff727ba4d3c930ab4e3ce14433126107e4bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.comae.io/media/37881a5965a1577ba617259538966d50?postId=9ea1d8961d3b
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:54 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
Content-Length: 2958
x-xss-protection: 1; mode=block
x-response-time: 121
last-modified: Thu, 29 Jun 2017 16:39:54 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
Content-Type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=60
x-connection-hash: e9c8f06f6959ddb5eafad242a7a07090
timing-allow-origin: *
x-transaction: 00c40593005e8f7c
expires: Thu, 29 Jun 2017 16:40:54 GMT

GET
S 200 main-notes.bundle.bYgEVxeL1iMB1G-otEv6Yw.js Show response
cdn-static-1.medium.com/_/fp/gen-js/ 65 KB
22 KB 10ms
9ms Script
application/javascript 2400:cb00:2048:1::6810:7991
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-static-1.medium.com/_/fp/gen-js/main-notes.bundle.bYgEVxeL1iMB1G-otEv6Yw.js

Requested by

Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.53Tvaru1y-ly2H0bmNjn9g.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:7991 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

86cceb59a9dbad3f22483b0dd069c8ce1d191025e61dffdd862fdf3ed9c466c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: 75528414608590CF
status: 200
vary: Accept-Encoding
content-length: 22237
x-amz-id-2: yJQ4JTOBQiTHkJCB+Lv+CFNJSPQwmk66n8nKiSWeWdtxeYdSQfmRfjPQckrELOrl7tDwKApi5w4=
last-modified: Wed, 28 Jun 2017 22:12:14 GMT
server: cloudflare-nginx
etag: "1577cb5e06f1f845f9fa46d62340ba10"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 376a53142be16373-FRA
expires: Fri, 29 Jun 2018 16:39:54 GMT

OPTIONS
S 204 quotes Show response
medium.com/p/9ea1d8961d3b/ 0
0 121ms
120ms XHR
text/plain 2400:cb00:2048:1::6810:797f
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.com/p/9ea1d8961d3b/quotes

Requested by

Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.53Tvaru1y-ly2H0bmNjn9g.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:797f , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Medium

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://getpocket.com https://medium.com:443 https://.medium.com:443 https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://.lightstep.com https://app.zencoder.com 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Request-Method: GET
Origin: https://blog.comae.io
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Access-Control-Request-Headers: content-type,x-client-date,x-obvious-cid,x-xsrf-token

Response headers

date: Thu, 29 Jun 2017 16:39:54 GMT
x-content-type-options: nosniff
x-powered-by: Medium
x-obvious-info: 29607-c58c23b,c58c23b
status: 204
access-control-max-age: 86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
access-control-allow-headers: Accept, Content-Type, Origin, User-Agent, DNT, Cache-Control, X-Xsrf-Token, X-Obvious-Cid, X-Client-Date, x-opentracing
x-obvious-tid: 1498754394338:e6c827f54cef
server: cloudflare-nginx
x-frame-options: sameorigin
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: https://blog.comae.io
cache-control: no-cache
access-control-allow-credentials: true
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://getpocket.com https://medium.com:443 https://*.medium.com:443 https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://app.zencoder.com 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
cf-ray: 376a53143d9626d2-FRA
link: <https://medium.com/humans.txt>; rel="humans"

OPTIONS
S 204 responses Show response
medium.com/_/api/posts/9ea1d8961d3b/ 0
0 127ms
127ms XHR
text/plain 2400:cb00:2048:1::6810:797f
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.com/_/api/posts/9ea1d8961d3b/responses?filter=best

Requested by

Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.53Tvaru1y-ly2H0bmNjn9g.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:797f , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Medium

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://getpocket.com https://medium.com:443 https://.medium.com:443 https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://.lightstep.com https://app.zencoder.com 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Request-Method: GET
Origin: https://blog.comae.io
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Access-Control-Request-Headers: content-type,x-client-date,x-obvious-cid,x-opentracing,x-xsrf-token

Response headers

date: Thu, 29 Jun 2017 16:39:54 GMT
x-content-type-options: nosniff
x-powered-by: Medium
x-obvious-info: 29607-c58c23b,c58c23b
status: 204
access-control-max-age: 86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
access-control-allow-headers: Accept, Content-Type, Origin, User-Agent, DNT, Cache-Control, X-Xsrf-Token, X-Obvious-Cid, X-Client-Date, x-opentracing
x-obvious-tid: 1498754394338:72cab939ffa3
server: cloudflare-nginx
x-frame-options: sameorigin
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: https://blog.comae.io
cache-control: no-cache
access-control-allow-credentials: true
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://getpocket.com https://medium.com:443 https://*.medium.com:443 https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://app.zencoder.com 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
cf-ray: 376a53143d9926d2-FRA
link: <https://medium.com/humans.txt>; rel="humans"

OPTIONS reports
collector-medium.lightstep.com/api/v0/ 0
0

GET
S 200 quotes Show response
medium.com/p/9ea1d8961d3b/ 97 B
138 B 150ms
150ms XHR
application/json 2400:cb00:2048:1::6810:787f
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.com/p/9ea1d8961d3b/quotes

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:787f , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Medium

Resource Hash

8c32452fbe3800cd59d6734ab9fa4e8a590915e1d17c9295f6abb2c654106c01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

X-Client-Date: 1498754394276
Origin: https://blog.comae.io
X-XSRF-Token: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
X-Obvious-CID: web

Response headers

date: Thu, 29 Jun 2017 16:39:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Medium
x-obvious-info: 29607-c58c23b,c58c23b
status: 200
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
pragma: no-cache
link: <https://medium.com/humans.txt>; rel="humans"
x-obvious-tid: 1498754394459:2e13cab2e04f
server: cloudflare-nginx
x-frame-options: sameorigin
tk: T
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blog.comae.io
access-control-expose-headers: X-Xsrf-Token, X-Obvious-Cid, X-Client-Date, X-Obvious-Profiling, X-Diagnostics, x-opentracing
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 376a5314fa23235a-FRA
x-opentracing: {"ot-tracer-spanid":"5bff77cc7da4173f","ot-tracer-traceid":"3785a7647b425800","ot-tracer-sampled":"true"}
expires: Thu, 09 Sep 1999 09:09:09 GMT

GET
S 200 responses Show response
medium.com/_/api/posts/9ea1d8961d3b/ 153 B
183 B 886ms
886ms XHR
application/json 2400:cb00:2048:1::6810:787f
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.com/_/api/posts/9ea1d8961d3b/responses?filter=best

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:787f , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Medium

Resource Hash

8a7e82f285102a42fe792703c46d4ceedfd013baf55ac79388a30011a2ed04d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

X-Client-Date: 1498754394278
Origin: https://blog.comae.io
X-XSRF-Token: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Content-Type: application/json
X-Obvious-CID: web
Accept: application/json
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
x-opentracing: {"ot-tracer-spanid":"9a3f86593991a","ot-tracer-traceid":"f42fe62bbbba3","ot-tracer-sampled":"true"}

Response headers

date: Thu, 29 Jun 2017 16:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Medium
x-obvious-info: 29607-c58c23b,c58c23b
status: 200
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
pragma: no-cache
x-obvious-tid: 1498754395049:460ff0889db2
server: cloudflare-nginx
x-frame-options: sameorigin
tk: T
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blog.comae.io
access-control-expose-headers: X-Xsrf-Token, X-Obvious-Cid, X-Client-Date, X-Obvious-Profiling, X-Diagnostics, x-opentracing
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 376a53150a28235a-FRA
link: <https://medium.com/humans.txt>; rel="humans"
expires: Thu, 09 Sep 1999 09:09:09 GMT

GET
S 200 7VxOxsQy
pbs.twimg.com/card_img/879757772300050433/ Frame 5670 59 KB
59 KB 53ms
16ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/879757772300050433/7VxOxsQy?format=jpg&name=600x314

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (vie/F396) /

Resource Hash

037968a9da1b75fdb66dcf03ce6878415d9ab609cab47314c4b593cf490eef94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:54 GMT
x-content-type-options: nosniff
content-md5: vSGzeirRBLPx+J4YGcKcKw==
x-cache: HIT
status: 200
content-length: 60619
x-response-time: 223
surrogate-key: card_img card_img/bucket/5 card_img/879757772300050433
last-modified: Tue, 27 Jun 2017 17:44:12 GMT
server: ECS (vie/F396)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 396268d7337597f300a23f2169d33ad1
accept-ranges: bytes

GET
H/1.1 200
OK tweet.750a23c210a524abec117c433246edbe.light.ltr.css
platform.twitter.com/css/ Frame 5670 45 KB
11 KB 6ms
6ms Stylesheet
text/css 104.244.43.204
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/tweet.750a23c210a524abec117c433246edbe.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.43.204 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software: /
Resource Hash: 2f0d86c99c7fb96322eae5696c6000e39e54ad5540eb9e4c65072bba2038cdde

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date: Thu, 29 Jun 2017 16:39:54 GMT
Content-Encoding: gzip
Age: 81660
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 11104
X-Served-By: cache-tw-fra1-cr1-17-TWFRA1
Last-Modified: Wed, 28 Jun 2017 16:43:19 GMT
X-Timer: S1498754395.501333,VS0,VE0
Etag: "33350bb275d12570f8c0c13fec1fb92f+gzip"
Vary: Accept-Encoding,Host
Content-Type: text/css; charset=utf-8
Via: 1.1 varnish
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes

GET
H/1.1 200
OK tweet.750a23c210a524abec117c433246edbe.light.ltr.css
platform.twitter.com/css/ Frame 5670 9 KB
0 13ms
6ms Image
text/css 104.244.43.204
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/tweet.750a23c210a524abec117c433246edbe.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.43.204 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blog.comae.io/media/37881a5965a1577ba617259538966d50?postId=9ea1d8961d3b
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date: Thu, 29 Jun 2017 16:39:54 GMT
Content-Encoding: gzip
Age: 81660
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 11104
X-Served-By: cache-tw-fra1-cr1-17-TWFRA1
Last-Modified: Wed, 28 Jun 2017 16:43:19 GMT
X-Timer: S1498754395.507915,VS0,VE0
Etag: "33350bb275d12570f8c0c13fec1fb92f+gzip"
Vary: Accept-Encoding,Host
Content-Type: text/css; charset=utf-8
Via: 1.1 varnish
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes

OPTIONS
S 204 responsesStream Show response
medium.com/_/api/posts/9ea1d8961d3b/ 0
0 226ms
226ms XHR
text/plain 2400:cb00:2048:1::6810:797f
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.com/_/api/posts/9ea1d8961d3b/responsesStream?filter=best

Requested by

Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.53Tvaru1y-ly2H0bmNjn9g.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:797f , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Medium

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://getpocket.com https://medium.com:443 https://.medium.com:443 https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://.lightstep.com https://app.zencoder.com 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Request-Method: GET
Origin: https://blog.comae.io
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Access-Control-Request-Headers: content-type,x-client-date,x-obvious-cid,x-opentracing,x-xsrf-token

Response headers

date: Thu, 29 Jun 2017 16:39:54 GMT
x-content-type-options: nosniff
x-powered-by: Medium
x-obvious-info: 29607-c58c23b,c58c23b
status: 204
access-control-max-age: 86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
access-control-allow-headers: Accept, Content-Type, Origin, User-Agent, DNT, Cache-Control, X-Xsrf-Token, X-Obvious-Cid, X-Client-Date, x-opentracing
x-obvious-tid: 1498754394666:3bdacb3875da
server: cloudflare-nginx
x-frame-options: sameorigin
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: https://blog.comae.io
cache-control: no-cache
access-control-allow-credentials: true
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://getpocket.com https://medium.com:443 https://*.medium.com:443 https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://app.zencoder.com 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
cf-ray: 376a5315ae4e26d2-FRA
link: <https://medium.com/humans.txt>; rel="humans"

OPTIONS
S 204 placements Show response
medium.com/_/api/ 0
0 527ms
527ms XHR
text/plain 2400:cb00:2048:1::6810:797f
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.com/_/api/placements?requestContext%5BpostPageContext%5D%5BpostId%5D=9ea1d8961d3b&requestContext%5BcontextType%5D=postPageContext&slots%5B0%5D%5Blocation%5D=1&slots%5B0%5D%5Bindex%5D=0&slots%5B1%5D%5Blocation%5D=2&slots%5B1%5D%5Bindex%5D=0&slots%5B2%5D%5Blocation%5D=6&slots%5B2%5D%5Bindex%5D=0

Requested by

Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.53Tvaru1y-ly2H0bmNjn9g.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:797f , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Medium

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://getpocket.com https://medium.com:443 https://.medium.com:443 https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://.lightstep.com https://app.zencoder.com 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Request-Method: GET
Origin: https://blog.comae.io
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Access-Control-Request-Headers: content-type,x-client-date,x-obvious-cid,x-opentracing,x-xsrf-token

Response headers

date: Thu, 29 Jun 2017 16:39:55 GMT
x-content-type-options: nosniff
x-powered-by: Medium
x-obvious-info: 29607-c58c23b,c58c23b
status: 204
access-control-max-age: 86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
access-control-allow-headers: Accept, Content-Type, Origin, User-Agent, DNT, Cache-Control, X-Xsrf-Token, X-Obvious-Cid, X-Client-Date, x-opentracing
x-obvious-tid: 1498754394968:dba24697f8c4
server: cloudflare-nginx
x-frame-options: sameorigin
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: https://blog.comae.io
cache-control: no-cache
access-control-allow-credentials: true
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://getpocket.com https://medium.com:443 https://*.medium.com:443 https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://app.zencoder.com 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
cf-ray: 376a5315ae5026d2-FRA
link: <https://medium.com/humans.txt>; rel="humans"

GET
S 200 GjY6aPRY_normal.jpg
pbs.twimg.com/profile_images/781819734459293696/ Frame 5670 2 KB
2 KB 17ms
16ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/781819734459293696/GjY6aPRY_normal.jpg

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (vie/F2B0) /

Resource Hash

915fe8a0e1f1a13d7cbdb9510fe289c3d819d7154020dec06f38b804480d3570

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:54 GMT
x-content-type-options: nosniff
content-md5: i+Rief1Fm3GWS5dgYPKjbg==
x-cache: HIT
status: 200
content-length: 2111
x-response-time: 118
surrogate-key: profile_images profile_images/bucket/5 profile_images/781819734459293696
last-modified: Fri, 30 Sep 2016 11:33:24 GMT
server: ECS (vie/F2B0)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c5fa066f69cd14b16aabc94c2b4efd0d
accept-ranges: bytes

GET
S 200 syndication_bundle_v1_58aae6c3fc7614a364137b885b69a473ad4a4141.css
ton.twimg.com/tfw/css/ Frame 5670 44 KB
7 KB 35ms
34ms Stylesheet
text/css 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_58aae6c3fc7614a364137b885b69a473ad4a4141.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (vie/F386) /

Resource Hash

787ad35a257b852a471bb468a9d05b3115754cf8b39e0e115590f4b8aceba5cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 44673
x-cache: HIT
status: 200
content-length: 6809
x-response-time: 7
surrogate-key: tfw
last-modified: Tue, 27 Jun 2017 18:37:52 GMT
server: ECS (vie/F386)
etag: "6SFmDbv0DZNmqsUiIrKQ1Q=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://twitter.com
x-connection-hash: 8c7fc0fae41afd8460854e39dd43c1f3
accept-ranges: bytes
expires: Thu, 06 Jul 2017 16:39:54 GMT

GET
S 200 syndication_bundle_v1_58aae6c3fc7614a364137b885b69a473ad4a4141.css
ton.twimg.com/tfw/css/ Frame 5670 32 KB
0 35ms
34ms Image
text/css 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_58aae6c3fc7614a364137b885b69a473ad4a4141.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (vie/F386) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.comae.io/media/37881a5965a1577ba617259538966d50?postId=9ea1d8961d3b
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 44673
x-cache: HIT
status: 200
content-length: 6809
x-response-time: 7
surrogate-key: tfw
last-modified: Tue, 27 Jun 2017 18:37:52 GMT
server: ECS (vie/F386)
etag: "6SFmDbv0DZNmqsUiIrKQ1Q=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://twitter.com
x-connection-hash: 8c7fc0fae41afd8460854e39dd43c1f3
accept-ranges: bytes
expires: Thu, 06 Jul 2017 16:39:54 GMT

GET
DATA 200
OK truncated
/ Frame 5670 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f15fa743c079440166ba6775df01dc2bd7591d300c09f343756719a3b71a282d

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 5670 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb40f5941362b2f30b7a665a4b325b2810e7ec64738da8c2301f6f2d7cbbf6c3

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 5670 403 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c63febb71fabf432f994bc484d760d7cc52a1ab4de01b4fa3b5972808fe5869

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 5670 696 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d7495e7ff0acf319434b63571491ff2be9f705ec251b0f0c66abb0c36f07278

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 5670 320 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 850fb28605682e845f91781f6208cabf6ef35931f5e6c78ddf9911a358f89fd3

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 5670 526 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d103d03ca52f6d54223e584c5b5f80aa1c80979e8efeb5df1fab9c51165247a5

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
S 200 responsesStream Show response
medium.com/_/api/posts/9ea1d8961d3b/ 202 B
218 B 208ms
208ms XHR
application/json 2400:cb00:2048:1::6810:787f
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://medium.com/_/api/posts/9ea1d8961d3b/responsesStream?filter=best

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:787f , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Medium

Resource Hash

41f478e8d7d12377894bc1a77642a2f8641809b0ba0393f6e01b086156dc6e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

X-Client-Date: 1498754394505
Origin: https://blog.comae.io
X-XSRF-Token: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Content-Type: application/json
X-Obvious-CID: web
Accept: application/json
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
x-opentracing: {"ot-tracer-spanid":"1bf01cef6b22d9","ot-tracer-traceid":"f42fe62bbbba3","ot-tracer-sampled":"true"}

Response headers

date: Thu, 29 Jun 2017 16:39:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Medium
x-obvious-info: 29607-c58c23b,c58c23b
status: 200
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
pragma: no-cache
x-obvious-tid: 1498754394794:6e6796e4488d
server: cloudflare-nginx
x-frame-options: sameorigin
tk: T
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blog.comae.io
access-control-expose-headers: X-Xsrf-Token, X-Obvious-Cid, X-Client-Date, X-Obvious-Profiling, X-Diagnostics, x-opentracing
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 376a53171c18235a-FRA
link: <https://medium.com/humans.txt>; rel="humans"
expires: Thu, 09 Sep 1999 09:09:09 GMT

GET

jot.html
platform.twitter.com/ Frame 5670
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

GET
S 200 placements Show response
medium.com/_/api/ 26 KB
6 KB 611ms
611ms XHR
application/json 2400:cb00:2048:1::6810:787f
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:787f , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Medium

Resource Hash

14432dd6fdaff238b63a52eaff3ba90f3e01b03030dcd166ea1349205f5d7f91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

X-Client-Date: 1498754394507
Origin: https://blog.comae.io
X-XSRF-Token: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Content-Type: application/json
X-Obvious-CID: web
Accept: application/json
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
x-opentracing: {"ot-tracer-spanid":"a11926da1399d","ot-tracer-traceid":"f42fe62bbbba3","ot-tracer-sampled":"true"}

Response headers

date: Thu, 29 Jun 2017 16:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Medium
x-obvious-info: 29607-c58c23b,c58c23b
status: 200
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
pragma: no-cache
x-obvious-tid: 1498754395196:411da575e74e
server: cloudflare-nginx
x-frame-options: sameorigin
tk: T
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blog.comae.io
access-control-expose-headers: X-Xsrf-Token, X-Obvious-Cid, X-Client-Date, X-Obvious-Profiling, X-Diagnostics, x-opentracing
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 376a5318fd8a235a-FRA
link: <https://medium.com/humans.txt>; rel="humans"
expires: Thu, 09 Sep 1999 09:09:09 GMT

GET
S 200 1*n28WCQjaxWBRGTyyP_L1KQ.jpeg
cdn-images-1.medium.com/fit/c/36/36/ 2 KB
2 KB 11ms
11ms Image
image/jpeg 2400:cb00:2048:1::6810:7991
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/fit/c/36/36/1*n28WCQjaxWBRGTyyP_L1KQ.jpeg

Requested by

Host: blog.comae.io
URL: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b?gi=b3ae443001b5

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:7991 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Geomyidae artificij

Resource Hash

2603a718cbf0bef97ecdc21dbcafaab5eedf787783fa414863d209eea3b8c427

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 2861-f18d8a7
status: 200
vary: Accept-Encoding
content-length: 1716
pragma: public
server: cloudflare-nginx
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 376a531cefea6373-FRA
expires: Sat, 29 Jul 2017 16:39:55 GMT

GET
S 200 1*KkHR4vw5OrosrbeFJNZgXA.png
cdn-images-1.medium.com/fit/c/400/120/ 19 KB
19 KB 10ms
10ms Image
image/png 2400:cb00:2048:1::6810:7991
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/fit/c/400/120/1*KkHR4vw5OrosrbeFJNZgXA.png

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:7991 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Geomyidae artificij

Resource Hash

86516a08c5d341d6c1f4246e7ddafd005489c73fdcec0e8b4ca14605677fb5d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 2882-f18d8a7
status: 200
vary: Accept-Encoding
content-length: 19312
pragma: public
server: cloudflare-nginx
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 376a531cefec6373-FRA
expires: Sat, 29 Jul 2017 16:39:55 GMT

GET
S 200 1*lAZ8oEhuaQ5pxqOwWqE-cQ@2x.gif
cdn-images-1.medium.com/max/1600/ 2 MB
2 MB 10ms
10ms Image
image/gif 2400:cb00:2048:1::6810:7991
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/1600/1*lAZ8oEhuaQ5pxqOwWqE-cQ@2x.gif

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:7991 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx / Geomyidae artificij

Resource Hash

905e015753ca84f1956320994ada1e2d485a76f4a5f877507dd67d2106f0fbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date: Thu, 29 Jun 2017 16:39:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 2924-f18d8a7
status: 200
vary: Accept-Encoding
content-length: 1713529
pragma: public
server: cloudflare-nginx
etag: "16.3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 376a531ceff06373-FRA
expires: Sat, 29 Jul 2017 16:39:55 GMT

POST
S 200 batch Show response
blog.comae.io/_/ 97 B
106 B 346ms
346ms XHR
application/json 52.6.3.192
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.comae.io/_/batch

Requested by

Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.53Tvaru1y-ly2H0bmNjn9g.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.6.3.192 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-6-3-192.compute-1.amazonaws.com

Software

nginx / Medium

Resource Hash

d6dc96e35764653911717a1b3d7bdc188d5b90339d3f6e20923dfe28eae1ddf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

X-Client-Date: 1498754398882
Origin: https://blog.comae.io
X-XSRF-Token: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://blog.comae.io/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
X-Obvious-CID: web

Response headers

date: Thu, 29 Jun 2017 16:39:59 GMT
x-content-type-options: nosniff
x-powered-by: Medium
x-obvious-info: 29607-c58c23b,c58c23b
status: 200
content-length: 97
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
pragma: no-cache
link: <https://medium.com/humans.txt>; rel="humans"
x-obvious-tid: 1498754399032:c05ac4945607
server: nginx
tk: T
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-opentracing: {"ot-tracer-spanid":"78ff381c1e50d8bb","ot-tracer-traceid":"7ddf560d06cacdfb","ot-tracer-sampled":"true"}
expires: Thu, 09 Sep 1999 09:09:09 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: collector-medium.lightstep.com
URL: https://collector-medium.lightstep.com/api/v0/reports

Domain: platform.twitter.com
URL: https://platform.twitter.com/jot.html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blog.comae.io/	2017-07-06 16:39:55	Name: sz Value: 1585
blog.comae.io/	2017-07-06 16:39:55	Name: pr Value: 1
blog.comae.io/	2017-07-06 16:39:54	Name: tz Value: 0
blog.comae.io/	2017-07-06 16:39:53	Name: lightstep_guid/medium-web Value: 31cd91cccc5d4dc5
blog.comae.io/	2017-07-06 16:39:53	Name: lightstep_session_id Value: 7553dfc74b4ddcce
.comae.io/	2017-06-30 16:39:53	Name: _gid Value: GA1.2.530761604.1498754394
.comae.io/	2019-06-29 16:39:53	Name: _ga Value: GA1.2.412659461.1498754394
blog.comae.io/	2018-06-29 16:39:53	Name: sid Value: 1:LEx47xnqSDVg1QA0uIxFm5u5zisgTXbdp8hVQgkZQ80w8cVpe5LJ5w7UtXtUHCrS
.comae.io/	2017-06-29 16:40:53	Name: _gat Value: 1
blog.comae.io/	2018-06-29 16:39:53	Name: uid Value: lo_81fa09f1619b

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; connect-src https://localhost https://.instapaper.com https://.stripe.com https://getpocket.com https://blog.comae.io https://.blog.comae.io https://.medium.com https://medium.com https://.medium.com https://.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://.lightstep.com https://app.zencoder.com 'self'; font-src data: https://.amazonaws.com https://.medium.com https://glyph.medium.com https://medium.com https://.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.comae.io
cdn-images-1.medium.com
cdn-static-1.medium.com
cdn.syndication.twimg.com
collector-medium.lightstep.com
i.embed.ly
medium.com
pbs.twimg.com
platform.twitter.com
syndication.twitter.com
ton.twimg.com
www.google-analytics.com
collector-medium.lightstep.com
platform.twitter.com
104.16.89.50
104.244.42.200
104.244.43.204
2400:cb00:2048:1::6810:7591
2400:cb00:2048:1::6810:787f
2400:cb00:2048:1::6810:797f
2400:cb00:2048:1::6810:7991
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:1a46:1c04:1676:610:129d
2a00:1450:4001:81b::200e
52.6.3.192
02d6110640ed3283e1e979ef557c6ea8f707cd8c561235cf6cd2861345360671
037968a9da1b75fdb66dcf03ce6878415d9ab609cab47314c4b593cf490eef94
05b5efc7a3ac6b1860f3372be2861ca8becdd398e90a486fd53e1e783ada5714
14432dd6fdaff238b63a52eaff3ba90f3e01b03030dcd166ea1349205f5d7f91
2603a718cbf0bef97ecdc21dbcafaab5eedf787783fa414863d209eea3b8c427
2df8e1db3dd927f456d5f70dd08397293d37a70e699f14f88819a9df4e729ce9
2f0d86c99c7fb96322eae5696c6000e39e54ad5540eb9e4c65072bba2038cdde
31105cae519ba6761ca4f644340c07c58b883712c8c212dd694584ba05273417
34f986942a371419006628d9ba4d949d3600b876849e85dc832d6511ac2e2254
352d6ef0bfacd923c167b7c50f10ff727ba4d3c930ab4e3ce14433126107e4bd
36eff65a35a409d20762cb8a77ddc6a8502d7269b699c040f6ea651e5740cbb6
3c63febb71fabf432f994bc484d760d7cc52a1ab4de01b4fa3b5972808fe5869
3e9d89a7b4dba6d4251889810697d52dba22816b2158ad65bcf15d5f7b5b372d
40c29fb1c88fb37e6c0eed70617f0d3a2ce78830e28efe5f101160ec3fc9f6f1
416b887c06917dcd7d98c7ad4a81f72a0ebf79d4a0277c920be12482d03198e1
41f478e8d7d12377894bc1a77642a2f8641809b0ba0393f6e01b086156dc6e88
4acaada1baaf028346d33ed3548eb6d1356447b1121fe6b005510fd59d63f78f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
6b4908e55c5ce7862aa694d6f78cf067de12e4015f4897d1070d22e8f9a63668
765010cbfccaf06cb5b9166023a22b655a10b37075c91e276a5550c5ecd855ba
787ad35a257b852a471bb468a9d05b3115754cf8b39e0e115590f4b8aceba5cb
7cd5089ae9fa5423b40797cdc859d50d0bc0cb158e203ba7c4d247d890b52c29
8199777eca522388d49d6d85e4cb6b72ef25d13dfc5f9a2b14253d312217b8fb
819d3f4d628236fd1951ae91141dfa3ba2d177eac54e10e103293826273dcf2d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8435d139cee7c7266b924934626a0908b9a2cc429588b370a837fa7d4a71f7fb
850fb28605682e845f91781f6208cabf6ef35931f5e6c78ddf9911a358f89fd3
86516a08c5d341d6c1f4246e7ddafd005489c73fdcec0e8b4ca14605677fb5d2
86cceb59a9dbad3f22483b0dd069c8ce1d191025e61dffdd862fdf3ed9c466c0
89c318752e8b0713181345cf123f0cf1cb0f8dcb1d5807e8ed2ad5c02bd87155
8a7e82f285102a42fe792703c46d4ceedfd013baf55ac79388a30011a2ed04d1
8c32452fbe3800cd59d6734ab9fa4e8a590915e1d17c9295f6abb2c654106c01
8d7495e7ff0acf319434b63571491ff2be9f705ec251b0f0c66abb0c36f07278
8ec494102d87ca3450eb2b5fa1df7b706fdb74a084cc62ecf7457f70d963ce4d
905e015753ca84f1956320994ada1e2d485a76f4a5f877507dd67d2106f0fbfe
915fe8a0e1f1a13d7cbdb9510fe289c3d819d7154020dec06f38b804480d3570
928b52b82370710b4e0158ed6827736909ba0224413abc641008bd917a40975d
9ca855110f92ac1322df47b2ec8533be97c829ff6078aee53cf560f5c1374bf6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b17bbe57baf1d370070427f9b403adade56d49685972f1fe13ecdf510e3581ad
b21051c1c8c8b06b1dbd6154b215222ad3eed5fc77462ff40dc8e7eb29eea302
b6f9849eb62105a69afe3d18476e23c28c534daacbd451068ecc8775a30f68b4
be89266a932aa5f1570205d57ade831b29a95742a334ac3425b953b16e845626
c01d07f64bd2b8b00b3f33a3f983e68e43250140ccffd184c2072988b219de49
c4657076bf2523a60f1bfdd34abbbf079b0f2eba1ea2cd290d52ce39d46366c0
c7258a42015b8b0029aa25ddc32cc6fd1bbe352bb1df495f11d636da3b994005
d103d03ca52f6d54223e584c5b5f80aa1c80979e8efeb5df1fab9c51165247a5
d6dc96e35764653911717a1b3d7bdc188d5b90339d3f6e20923dfe28eae1ddf7
d73c9502fd26295f0a7e71f6d144e038ad170ba647f94119ca495b59fa07cc6e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f15fa743c079440166ba6775df01dc2bd7591d300c09f343756719a3b71a282d
f4cd1a3712663c0b470c05dbbdcb15765166f84adaa79ff5be864a562ad55ba6
f62b7484d5fc708a7991b7163e8667713e5c55746565411ae6e5b6f00f88384e
fb40f5941362b2f30b7a665a4b325b2810e7ec64738da8c2301f6f2d7cbbf6c3
ff2cd8ec2b8ed66ae5ee366db108d0190cd303039f8f4cc997e3543c259b147e

blog.comae.io Open in urlscan Pro 52.6.3.192 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

51 Requests

96 %HTTPS

64 %IPv6

7 Domains

12 Subdomains

12 IPs

2 Countries

2673 kBTransfer

4906 kBSize

10 Cookies

22 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.comae.io Open in urlscan Pro
52.6.3.192 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

96 %
HTTPS

64 %
IPv6

7
Domains

12
Subdomains

12
IPs

2
Countries

2673 kB
Transfer

4906 kB
Size

10
Cookies

51 HTTP transactions
12 data transactions