www.technologyreview.com Open in urlscan Pro
52.87.35.92 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Submission: On March 22 via manual (March 22nd 2019, 3:29:37 pm UTC) from US

Summary HTTP 149 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 54 IPs in 7 countries across 45 domains to perform 149 HTTP transactions. The main IP is 52.87.35.92, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is www.technologyreview.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 1st 2017. Valid for: 3 years.

This is the only time www.technologyreview.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.87.35.92 52.87.35.92	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
21	2606:4700:10:... 2606:4700:10::6814:1cee	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6811:b949	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2.23.104.167 2.23.104.167	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	2606:4700:e6:... 2606:4700:e6::ac40:ca17	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
7	2606:4700:10:... 2606:4700:10::6814:1bee	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a02:26f0:6c0... 2a02:26f0:6c00:293::3adf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	147.75.205.49 147.75.205.49	54825 (PACKET) (PACKET - Packet Host)
1	151.101.120.157 151.101.120.157	54113 (FASTLY) (FASTLY - Fastly)
2	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	151.101.1.2 151.101.1.2	54113 (FASTLY) (FASTLY - Fastly)
2 5	52.31.106.135 52.31.106.135	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY - Fastly)
1 3	23.43.115.95 23.43.115.95	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700::68... 2606:4700::6810:5705	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	147.75.83.19 147.75.83.19	54825 (PACKET) (PACKET - Packet Host)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6811:e9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6811:73b0	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	54.172.190.168 54.172.190.168	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	54.84.177.104 54.84.177.104	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	13.74.252.44 13.74.252.44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2 3	2620:109:c00c... 2620:109:c00c:104::b93f:9005	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1 1	2620:109:c002... 2620:109:c002::6cae:a0a	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	143.204.98.108 143.204.98.108	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2600:9000:204... 2600:9000:2043:9000:1f:573d:79c0:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	91.228.74.239 91.228.74.239	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1	52.216.144.229 52.216.144.229	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 1	104.111.241.32 104.111.241.32	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2 2	34.95.92.78 34.95.92.78	15169 (GOOGLE) (GOOGLE - Google LLC)
2	34.249.56.252 34.249.56.252	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	54.171.224.12 54.171.224.12	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	52.48.148.204 52.48.148.204	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 3	54.93.117.16 54.93.117.16	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
6	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:204... 2600:9000:2043:a200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2406:da00:ff0... 2406:da00:ff00::36e3:ea03	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	34.199.66.245 34.199.66.245	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
11	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE - Google LLC)
1	91.228.74.184 91.228.74.184	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
13	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
26	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2606:4700::68... 2606:4700::6810:fa05	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6810:fb05	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:401... 2a00:1450:4016:800::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.208.18.17 54.208.18.17	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
149	54

1 52.87.35.92 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-87-35-92.compute-1.amazonaws.com

www.technologyreview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:10::6814:1cee (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.technologyreview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b949 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.104.167 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-23-104-167.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e6::ac40:ca17 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6814:1bee (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.technologyreview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:293::3adf (European Union)

ASN20940 (AKAMAI-ASN1, US)

sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.205.49 (Amsterdam, Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-26

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.120.157 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.79.197.200 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: a-0001.a-msedge.net

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.31.106.135 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-31-106-135.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.43.115.95 (Amsterdam, Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-43-115-95.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.83.19 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-24

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:73b0 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.172.190.168 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-172-190-168.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.177.104 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-84-177-104.compute-1.amazonaws.com

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.74.252.44 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:109:c00c:104::b93f:9005 (United States) 2 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:109:c002::6cae:a0a (United States) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.248.44 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

m.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.108 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-108.fra50.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2043:9000:1f:573d:79c0:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d8rk54i4mohrb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.239 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.144.229 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f107:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.241.32 (Amsterdam, Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-241-32.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.92.78 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 78.92.95.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.56.252 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-249-56-252.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (European Union) 2 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.224.12 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-224-12.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.148.204 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-148-204.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.93.117.16 (Frankfurt, Germany) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-93-117-16.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:820::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2043:a200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:da00:ff00::36e3:ea03 (United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)

edge.simplereach.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.66.245 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-199-66-245.compute-1.amazonaws.com

srv-2019-03-22-15.config.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.21.194 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.184 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:815::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2.18.235.40 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:fa05 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:fb05 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4016:800::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.208.18.17 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-208-18-17.compute-1.amazonaws.com

srv-2019-03-22-15.pixel.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	technologyreview.com www.technologyreview.com cdn.technologyreview.com	879 KB
26	moatads.com z.moatads.com px.moatads.com	342 KB
15	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	236 KB
11	doubleclick.net securepubads.g.doubleclick.net	121 KB
8	ml314.com 2 redirects ml314.com	15 KB
6	googletagservices.com www.googletagservices.com	151 KB
4	hubspot.com track.hubspot.com forms.hubspot.com	4 KB
4	cloudfront.net d1z2jf7jlzjs58.cloudfront.net d8rk54i4mohrb.cloudfront.net	34 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	google.com adservice.google.com www.google.com	281 B
3	eyeota.net 2 redirects ps.eyeota.net	875 B
3	facebook.com www.facebook.com	452 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	1 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	86 KB
2	parsely.com srv-2019-03-22-15.config.parsely.com srv-2019-03-22-15.pixel.parsely.com	1 KB
2	simplereach.com edge.simplereach.com	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	mathtag.com 2 redirects pixel.mathtag.com	1 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com	657 B
2	quantserve.com secure.quantserve.com pixel.quantserve.com	6 KB
2	hsforms.com forms.hsforms.com	2 KB
2	quora.com a.quora.com q.quora.com	6 KB
2	facebook.net connect.facebook.net	60 KB
2	bing.com bat.bing.com	23 KB
2	cookielaw.org cdn.cookielaw.org	21 KB
1	hubapi.com api.hubapi.com	587 B
1	google.de adservice.google.de	171 B
1	quantcount.com rules.quantcount.com	338 B
1	bluekai.com 1 redirects tags.bluekai.com	341 B
1	amazonaws.com s3.amazonaws.com	3 KB
1	addthisedge.com m.addthisedge.com	385 B
1	twitter.com analytics.twitter.com	262 B
1	onetrust.com geolocation.onetrust.com	195 B
1	reddit.com alb.reddit.com	316 B
1	t.co t.co	170 B
1	hsadspixel.net js.hsadspixel.net	2 KB
1	hsleadflows.net js.hsleadflows.net	59 KB
1	hs-analytics.net js.hs-analytics.net	26 KB
1	redditstatic.com www.redditstatic.com	5 KB
1	hs-scripts.com js.hs-scripts.com	969 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	bizographics.com sjs.bizographics.com	5 KB
1	googletagmanager.com www.googletagmanager.com	37 KB
1	addthis.com s7.addthis.com	110 KB
1	hsforms.net js.hsforms.net	114 KB
149	45

	Domain	Requested by
28	cdn.technologyreview.com	www.technologyreview.com ml314.com
22	px.moatads.com	www.technologyreview.com
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net
11	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.technologyreview.com
8	ml314.com	2 redirects www.technologyreview.com ml314.com
6	www.googletagservices.com	cdn.technologyreview.com securepubads.g.doubleclick.net
4	z.moatads.com	securepubads.g.doubleclick.net
3	track.hubspot.com
3	ps.eyeota.net	2 redirects www.technologyreview.com
3	www.facebook.com	www.technologyreview.com connect.facebook.net
3	px.ads.linkedin.com	2 redirects www.technologyreview.com
3	sb.scorecardresearch.com	1 redirects www.technologyreview.com www.googletagmanager.com
2	pagead2.googlesyndication.com
2	www.google.com	securepubads.g.doubleclick.net
2	edge.simplereach.com	d8rk54i4mohrb.cloudfront.net
2	sync.crwdcntrl.net	2 redirects
2	pixel.mathtag.com	2 redirects
2	idsync.rlcdn.com	2 redirects
2	d8rk54i4mohrb.cloudfront.net	www.technologyreview.com d8rk54i4mohrb.cloudfront.net
2	d1z2jf7jlzjs58.cloudfront.net	www.technologyreview.com d1z2jf7jlzjs58.cloudfront.net
2	forms.hsforms.com	js.hsforms.net
2	connect.facebook.net	www.technologyreview.com connect.facebook.net
2	bat.bing.com	www.googletagmanager.com www.technologyreview.com
2	cdn.cookielaw.org	www.technologyreview.com cdn.cookielaw.org
1	srv-2019-03-22-15.pixel.parsely.com
1	forms.hubspot.com	js.hsleadflows.net
1	api.hubapi.com	js.hsadspixel.net
1	pixel.quantserve.com	www.technologyreview.com
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	srv-2019-03-22-15.config.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	rules.quantcount.com	secure.quantserve.com
1	tags.bluekai.com	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	s3.amazonaws.com	www.technologyreview.com
1	secure.quantserve.com	www.technologyreview.com
1	m.addthisedge.com	s7.addthis.com
1	analytics.twitter.com	static.ads-twitter.com
1	www.linkedin.com	1 redirects
1	geolocation.onetrust.com	cdn.technologyreview.com
1	alb.reddit.com	www.technologyreview.com
1	t.co	www.technologyreview.com
1	q.quora.com	www.technologyreview.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	script.hotjar.com	static.hotjar.com
1	www.redditstatic.com	www.technologyreview.com
1	a.quora.com	www.technologyreview.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	sjs.bizographics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.technologyreview.com
1	s7.addthis.com	www.technologyreview.com
1	js.hsforms.net	www.technologyreview.com
1	www.technologyreview.com
149	57

This site contains links to these domains. Also see Links.

Domain
onetrust.com
go.technologyreview.com
events.technologyreview.com
mediakit.technologyreview.com
dragos.com
www.fireeye.com
www.npr.org
alertlogic.qa.hbr.org
twitter.com
www.facebook.com
subscribe.technologyreview.com
www.mitef.org

Subject Issuer	Validity	Valid
*.technologyreview.com DigiCert SHA2 Secure Server CA	`2017-05-01` - `2020-07-08`	3 years	crt.sh
ssl766686.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-01-18` - `2019-07-27`	6 months	crt.sh
odc-prod-01.oracle.com DigiCert ECC Secure Server CA	`2018-05-06` - `2019-08-05`	a year	crt.sh
cookielaw.org CloudFlare Inc ECC CA-2	`2019-03-19` - `2020-03-19`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2018-04-13` - `2020-04-17`	2 years	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2019-02-08` - `2019-05-09`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2018-08-16` - `2019-08-21`	a year	crt.sh
www.bing.com Microsoft IT TLS CA 5	`2017-07-20` - `2019-07-10`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-03-08` - `2019-06-06`	3 months	crt.sh
ssl817718.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-05` - `2019-09-11`	6 months	crt.sh
*.quora.com DigiCert SHA2 Secure Server CA	`2018-08-15` - `2019-11-26`	a year	crt.sh
*.ml314.com Amazon	`2019-03-16` - `2020-04-16`	a year	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2018-08-17` - `2020-09-02`	2 years	crt.sh
*.scorecardresearch.com COMODO RSA Organization Validation Secure Server CA	`2018-11-28` - `2019-12-26`	a year	crt.sh
ssl431287.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-02-13` - `2019-08-22`	6 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2019-02-08` - `2019-05-09`	3 months	crt.sh
ssl803670.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-12-19` - `2019-06-27`	6 months	crt.sh
ssl817706.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-05` - `2019-09-11`	6 months	crt.sh
ssl803643.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-12-19` - `2019-06-27`	6 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-03-07` - `2020-03-07`	a year	crt.sh
alb.reddit.com Amazon	`2018-06-18` - `2019-07-18`	a year	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2017-06-08` - `2020-06-19`	3 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2017-06-06` - `2019-06-11`	2 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-01-28` - `2020-01-28`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2018-10-16` - `2019-10-21`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-12-03` - `2019-10-25`	a year	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2019-02-08` - `2019-05-09`	3 months	crt.sh
www.eyeota.com COMODO RSA Domain Validation Secure Server CA	`2018-02-12` - `2021-02-11`	3 years	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.simplereach.com Amazon	`2019-02-06` - `2020-03-06`	a year	crt.sh
*.config.parsely.com Amazon	`2019-02-27` - `2020-03-27`	a year	crt.sh
*.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
moatads.com DigiCert ECC Secure Server CA	`2018-11-10` - `2020-02-09`	a year	crt.sh
www.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
ssl817724.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-05` - `2019-09-11`	6 months	crt.sh
hubspot.com CloudFlare Inc ECC CA-2	`2019-01-04` - `2020-01-04`	a year	crt.sh
*.pixel.parsely.com Amazon	`2019-02-27` - `2020-03-27`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Frame ID: 36A45DB88362645EFEDF3595850984DB
Requests: 119 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-d831eecf6f5411af024c3acd759add17.html
Frame ID: 6E37F0BF86294784F73CC29C3238329F
Requests: 1 HTTP requests in this frame

Frame: https://d8rk54i4mohrb.cloudfront.net/container.html?pid=5579ded9736b79d48fc40100&title=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&date=2019-03-05&authors=Martin%20Giles&channels=Connectivity&url=www.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&ignore_errors=false&tags=undefined&referrer=&ref_url=&page_url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&cb=SPR.API.callbacks.cbtopleckql&v=v2.1.1&cache_buster=1553268559557
Frame ID: D99D7986B203C3DB82E3677183C30276
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9C4A2EF3876233EB9D15AF450B64D430
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190320/r20110914/abg_lite.js
Frame ID: 8D8598E2DCCA2C2655A9623F9C9C4BA0
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190320/r20110914/abg_lite.js
Frame ID: 5AA74F63AD5E3CC4EDDBC6F3B3818E1D
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190320/r20110914/abg_lite.js
Frame ID: DE24C093DBB1C89102C79C47B0EC58D7
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190320/r20110914/abg_lite.js
Frame ID: 4FAD1AAFFDE11F673560553C56476668
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Erlang (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /Cowboy/i

Cowboy (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /Cowboy/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^React$/i

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^requirejs$/i

AddThis (Widgets) Expand

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i
env /^google_tag_manager$/i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

HubSpot (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

env /^(?:_hsq|hubspot)$/i

Parse.ly (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^PARSELY$/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^quantserve$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Piwik () Expand

Overall confidence: 100%
Detected patterns

env /^_paq$/i

Page Statistics

149
Requests

100 %
HTTPS

47 %
IPv6

45
Domains

57
Subdomains

54
IPs

7
Countries

2358 kB
Transfer

6433 kB
Size

22
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://go.technologyreview.com/insider/pricing/
Title: Subscribe today

Search URL Search Domain Scan URL

URL: https://events.technologyreview.com/
Title: Events

Search URL Search Domain Scan URL

URL: https://go.technologyreview.com/newsletters
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://mediakit.technologyreview.com/
Title: Advertise with Us

Search URL Search Domain Scan URL

URL: https://dragos.com/resource/xenotime/
Title: using some of the same digital tradecraft

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html
Title: was revealed

Search URL Search Domain Scan URL

URL: https://www.npr.org/2018/07/18/630164914/transcript-dan-coats-warns-of-continuing-russian-cyberattacks
Title: a speech last year

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2018/10/triton-attribution-russian-government-owned-lab-most-likely-built-tools.html
Title: published last October

Search URL Search Domain Scan URL

URL: http://alertlogic.qa.hbr.org/2018/04/internet-insecurity
Title: urging companies to revisit all their operations

Search URL Search Domain Scan URL

URL: https://events.technologyreview.com/emtech/digital/19?utm_medium=trsite&utm_source=instory&utm_campaign=emtech_digital_2019.unpaid.acquisition&utm_content=tags&discount=TAGINST#section-register
Title: Register now

Search URL Search Domain Scan URL

URL: https://events.technologyreview.com/video/watch/urban-ecosystems-reynolds-jacob-wissink/
Title:

Search URL Search Domain Scan URL

URL: https://events.technologyreview.com/video/watch/greg-mark-markforged-3d-printing/
Title:

Search URL Search Domain Scan URL

URL: https://events.technologyreview.com/video/watch/katie-finnegan-walmart-future-retail/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/techreview
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/technologyreview
Title: Facebook

Search URL Search Domain Scan URL

URL: https://subscribe.technologyreview.com/ecom/mtr/app/live/subcustserv?pagemode=start&org=MTR&publ=TR&php=Y
Title: Manage Subscription

Search URL Search Domain Scan URL

URL: http://www.mitef.org/
Title: MIT Enterprise Forum

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://sb.scorecardresearch.com/b?c1=2&c2=16198136&ns__t=1553268558274&ns_c=UTF-8&c8=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&c7=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=16198136&ns__t=1553268558274&ns_c=UTF-8&c8=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&c7=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&c9=

Request Chain 56

https://px.ads.linkedin.com/collect/?time=1553268559027&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&fmt=js&s=1 HTTP 302
https://px.ads.linkedin.com/collect/?time=1553268559027&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&fmt=js&s=1&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1553268559027%26pid%3D8617%26url%3Dhttps%253A%252F%252Fwww.technologyreview.com%252Fs%252F613054%252Fcybersecurity-critical-infrastructure-triton-malware%252F%26fmt%3Djs%26s%3D1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect/?time=1553268559027&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&fmt=js&s=1&cookiesTest=true&liSync=true

Request Chain 66

https://tags.bluekai.com/site/20486?limit=0&id=5978151465836987083&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151465836987083%26eid=50056 HTTP 302
https://ml314.com/csync.ashx?fp=$_BK_UUID&person_id=5978151465836987083&eid=50056

Request Chain 67

https://idsync.rlcdn.com/395886.gif?partner_uid=5978151465836987083 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTNTk3ODE1MTQ2NTgzNjk4NzA4MxAAGg0Iz_7T5AUSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=27f956ceed86a3af469d337a5b1c6e3f0b8e06f95ae6a0800dee4c62f4d13fb7f4cb09cee1a4f8eb&person_id=5978151465836987083&eid=50082

Request Chain 68

https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151465836987083%26eid=50220 HTTP 302
https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151465836987083%26eid=50220&mm_bnc&mm_bct HTTP 302
https://ml314.com/csync.ashx?fp=bb7f5c94-f9f1-4500-8c00-4db2ad290652&person_id=5978151465836987083&eid=50220

Request Chain 69

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151465836987083 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151465836987083 HTTP 302
https://ml314.com/csync.ashx?fp=8eb06518f49fe4725dbca1fe348d5c4b&eid=50146&person_id=5978151465836987083

Request Chain 70

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2xVuCSswb2fkop4mIIX085NxsyZlYMrL6xU23ZWSU0nA&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil HTTP 302
https://ml314.com/csync.ashx?fp=2xVuCSswb2fkop4mIIX085NxsyZlYMrL6xU23ZWSU0nA&person_id=5978151465836987083&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil

149 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/ 96 KB
23 KB 446ms
188ms Document
text/html 52.87.35.92
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.35.92 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-87-35-92.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: f58326635cae286410167913c832771c99ac773493137d769585ba661f547cc7

Request headers

Host: www.technologyreview.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: Cowboy
Connection: keep-alive
Vary: origin,accept-encoding
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Date: Fri, 22 Mar 2019 15:29:17 GMT
Transfer-Encoding: chunked
Via: 1.1 vegur

GET
H2 200 article.css
cdn.technologyreview.com/_/dist/css/ 422 KB
56 KB 99ms
20ms Stylesheet
text/css 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dfb68082d7ed101a1a565f97577b529ebfd8df8286792d5e21434babae63e5f

Request headers

:path: /_/dist/css/article.css?v=cf749434
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
:scheme: https
:method: GET
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Mar 2019 15:10:20 GMT
server: cloudflare
etag: "a32d9971ac714028b56c3634464ae5aef2e1bacf-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin,accept-encoding
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=1209600
set-cookie: __cfduid=d522d69c09f7aab4ce03261503a414c651553268557; expires=Sat, 21-Mar-20 15:29:17 GMT; path=/; domain=.technologyreview.com; HttpOnly
cf-ray: 4bb933462a51c288-FRA
via: 1.1 vegur
expires: Fri, 05 Apr 2019 15:11:49 GMT

GET
H2 200 stacked-logo-v2.svg
cdn.technologyreview.com/_/img/ 3 KB
2 KB 88ms
12ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/stacked-logo-v2.svg
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d99efcd06c0c2bbd57247ca6c0c231560840ef20cd073c61cef5560d7b0709d

Request headers

:path: /_/img/stacked-logo-v2.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
:scheme: https
:method: GET
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:17 GMT
content-encoding: gzip
cf-cache-status: HIT
status: 200
last-modified: Thu, 14 Feb 2019 15:26:54 GMT
server: cloudflare
etag: "042d3591ca7c821f4c185c53abea8d07d92b4fc2-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin,accept-encoding
content-type: image/svg+xml
via: 1.1 vegur
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
set-cookie: __cfduid=d522d69c09f7aab4ce03261503a414c651553268557; expires=Sat, 21-Mar-20 15:29:17 GMT; path=/; domain=.technologyreview.com; HttpOnly
cf-ray: 4bb933462a53c288-FRA

GET
H2 200 mitspot1.jpg
cdn.technologyreview.com/i/images/ 76 KB
76 KB 88ms
12ms Image
image/jpeg 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/i/images/mitspot1.jpg?sw=520&cx=33&cy=58&cw=945&ch=887
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13be0fad34aadb206ab194936a25a9979835f3e5551bd436e85125d142b663cc

Request headers

:path: /i/images/mitspot1.jpg?sw=520&cx=33&cy=58&cw=945&ch=887
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
:scheme: https
:method: GET
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:17 GMT
via: 1.1 vegur
cf-cache-status: HIT
cf-polished: degrade=85, origSize=95971
status: 200
content-length: 77882
last-modified: Tue, 05 Mar 2019 18:34:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/jpeg
expires: Tue, 02 Apr 2019 19:48:22 GMT
cache-control: public, max-age=1209600
set-cookie: __cfduid=d522d69c09f7aab4ce03261503a414c651553268557; expires=Sat, 21-Mar-20 15:29:17 GMT; path=/; domain=.technologyreview.com; HttpOnly
accept-ranges: bytes
cf-ray: 4bb933462a52c288-FRA
cf-bgj: imgq:85

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 413 KB
114 KB 93ms
17ms Script
application/javascript 2606:4700::6811:b949
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b949 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d937ae96df3f764ad89b068a2bbb15277e079eb9f40756198dea0521663435c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:17 GMT
via: 1.1 3f664d29b735d0f07574fc4382fb0221.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-amz-version-id: 9zXkCjIlpNZk3WYWZ39S0aOPhij9jPHz
last-modified: Thu, 14 Mar 2019 04:33:45 GMT
server: cloudflare
etag: W/"3a41fb7e673f908ba1f800189961db31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
cf-ray: 4bb93346bc86273e-FRA
x-amz-cf-id: WRQ-A44cH1Xs-btrCwpyVZA1T6knZJY-ko95zihvzraLB4g4kdSa2A==

GET
H2 200 mitspots2.jpg
cdn.technologyreview.com/i/images/ 80 KB
81 KB 11ms
10ms Image
image/jpeg 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/i/images/mitspots2.jpg?sw=570&cx=26&cy=97&cw=963&ch=881
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 648bde3606e8abcadc6a94dab68193fb00b97a69c7ceeba4ce95daf3a61afe61

Request headers

:path: /i/images/mitspots2.jpg?sw=570&cx=26&cy=97&cw=963&ch=881
pragma: no-cache
cookie: __cfduid=d522d69c09f7aab4ce03261503a414c651553268557
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
:scheme: https
:method: GET
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:17 GMT
via: 1.1 vegur
cf-cache-status: HIT
cf-polished: degrade=85, origSize=101822
status: 200
content-length: 82420
last-modified: Mon, 04 Mar 2019 15:43:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/jpeg
expires: Tue, 02 Apr 2019 19:28:46 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 4bb933465b36c288-FRA
cf-bgj: imgq:85

GET
H2 200 mitheaderfinalv4.jpg
cdn.technologyreview.com/i/images/ 220 KB
221 KB 16ms
9ms Image
image/jpeg 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/i/images/mitheaderfinalv4.jpg?sw=1080&cx=0&cy=0&cw=2756&ch=1697
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f20738fd2ecc88cdac45a4ce358fec1ab0b1693d2a1d861aa82872919f528cbc

Request headers

:path: /i/images/mitheaderfinalv4.jpg?sw=1080&cx=0&cy=0&cw=2756&ch=1697
pragma: no-cache
cookie: __cfduid=d522d69c09f7aab4ce03261503a414c651553268557
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
:scheme: https
:method: GET
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:17 GMT
via: 1.1 vegur
cf-cache-status: HIT
cf-polished: degrade=85, origSize=279740
status: 200
content-length: 225546
last-modified: Mon, 04 Mar 2019 15:43:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/jpeg
expires: Tue, 02 Apr 2019 19:48:22 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 4bb933468c26c288-FRA
cf-bgj: imgq:85

GET
H2 200 giles.png
cdn.technologyreview.com/i/profiles/avatars/ 6 KB
6 KB 14ms
9ms Image
image/png 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/i/profiles/avatars/giles.png?sw=75
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ec92479b90fa26815b14755ca5645cf8900f7b5df5313f2f8046f9352c76a7a

Request headers

:path: /i/profiles/avatars/giles.png?sw=75
pragma: no-cache
cookie: __cfduid=d522d69c09f7aab4ce03261503a414c651553268557
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
:scheme: https
:method: GET
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:17 GMT
via: 1.1 vegur
cf-cache-status: HIT
cf-polished: pngoptimizer, origSize=7773
status: 200
content-length: 5855
last-modified: Tue, 07 Nov 2017 22:12:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/png
expires: Fri, 05 Apr 2019 05:42:13 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 4bb933468c28c288-FRA
cf-bgj: imgq:85

GET
H2 200 horizontal-logo-v2--white.svg
cdn.technologyreview.com/_/img/ 4 KB
2 KB 23ms
18ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/horizontal-logo-v2--white.svg
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9804319e04965fab520e9c970fbf67c1f08038c26fc8312af3dcaecd815f6515

Request headers

:path: /_/img/horizontal-logo-v2--white.svg
pragma: no-cache
cookie: __cfduid=d522d69c09f7aab4ce03261503a414c651553268557
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
:scheme: https
:method: GET
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 06 Feb 2019 16:52:42 GMT
server: cloudflare
etag: "a22e2f24f82d4c30c6b28120a74c355945a45672-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin,accept-encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
cf-ray: 4bb933468c29c288-FRA
via: 1.1 vegur

GET
H2 200 default.js Show response
cdn.technologyreview.com/_/dist/js/ 453 KB
127 KB 23ms
18ms Script
application/javascript 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/dist/js/default.js?v=cf749434
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4082a52c011028ce4f4d524b09c2a028170e7ff102dd8e2f7e66b230bb20c46c

Request headers

:path: /_/dist/js/default.js?v=cf749434
pragma: no-cache
cookie: __cfduid=d522d69c09f7aab4ce03261503a414c651553268557
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
:scheme: https
:method: GET
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Mar 2019 15:10:20 GMT
server: cloudflare
etag: "2adac6dc838f5ab55dac3db29594fc28ceaf8909-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin,accept-encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=1209600
cf-ray: 4bb933468c2ac288-FRA
via: 1.1 vegur
expires: Fri, 05 Apr 2019 15:11:49 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/250/ 344 KB
110 KB 118ms
34ms Script
application/javascript 2.23.104.167
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s7.addthis.com/js/250/addthis_widget.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.23.104.167 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-23-104-167.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ae3ea387b378c0292d88b248f89469115159836aa628d33862e409f2cc7ba67a

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:17 GMT
content-encoding: gzip
surrogate-key: client_dist
last-modified: Thu, 28 Feb 2019 14:32:49 GMT
etag: "5c77f111-561d6"
vary: Accept-Encoding
x-distribution: 99
cache-tag: client_dist
status: 200
cache-control: public, max-age=600
x-host: s7.addthis.com
accept-ranges: bytes
timing-allow-origin: *
content-type: application/javascript

GET
H2 200 ArticleSubscriptionStump.js Show response
cdn.technologyreview.com/_/dist/js/ 157 KB
41 KB 22ms
18ms Script
application/javascript 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/dist/js/ArticleSubscriptionStump.js?v=cf749434
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6271892e0407de92b416611dd9a2a2c582146c66837a62c8291f0019645914de

Request headers

:path: /_/dist/js/ArticleSubscriptionStump.js?v=cf749434
pragma: no-cache
cookie: __cfduid=d522d69c09f7aab4ce03261503a414c651553268557
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
:scheme: https
:method: GET
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Mar 2019 15:10:20 GMT
server: cloudflare
etag: "a346c7752a2b974dd9324317f29fa70e82a9d5bb-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin,accept-encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=1209600
cf-ray: 4bb933468c2cc288-FRA
via: 1.1 vegur
expires: Fri, 05 Apr 2019 15:11:49 GMT

GET
H2 200 article.js Show response
cdn.technologyreview.com/_/dist/js/ 245 KB
69 KB 21ms
18ms Script
application/javascript 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/dist/js/article.js?v=cf749434
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60119eec052ee61297a5db952be472f058908a8770133f7e7b35695d3461dbed

Request headers

:path: /_/dist/js/article.js?v=cf749434
pragma: no-cache
cookie: __cfduid=d522d69c09f7aab4ce03261503a414c651553268557
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
:scheme: https
:method: GET
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Mar 2019 15:10:20 GMT
server: cloudflare
etag: "41044ab807a9ff3ce75c5928783887c3503e7d66-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin,accept-encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=1209600
cf-ray: 4bb933468c2fc288-FRA
via: 1.1 vegur
expires: Fri, 05 Apr 2019 15:11:49 GMT

GET
H2 200 a321aa9c-3063-4225-abb6-0285fd5607e6.js Show response
cdn.cookielaw.org/consent/ 90 KB
15 KB 59ms
15ms Script
application/x-javascript 2606:4700:e6::ac40:ca17
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/consent/a321aa9c-3063-4225-abb6-0285fd5607e6.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca17 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcb266205826d7200403a3b88f415a211e3db0503c6bc7b2b06bef0e1991f11e

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Mar 2019 15:29:17 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: aWz4izv6GBiD08dIp4/GGQ==
status: 200
x-ms-lease-status: unlocked
last-modified: Tue, 20 Nov 2018 19:08:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/x-javascript
x-ms-request-id: 3d5bbfcd-201e-00a4-0517-e0e202000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 4bb93346de1197bc-FRA
expires: Fri, 22 Mar 2019 19:29:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 158 KB
37 KB 18ms
16ms Script
application/javascript 2a00:1450:4001:808::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN

Requested by

Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:808::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

6039d59d280caf4100ed5c743b1793853d9c2d1e4aba63a037e14d50ce452538

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:17 GMT
content-encoding: br
last-modified: Thu, 21 Mar 2019 18:08:06 GMT
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 37418
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 15:29:17 GMT

GET
H2 200 angle-arrow.svg
cdn.technologyreview.com/_/img/ 327 B
328 B 19ms
12ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/angle-arrow.svg
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd191ef8796b5d0f92892273e05517556478b9401863b8f69c5550726f24d901

Request headers

:path: /_/img/angle-arrow.svg
pragma: no-cache
cookie: __cfduid=d522d69c09f7aab4ce03261503a414c651553268557
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4bb93346dd59c288-FRA
date: Fri, 22 Mar 2019 15:29:17 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Thu, 14 Feb 2019 15:26:54 GMT
server: cloudflare
etag: W/"15b4d900c5b7a0a7affa4c25ffcca1aa95e18276"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 angle-arrow--red.svg
cdn.technologyreview.com/_/img/ 324 B
349 B 19ms
11ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/angle-arrow--red.svg
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 381505fbbe1274b2f5b58f56e879542b46e7e5af1faa56176e8b437e288d5018

Request headers

:path: /_/img/angle-arrow--red.svg
pragma: no-cache
cookie: __cfduid=d522d69c09f7aab4ce03261503a414c651553268557
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4bb93346dd5ac288-FRA
date: Fri, 22 Mar 2019 15:29:17 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Fri, 08 Feb 2019 18:41:04 GMT
server: cloudflare
etag: W/"dd21ece53e401d9f12e057457506adc637df1d2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 mag-small.svg
cdn.technologyreview.com/_/img/ 706 B
583 B 26ms
19ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/mag-small.svg
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d09eefb45e90f4236f585e2fd604e9270dda2c91c85b3a38a66017c775da334

Request headers

:path: /_/img/mag-small.svg
pragma: no-cache
cookie: __cfduid=d522d69c09f7aab4ce03261503a414c651553268557
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4bb93346dd5bc288-FRA
date: Fri, 22 Mar 2019 15:29:17 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 20 Feb 2019 21:00:09 GMT
server: cloudflare
etag: W/"a4684abbdff24c669f717c37b31082b0a306b316"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 nhaasgroteskdsstd-25th.woff
cdn.technologyreview.com/_/fonts/ 29 KB
29 KB 72ms
19ms Font
font/woff 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/fonts/nhaasgroteskdsstd-25th.woff
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fc61bf0728b3a21438b4539c6fa9cfe549b89a537d375d72dd7c687ac26b41f

Request headers

:path: /_/fonts/nhaasgroteskdsstd-25th.woff
pragma: no-cache
origin: https://www.technologyreview.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
Origin: https://www.technologyreview.com

Response headers

date: Fri, 22 Mar 2019 15:29:17 GMT
via: 1.1 vegur
cf-cache-status: HIT
status: 200
content-length: 29648
last-modified: Wed, 20 Feb 2019 21:00:09 GMT
server: cloudflare
etag: "8015811674c0d479d73e3af0b0dfc299918a7915"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: font/woff
access-control-allow-origin: https://www.technologyreview.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
set-cookie: __cfduid=de2b5381e09f8db5d26b115e46955f78b1553268557; expires=Sat, 21-Mar-20 15:29:17 GMT; path=/; domain=.technologyreview.com; HttpOnly
accept-ranges: bytes
cf-ray: 4bb933472f3964ed-FRA

GET
H2 200 nhaasgroteskdsstd-55rg.woff
cdn.technologyreview.com/_/fonts/ 28 KB
28 KB 72ms
19ms Font
font/woff 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/fonts/nhaasgroteskdsstd-55rg.woff
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cab9300f0ecfc026cc2e558aaea117dc5b536c0728deb27e763b27659a093118

Request headers

:path: /_/fonts/nhaasgroteskdsstd-55rg.woff
pragma: no-cache
origin: https://www.technologyreview.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
Origin: https://www.technologyreview.com

Response headers

date: Fri, 22 Mar 2019 15:29:17 GMT
via: 1.1 vegur
cf-cache-status: HIT
status: 200
content-length: 28680
last-modified: Thu, 21 Feb 2019 22:29:54 GMT
server: cloudflare
etag: "0330073a9ff8526feae0b20a7f0232b3d98c3f45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: font/woff
access-control-allow-origin: https://www.technologyreview.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
set-cookie: __cfduid=de2b5381e09f8db5d26b115e46955f78b1553268557; expires=Sat, 21-Mar-20 15:29:17 GMT; path=/; domain=.technologyreview.com; HttpOnly
accept-ranges: bytes
cf-ray: 4bb933472f3f64ed-FRA

GET
H2 200 nhaasgroteskdsstd-75bd.woff
cdn.technologyreview.com/_/fonts/ 31 KB
31 KB 72ms
19ms Font
font/woff 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/fonts/nhaasgroteskdsstd-75bd.woff
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e3e0c14cd2f2f6c9e3f7f49ca91e0285b0f748c29e82380e2ac77750f613958

Request headers

:path: /_/fonts/nhaasgroteskdsstd-75bd.woff
pragma: no-cache
origin: https://www.technologyreview.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
Origin: https://www.technologyreview.com

Response headers

date: Fri, 22 Mar 2019 15:29:17 GMT
via: 1.1 vegur
cf-cache-status: HIT
status: 200
content-length: 31496
last-modified: Wed, 20 Feb 2019 21:00:09 GMT
server: cloudflare
etag: "10723ba58aa923a29a4cc4d4d8fd3bc9199915f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: font/woff
access-control-allow-origin: https://www.technologyreview.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
set-cookie: __cfduid=de2b5381e09f8db5d26b115e46955f78b1553268557; expires=Sat, 21-Mar-20 15:29:17 GMT; path=/; domain=.technologyreview.com; HttpOnly
accept-ranges: bytes
cf-ray: 4bb933472f3d64ed-FRA

GET
H2 200 nhaasgroteskdsstd-65md.woff
cdn.technologyreview.com/_/fonts/ 29 KB
30 KB 67ms
15ms Font
font/woff 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/fonts/nhaasgroteskdsstd-65md.woff
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 762e5fd7df3e5f35b2b9cf5c5cc01b0e67420fb73a4a9be8eb236184bf6ad763

Request headers

:path: /_/fonts/nhaasgroteskdsstd-65md.woff
pragma: no-cache
origin: https://www.technologyreview.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
Origin: https://www.technologyreview.com

Response headers

date: Fri, 22 Mar 2019 15:29:17 GMT
via: 1.1 vegur
cf-cache-status: HIT
status: 200
content-length: 30116
last-modified: Wed, 20 Feb 2019 21:00:09 GMT
server: cloudflare
etag: "844894e7fdbbe6f603a9d26e39e5b2ea9139fc21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: font/woff
access-control-allow-origin: https://www.technologyreview.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
set-cookie: __cfduid=de2b5381e09f8db5d26b115e46955f78b1553268557; expires=Sat, 21-Mar-20 15:29:17 GMT; path=/; domain=.technologyreview.com; HttpOnly
accept-ranges: bytes
cf-ray: 4bb933472f3b64ed-FRA

GET
H2 200 ionicons.ttf
cdn.technologyreview.com/_/fonts/ 5 KB
3 KB 64ms
13ms Font
font/ttf 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/fonts/ionicons.ttf?v=3.0.5
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80e0e663ec8e77b09b27581a613982039b6fd7830eb55c6cf6e038fdf9e13e63

Request headers

:path: /_/fonts/ionicons.ttf?v=3.0.5
pragma: no-cache
origin: https://www.technologyreview.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
Origin: https://www.technologyreview.com

Response headers

date: Fri, 22 Mar 2019 15:29:17 GMT
via: 1.1 vegur
cf-cache-status: HIT
status: 200
content-encoding: gzip
last-modified: Fri, 08 Feb 2019 02:07:07 GMT
server: cloudflare
etag: W/"2a8564c8bb358f64c9588bf8af268edfa7221861"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: font/ttf
access-control-allow-origin: https://www.technologyreview.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
set-cookie: __cfduid=de2b5381e09f8db5d26b115e46955f78b1553268557; expires=Sat, 21-Mar-20 15:29:17 GMT; path=/; domain=.technologyreview.com; HttpOnly
cf-ray: 4bb933472f3c64ed-FRA

GET
H2 200 font-bureau-millertext-roman.woff
cdn.technologyreview.com/_/fonts/ 22 KB
22 KB 66ms
15ms Font
font/woff 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/fonts/font-bureau-millertext-roman.woff
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a20f6ee8f0590104e47e29e590d8f2698bf4bc5486b80d5f05e8ea5b4d427df

Request headers

:path: /_/fonts/font-bureau-millertext-roman.woff
pragma: no-cache
origin: https://www.technologyreview.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
Origin: https://www.technologyreview.com

Response headers

date: Fri, 22 Mar 2019 15:29:17 GMT
via: 1.1 vegur
cf-cache-status: HIT
status: 200
content-length: 22268
last-modified: Wed, 06 Feb 2019 16:52:42 GMT
server: cloudflare
etag: "a14ac2087fe727714eb810a897adbfb482ede712"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: font/woff
access-control-allow-origin: https://www.technologyreview.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
set-cookie: __cfduid=de2b5381e09f8db5d26b115e46955f78b1553268557; expires=Sat, 21-Mar-20 15:29:17 GMT; path=/; domain=.technologyreview.com; HttpOnly
accept-ranges: bytes
cf-ray: 4bb933472f4064ed-FRA

GET
H2 200 nhaasgroteskdsstd-35xlt.woff
cdn.technologyreview.com/_/fonts/ 28 KB
29 KB 70ms
19ms Font
font/woff 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/fonts/nhaasgroteskdsstd-35xlt.woff
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 623bbd6e9fc0d231a07dbde18fe91c2f1eccb1aaa13c0a2ca2be0bbb963408bb

Request headers

:path: /_/fonts/nhaasgroteskdsstd-35xlt.woff
pragma: no-cache
origin: https://www.technologyreview.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
Origin: https://www.technologyreview.com

Response headers

date: Fri, 22 Mar 2019 15:29:17 GMT
via: 1.1 vegur
cf-cache-status: HIT
status: 200
content-length: 29076
last-modified: Tue, 19 Feb 2019 21:58:52 GMT
server: cloudflare
etag: "34eaf53dcd6d0f1be6717e94082cbfbaf930d167"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: font/woff
access-control-allow-origin: https://www.technologyreview.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
set-cookie: __cfduid=de2b5381e09f8db5d26b115e46955f78b1553268557; expires=Sat, 21-Mar-20 15:29:17 GMT; path=/; domain=.technologyreview.com; HttpOnly
accept-ranges: bytes
cf-ray: 4bb933472f3a64ed-FRA

GET
H/1.1 200
OK insight.min.js Show response
sjs.bizographics.com/ 15 KB
5 KB 11ms
8ms Script
application/x-javascript 2a02:26f0:6c00:293::3adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:293::3adf , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 15:29:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Dec 2018 23:03:30 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=63765
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4571

GET
H2 200 hotjar-531874.js Show response
static.hotjar.com/c/ 3 KB
2 KB 27ms
25ms Script
application/javascript 147.75.205.49
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-531874.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.205.49 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-26

Software

openresty /

Resource Hash

e83c9abb65221b77d3c57b4f326d9ecb131bc2f1ff8fb2b4077633e5317e937f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 26
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 1511
x-cache-hit: 1
server: openresty
x-frame-options: SAMEORIGIN
etag: W/d1ef17794585fa1ae4ee75f62f87c438
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.069
accept-ranges: bytes
section-io-id: 697b0bcd2983e7af82e04a4e6914c3cf

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 28ms
27ms Script
application/javascript 151.101.120.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.157 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:18 GMT
content-encoding: gzip
age: 84112
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-cdg20721-CDG
last-modified: Tue, 23 Jan 2018 19:05:33 GMT
x-timer: S1553268558.296344,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 bat.js Show response
bat.bing.com/ 22 KB
23 KB 85ms
34ms Script
application/javascript 204.79.197.200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.79.197.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: 06768ff08a78f24b60973b047561141c4413864fa2d3ac9292fb0b217a81f917

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:17 GMT
last-modified: Fri, 08 Mar 2019 01:08:18 GMT
x-msedge-ref: Ref A: CED4F4B27DA94AB49E60A1DEAA5B00D9 Ref B: FRAEDGE0920 Ref C: 2019-03-22T15:29:18Z
access-control-allow-origin: *
etag: "0ed1a6a4bd5d41:0"
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 23004

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 52 KB
15 KB 18ms
14ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

6bb981959d783d83df88b9aa48738948c9a8a22c1a31b8cb5305d3e338ebf9a7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 15216
x-xss-protection: 0
pragma: public
x-fb-debug: qW3exrhyNVnfYtexWZfdh7hlJES+o7e1HbgAGQTe18sR3rMO0vJjArM20ULXEJ8G0f3wf9EaJOLmUM0bnEcCcw==
date: Fri, 22 Mar 2019 15:29:18 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 4518541.js Show response
js.hs-scripts.com/ 1 KB
969 B 54ms
10ms Script
application/javascript 2606:4700::6811:d3cc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/4518541.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4f74426cd765a619d66202aedab4f4005582aa69ee114d54704b9097f0285db

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:18 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-polished: origSize=1636
status: 200
access-control-max-age: 3600
cf-bgj: minify
server: cloudflare
x-trace: 2BF8230AC6AC0591EEAB7CF63B36505C2EB3EB5135000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 4bb933498968bed0-FRA
expires: Fri, 22 Mar 2019 15:30:18 GMT

GET
H2 200 qevents.js Show response
a.quora.com/ 17 KB
6 KB 69ms
11ms Script
text/plain 151.101.1.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f37d74095d27ff0f96a5db6eb5136c477109a18e09d9dc6b94bd9cb5f45fba2

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: YCV7VuLi1FWNdCoW3lEJrFWrz1GWe8vX
content-encoding: gzip
age: 574
x-cache: HIT
status: 200
date: Fri, 22 Mar 2019 15:29:18 GMT
content-length: 5544
x-amz-id-2: B39JIW/GWrnRUySHwWhlWu4ZOkpHhpCDkL1+19pk7UCj6cz8dY6TM/c4yfHDqi5FZjltKzXsbZM=
x-served-by: cache-hhn1545-HHN
last-modified: Thu, 17 May 2018 01:54:45 GMT
server: AmazonS3
x-timer: S1553268558.343335,VS0,VE0
etag: "ff1694b5052cad982a64fab43387cf6d"
vary: Accept-Encoding
x-amz-request-id: 7757EB3811C7F1B0
via: 1.1 varnish
cache-control: max-age=7200
accept-ranges: bytes
content-type: text/plain; charset=us-ascii
x-cache-hits: 580

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 26 KB
12 KB 134ms
29ms Script
application/javascript 52.31.106.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?222
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.106.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-106-135.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a3273dce4deb1a87d9c6b75ce1b9305872ee56ad6da2ab873858d9d20d1ff3a8

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 15:29:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Mar 2019 06:49:23 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=55205
Connection: keep-alive
Content-Length: 11908
Expires: Sat, 23 Mar 2019 06:49:23 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 14 KB
5 KB 68ms
10ms Script
application/javascript 151.101.1.140
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: snooserv /
Resource Hash: 1772bb9221cb908badb4c99fa3eab2f23b638e14f72125673fe8394681bf4d32

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:18 GMT
content-encoding: gzip
age: 39
x-cache: HIT, HIT
status: 200
content-length: 4684
x-served-by: cache-iad2149-IAD, cache-hhn1538-HHN
last-modified: Thu, 14 Mar 2019 17:58:22 GMT
server: snooserv
x-timer: S1553268558.345504,VS0,VE0
etag: "3d2d7b01680c9e57b1dc0af281c1b2da"
vary: Accept-Encoding,Origin
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=60
accept-ranges: bytes
x-cache-hits: 1, 12

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=16198136&ns__t=1553268558274&ns_c=UTF-8&c8=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%...
https://sb.scorecardresearch.com/b2?c1=2&c2=16198136&ns__t=1553268558274&ns_c=UTF-8&c8=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT...

0
248 B

10ms
8ms

Image
text/plain

23.43.115.95
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=16198136&ns__t=1553268558274&ns_c=UTF-8&c8=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&c7=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&c9=
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.115.95 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-43-115-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:18 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=16198136&ns__t=1553268558274&ns_c=UTF-8&c8=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&c7=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&c9=
Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:18 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3e69a4f7-5967-47be-bdc7-4326b12c2581 Show response
forms.hsforms.com/embed/v3/form/4518541/ 3 KB
1 KB 483ms
399ms Script
application/javascript 2606:4700::6810:5705
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/4518541/3e69a4f7-5967-47be-bdc7-4326b12c2581?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6464eeaf0666b5948fbc683eec370a6601d12abdaaac0d8560672c6d4a2e0bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-trace: 2B525AB5D53D731528A5F0F07131BDC486B1E28C3E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
content-disposition: attachment; filename=no-rfd.txt
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 4bb9334aeded236c-FRA
content-length: 945

GET
H2 200 302431540264875 Show response
connect.facebook.net/signals/config/ 186 KB
45 KB 16ms
15ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/302431540264875?v=2.8.42&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

696f31b56da5b1713ffb8b3bbbf7b56a7cec56a34a156ee93e9b59ccf516ca30

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 45966
x-xss-protection: 0
pragma: public
x-fb-debug: hAxOF3KEse8VHIgeVr5rgXQzX5lRHAZAmzsGAhXJxHTapZ537zmjI8Ot1TD9sGpQ7LkxyuzKbiQwn5/NOHr/uQ==
date: Fri, 22 Mar 2019 15:29:18 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules-e39a5507cbb05f5d456097501c919882.js Show response
script.hotjar.com/ 403 KB
84 KB 54ms
17ms Script
application/javascript 147.75.83.19
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules-e39a5507cbb05f5d456097501c919882.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-531874.js?sv=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.83.19 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-24

Software

Resource Hash

f5ee20343782e170511daaa30e087970a5dec8ad9ad108ed0e174d0ec583dbf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Mar 2019 16:10:50 GMT
access-control-allow-origin: *
etag: W/"e39a5507cbb05f5d456097501c919882"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.025
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: a94b3ad4f201472e504738e20a371369
content-length: 85707

GET
H2 200 4518541.js Show response
js.hs-analytics.net/analytics/1553268300000/ 77 KB
26 KB 18ms
10ms Script
text/javascript 2606:4700::6811:47b0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1553268300000/4518541.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4518541.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd1e2fe2887db6cffac6a9bdfb3954a97b581d6b7db0d75439eb7075adbe9f95

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:18 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 9C4D36BAF0FB7838
status: 200
content-type: text/javascript
x-amz-id-2: CF+AoqKjbm3AvjuQJdIyU3hK2+C63r5YtGclfv+QKAawSODQdM49VhTZhkTq3srUQHGEEKxhuAc=
last-modified: Mon, 18 Mar 2019 19:29:11 GMT
server: cloudflare
etag: W/"e696cd518dcfcc861c3a11c4a1bdf95b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 4bb9334adc73c274-FRA
expires: Fri, 22 Mar 2019 15:30:50 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 369 KB
59 KB 34ms
29ms Script
application/javascript 2606:4700::6811:e9cc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4518541.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae6cb9e1ef4b334f6182c560e74a7e4f137f84a5800d2cc6636c79b2122155d8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Origin: https://www.technologyreview.com

Response headers

date: Fri, 22 Mar 2019 15:29:18 GMT
via: 1.1 8f98a0b4c1a6979299c34e2923b8a5e0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
content-type: application/javascript; charset=utf-8
last-modified: Thu, 21 Mar 2019 04:35:32 GMT
server: cloudflare
etag: W/"37e06ae457b9ad8450954f513599ba39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: os9Kc7Wa17UkrV1L6O3t2E0VWKeyTSic
access-control-allow-origin: *
cache-control: max-age=600
cf-ray: 4bb9334adcff9810-FRA
x-amz-cf-id: oEJRgGEviBu4u8ZpVtRyPx0zfZA7KUiZ4IxYu4_HPsCxgICAVCpGVw==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 4 KB
2 KB 98ms
32ms Script
application/javascript 2606:4700::6811:73b0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4518541.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:73b0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83f0568d44d6151864a2921696af9d5460c47e955dbc79c1df5be58097b317ef

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:18 GMT
via: 1.1 a97d638d4e395a6f27b927572cf3bfda.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: gzip
x-amz-version-id: r..JH0ehXuvcXwce9WramFZgEXYgVmJB
last-modified: Fri, 01 Mar 2019 01:16:27 GMT
server: cloudflare
etag: W/"6ac55f60220e99f26ae7ebdc1d99c061"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=600
cf-ray: 4bb9334b4e29c2ba-FRA
x-amz-cf-id: oq-dyPFem5ddMSthKIX3ZHEEdvkzV_SBeMYTen4WktH_puyFZgqwPg==

GET
H2 200 3045c9cb-513f-4fa0-b110-58ef9d14b329 Show response
forms.hsforms.com/embed/v3/form/4518541/ 3 KB
1 KB 409ms
404ms Script
application/javascript 2606:4700::6810:5705
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/4518541/3045c9cb-513f-4fa0-b110-58ef9d14b329?callback=hs_reqwest_1&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f7583a7b337ef2f75c1128c866d5dfbada071ddba793a2974ae41a654cc1665

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-trace: 2BDF5AE74594D1F601B4BE3B70A77F1933DEC4B25A000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
content-disposition: attachment; filename=no-rfd.txt
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 4bb9334b9e63236c-FRA
content-length: 963

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/584156a671384c9eabef3ba21775e0d4/ 43 B
331 B 400ms
99ms Image
image/gif 54.172.190.168
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://q.quora.com/_/ad/584156a671384c9eabef3ba21775e0d4/pixel?j=1&u=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&tag=ViewContent&ts=1553268558638
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.190.168 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-172-190-168.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 15:29:19 GMT
X-Q-Recv-Port: 81
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 adsct
t.co/i/ 43 B
170 B 128ms
126ms Image
image/gif 104.244.42.5
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nuwy6&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 105
pragma: no-cache
last-modified: Fri, 22 Mar 2019 15:29:18 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 24be6ac2474f94ba23ca8d66beef9e18
x-transaction: 0052e8f8000bf7a3
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK rp.gif
alb.reddit.com/ 35 B
316 B 475ms
114ms Image
image/gif 54.84.177.104
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1553268558647&id=t2_25alwh0c&event=PageVisit&s=fEZ6KBZWRTJtXtFarPfLLLD%2Bv1x1FpvQ0WOmc03XjaI%3D
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.177.104 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-84-177-104.compute-1.amazonaws.com
Software: /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 15:29:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 204 0
bat.bing.com/action/ 0
171 B 32ms
32ms Image
text/plain 204.79.197.200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=16002556&Ver=2&mid=321503f5-cb07-50e8-059d-fc4d571dc212&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware,%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&p=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&r=&evt=pageLoad&msclkid=N&rn=348486
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.79.197.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 22 Mar 2019 15:29:18 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 930E894BE3454912804BFAE3BDDE41B1 Ref B: FRAEDGE0920 Ref C: 2019-03-22T15:29:18Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 arrow--red.svg
cdn.technologyreview.com/_/img/ 313 B
563 B 14ms
14ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/arrow--red.svg
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3145e9b70309578810dd484cbb2f225f87ce90ec15ada2ae3388d9723a20142

Request headers

:path: /_/img/arrow--red.svg
pragma: no-cache
cookie: __cfduid=d522d69c09f7aab4ce03261503a414c651553268557; _gcl_au=1.1.798360728.1553268558
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4bb9334bbddac288-FRA
date: Fri, 22 Mar 2019 15:29:18 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Thu, 14 Feb 2019 15:26:54 GMT
server: cloudflare
etag: W/"36a7819f58d51035686ec4dac851ff7b6c0a32c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 arrow.svg
cdn.technologyreview.com/_/img/ 298 B
374 B 9ms
8ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/arrow.svg
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: da0ec95c7f4beb658ce61a4e6db2d57cbfaf0bcfdbd2bf508506ced773eca16f

Request headers

:path: /_/img/arrow.svg
pragma: no-cache
cookie: __cfduid=d522d69c09f7aab4ce03261503a414c651553268557; _gcl_au=1.1.798360728.1553268558
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4bb9334bbdddc288-FRA
date: Fri, 22 Mar 2019 15:29:18 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Tue, 19 Feb 2019 21:58:52 GMT
server: cloudflare
etag: W/"277a4f1bf37a0256088098400ff79881ed5903e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 x-small--white.svg
cdn.technologyreview.com/_/img/ 617 B
524 B 10ms
9ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/x-small--white.svg
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09a5596268b9389da432f3eced3319e6ec40220e613cdd742517713e431cb40b

Request headers

:path: /_/img/x-small--white.svg
pragma: no-cache
cookie: __cfduid=d522d69c09f7aab4ce03261503a414c651553268557; _gcl_au=1.1.798360728.1553268558
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4bb9334bbdebc288-FRA
date: Fri, 22 Mar 2019 15:29:18 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Fri, 22 Mar 2019 15:01:34 GMT
server: cloudflare
etag: W/"78c959d70a02b530cd095d8d957a773343ee79fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 social-icon--twitter.svg
cdn.technologyreview.com/_/img/ 932 B
647 B 10ms
10ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/social-icon--twitter.svg
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b66eeb4d09255e5f5bfa2fb7f191a342a7c072a6426107fde848b065ba0a9e1

Request headers

:path: /_/img/social-icon--twitter.svg
pragma: no-cache
cookie: __cfduid=d522d69c09f7aab4ce03261503a414c651553268557; _gcl_au=1.1.798360728.1553268558
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4bb9334bbdf4c288-FRA
date: Fri, 22 Mar 2019 15:29:18 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 20 Feb 2019 21:00:09 GMT
server: cloudflare
etag: W/"bc6339cafb6314cb8e70a70a5ec9ba9a3fa4ff72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 social-icon--facebook.svg
cdn.technologyreview.com/_/img/ 612 B
529 B 11ms
11ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/social-icon--facebook.svg
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f77743f6848ac60f92e05cd59b29fda0e596f579343647f8930254ef996b455

Request headers

:path: /_/img/social-icon--facebook.svg
pragma: no-cache
cookie: __cfduid=d522d69c09f7aab4ce03261503a414c651553268557; _gcl_au=1.1.798360728.1553268558
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4bb9334bcdf7c288-FRA
date: Fri, 22 Mar 2019 15:29:18 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 06 Feb 2019 16:52:42 GMT
server: cloudflare
etag: W/"9c217868e751a6fde6084b1004a224143b4e396c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 social-icon--rss.svg
cdn.technologyreview.com/_/img/ 826 B
624 B 14ms
11ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/social-icon--rss.svg
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa406a3b680dad647af5fa7aa717580bb12e1b13d6efb7e23f344c751f03cfb3

Request headers

:path: /_/img/social-icon--rss.svg
pragma: no-cache
cookie: __cfduid=d522d69c09f7aab4ce03261503a414c651553268557; _gcl_au=1.1.798360728.1553268558
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4bb9334bce03c288-FRA
date: Fri, 22 Mar 2019 15:29:18 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Fri, 08 Feb 2019 18:41:04 GMT
server: cloudflare
etag: W/"88af12e69f55edde5bfb143dd6766b8f9ba4b7fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 tr-glyph-v2--white.svg
cdn.technologyreview.com/_/img/ 323 B
358 B 13ms
11ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/tr-glyph-v2--white.svg
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b2630fa237b81931335c873da5f889928686854892edb91f1ad9476b955869b

Request headers

:path: /_/img/tr-glyph-v2--white.svg
pragma: no-cache
cookie: __cfduid=d522d69c09f7aab4ce03261503a414c651553268557; _gcl_au=1.1.798360728.1553268558
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4bb9334bce06c288-FRA
date: Fri, 22 Mar 2019 15:29:18 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Tue, 19 Feb 2019 21:58:52 GMT
server: cloudflare
etag: W/"a7c8206c09373479787a7e827b0ac96372bb228f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 plus--white.svg
cdn.technologyreview.com/_/img/ 571 B
478 B 9ms
8ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/plus--white.svg
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 760142cff640e00f8d7cb46efde7e54920be358cc2c095107b006d86c9294110

Request headers

:path: /_/img/plus--white.svg
pragma: no-cache
cookie: __cfduid=d522d69c09f7aab4ce03261503a414c651553268557; _gcl_au=1.1.798360728.1553268558
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=cf749434
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4bb9334bde27c288-FRA
date: Fri, 22 Mar 2019 15:29:18 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 20 Feb 2019 21:00:09 GMT
server: cloudflare
etag: W/"a19302249d5af960725c98bb4fb3f31eb56202c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 793 B
1 KB 33ms
32ms Script
application/javascript 52.31.106.135
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=67059&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&pv=1553268558667_1nbpo429z&bl=en-us&cb=264927&return=&ht=&d=&dc=&si=1553268558667_1nbpo429z&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?222
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.106.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-106-135.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ac2e2b519ca957fedb4a79d2dfeb00f172b912063180e788b423be4eeefec2f1

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:18 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 483
Expires: 0

GET
H2 200 optanon.css
cdn.cookielaw.org/skins/4.1.0/default_flat_top_two_button_black/v2/css/ 23 KB
5 KB 11ms
10ms Stylesheet
text/css 2606:4700:e6::ac40:ca17
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/skins/4.1.0/default_flat_top_two_button_black/v2/css/optanon.css
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/a321aa9c-3063-4225-abb6-0285fd5607e6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca17 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d60d068778b4af2913f52dcd1f8fcd110295e51bedf959b2aa4e37ed290f150

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Mar 2019 15:29:19 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: iK/qJYkI6lRubIC8gEscgQ==
status: 200
x-ms-lease-status: unlocked
last-modified: Wed, 13 Mar 2019 21:37:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/css
x-ms-request-id: 18778505-701e-0016-0317-e01978000000
cache-control: public, max-age=2592000
x-ms-version: 2009-09-19
cf-ray: 4bb9334dc85b97bc-FRA
expires: Sun, 21 Apr 2019 15:29:19 GMT

GET
H/1.1 200
OK EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
195 B 185ms
38ms Script
application/json 13.74.252.44
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery33106246174434067986_1553268558961&_=1553268558962
Requested by: Host: cdn.technologyreview.com
URL: https://cdn.technologyreview.com/_/dist/js/article.js?v=cf749434
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.74.252.44 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 15:29:18 GMT
Content-Length: 32
X-Application-Context: application:8080
Content-Type: application/json;charset=UTF-8

GET
H2

200

/ Show response
px.ads.linkedin.com/collect/
Redirect Chain

https://px.ads.linkedin.com/collect/?time=1553268559027&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&fmt=js&s=1
https://px.ads.linkedin.com/collect/?time=1553268559027&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&fmt=js&s=1&cookies...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1553268559027%26pid%3D8617%26url%3Dhttps%253A%252F%252Fwww.technologyreview.com%252Fs%252F613054...
https://px.ads.linkedin.com/collect/?time=1553268559027&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&fmt=js&s=1&cookies...

0
94 B

237ms
209ms

Script
application/javascript

2620:109:c00c:104::b93f:9005
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/collect/?time=1553268559027&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&fmt=js&s=1&cookiesTest=true&liSync=true
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:109:c00c:104::b93f:9005 , United States, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:20 GMT
content-encoding: gzip
server: Play
vary: Accept-Encoding
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 20
x-li-uuid: +RkKloZRjhWg3oKu5ioAAA==

Redirect headers

date: Fri, 22 Mar 2019 15:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 302
x-li-pop: prod-edc2-nkernB
content-length: 20
x-li-uuid: kdj/iYZRjhXAW1bf6SoAAA==
pragma: no-cache
server: Play
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect/?time=1553268559027&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&fmt=js&s=1&cookiesTest=true&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
262 B 126ms
125ms Script
application/javascript 104.244.42.3
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nuwy6&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 107
pragma: no-cache
last-modified: Fri, 22 Mar 2019 15:29:19 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 37f8f210704b9f5827d28dd464d18451
x-transaction: 000e2bd3003096cf
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 _ate.track.config_resp Show response
m.addthisedge.com/live/boost/ra-4df12eda07a410ab/ 166 B
385 B 159ms
88ms Script
application/javascript 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthisedge.com/live/boost/ra-4df12eda07a410ab/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.210.248.44 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.8.v20180619) /
Resource Hash: 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:19 GMT
surrogate-key: ra-4df12eda07a410ab
server: Jetty(9.4.8.v20180619)
etag: 659743217
cache-tag: ra-4df12eda07a410ab
status: 200
cache-control: public, max-age=6, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-type: application/javascript;charset=utf-8
content-length: 166

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 6 KB
3 KB 75ms
12ms Script
application/x-javascript 143.204.98.108
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.108 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-108.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 725913eab3460e2955a8ac4ec176f902c7d8d2db60757248b735cbf8698b0749

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Fri, 22 Mar 2019 02:49:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Mar 2014 00:45:07 GMT
Server: nginx
Age: 61779
ETag: W/"53191693-19c1"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
Cache-Control: max-age=86400, public
Connection: keep-alive
X-Amz-Cf-Id: UVLxjT4qVPw-nvbpaW-Z-5lcrarYRxnUgWFFeqz9xHShVsNOy6Iugw==
Expires: Thu, 21 Mar 2019 21:20:59 GMT

GET
H2 200 reach.js Show response
d8rk54i4mohrb.cloudfront.net/js/ 17 KB
17 KB 52ms
8ms Script
application/javascript 2600:9000:2043:9000:1f:573d:79c0:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d8rk54i4mohrb.cloudfront.net/js/reach.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2043:9000:1f:573d:79c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a53e645f8df92311cfd26567012ec54759b444dd8b4e008646a905d6dfd832da

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: 3GefvBl6jxpBZweVLvLp_adQAECpfADS
via: 1.1 1463b274b31e0310acc7c754b8b5a550.cloudfront.net (CloudFront)
last-modified: Mon, 18 Mar 2019 11:59:52 GMT
server: AmazonS3
etag: "4867106ece52bd44c40c24651d3a130b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: no-cache
date: Fri, 22 Mar 2019 15:29:19 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 17021
x-amz-cf-id: IdZLuWuzG8DRcSeA0rwgDNhfYwTYH9_2euLe4SbkUqzZx7fjKNDqDg==

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 12 KB
6 KB 136ms
28ms Script
application/x-javascript 91.228.74.239
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.239 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 15:29:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22-Mar-2019 15:29:19 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Fri, 29 Mar 2019 15:29:19 GMT

GET
H/1.1 200
OK goal.min.js Show response
s3.amazonaws.com/downloads.mailchimp.com/js/ 3 KB
3 KB 437ms
109ms Script
application/javascript 52.216.144.229
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/goal.min.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.229 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 95988cd724c335017a45083d6113304f8ff09502a3aa961b804f8ae03f4c3ada

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 15:29:20 GMT
Last-Modified: Mon, 20 Aug 2018 17:42:37 GMT
Server: AmazonS3
x-amz-request-id: 77ACC3B0B194DD7C
ETag: "db78cc3fefd4dc191250a00cf7b530a3"
Content-Type: application/javascript
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
Content-Length: 2699
x-amz-id-2: wPTm+W6rQIPzO/LBZ+2abd4ZHO6YJhwwBqDnVqnUZGS+qg4jrmzNaTpMmbOzdm848L113s066f8=

GET
H2 200 box-d831eecf6f5411af024c3acd759add17.html
vars.hotjar.com/ Frame 6E37 0
0 18ms
17ms Document
text/html 147.75.83.19
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-d831eecf6f5411af024c3acd759add17.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-531874.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.83.19 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-24
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-d831eecf6f5411af024c3acd759add17.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Response headers

status: 200
date: Fri, 22 Mar 2019 15:29:19 GMT
content-type: text/html
content-length: 894
cache-control: max-age=31536000
last-modified: Tue, 19 Mar 2019 16:10:50 GMT
section-io-origin-status: 200
section-io-origin-time-seconds: 0.024
etag: W/"d831eecf6f5411af024c3acd759add17"
content-encoding: gzip
vary: Accept-Encoding
accept-ranges: bytes
section-io-id: 76a8264a5d1970e51f806a0e56ff40c2

GET
H2 200 /
www.facebook.com/tr/ 44 B
203 B 15ms
13ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=302431540264875&ev=PageView&dl=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&rl=&if=false&ts=1553268559231&sw=1600&sh=1200&v=2.8.42&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1553268559230.331357688&it=1553268558493&coo=false&rqm=GET
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 22 Mar 2019 15:29:19 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
249 B 13ms
13ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=302431540264875&ev=ViewContent&dl=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&rl=&if=false&ts=1553268559233&cd[content_ids]=%5B%22613054%22%5D&cd[content_category]=Connectivity&sw=1600&sh=1200&v=2.8.42&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1553268559230.331357688&it=1553268558493&coo=false&rqm=GET
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 22 Mar 2019 15:29:19 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://tags.bluekai.com/site/20486?limit=0&id=5978151465836987083&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151465836987083%26eid=50056
https://ml314.com/csync.ashx?fp=$_BK_UUID&person_id=5978151465836987083&eid=50056

43 B
312 B

55ms
54ms

Image
image/gif

52.31.106.135
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=$_BK_UUID&person_id=5978151465836987083&eid=50056
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.106.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-106-135.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 15:29:18 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Sat, 23 Mar 2019 11:29:19 GMT

Redirect headers

Location: https://ml314.com/csync.ashx?fp=$_BK_UUID&person_id=5978151465836987083&eid=50056
Date: Fri, 22 Mar 2019 15:29:19 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 2352
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=5978151465836987083
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTNTk3ODE1MTQ2NTgzNjk4NzA4MxAAGg0Iz_7T5AUSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=27f956ceed86a3af469d337a5b1c6e3f0b8e06f95ae6a0800dee4c62f4d13fb7f4cb09cee1a4f8eb&person_id=5978151465836987083&eid=50082

43 B
312 B

159ms
35ms

Image
image/gif

34.249.56.252
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=27f956ceed86a3af469d337a5b1c6e3f0b8e06f95ae6a0800dee4c62f4d13fb7f4cb09cee1a4f8eb&person_id=5978151465836987083&eid=50082
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.56.252 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-249-56-252.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 15:29:19 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Sat, 23 Mar 2019 11:29:19 GMT

Redirect headers

date: Fri, 22 Mar 2019 15:29:19 GMT
via: 1.1 google
location: https://ml314.com/csync.ashx?fp=27f956ceed86a3af469d337a5b1c6e3f0b8e06f95ae6a0800dee4c62f4d13fb7f4cb09cee1a4f8eb&person_id=5978151465836987083&eid=50082
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 307
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151465836987083%26eid=50220
https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151465836987083%26eid=50220&mm_bnc&mm_bct
https://ml314.com/csync.ashx?fp=bb7f5c94-f9f1-4500-8c00-4db2ad290652&person_id=5978151465836987083&eid=50220

43 B
312 B

131ms
28ms

Image
image/gif

54.171.224.12
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=bb7f5c94-f9f1-4500-8c00-4db2ad290652&person_id=5978151465836987083&eid=50220
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.224.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-171-224-12.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 15:29:19 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Sat, 23 Mar 2019 11:29:19 GMT

Redirect headers

Date: Fri, 22 Mar 2019 15:29:19 GMT
Server: MT3 1.31.3.9 fe26b9c DPLAT-404 zrh-pixel-x23
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://ml314.com/csync.ashx?fp=bb7f5c94-f9f1-4500-8c00-4db2ad290652&person_id=5978151465836987083&eid=50220
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Fri, 22 Mar 2019 15:29:18 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151465836987083
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151465836987083
https://ml314.com/csync.ashx?fp=8eb06518f49fe4725dbca1fe348d5c4b&eid=50146&person_id=5978151465836987083

43 B
312 B

125ms
28ms

Image
image/gif

34.249.56.252
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=8eb06518f49fe4725dbca1fe348d5c4b&eid=50146&person_id=5978151465836987083
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.56.252 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-249-56-252.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 15:29:19 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Sat, 23 Mar 2019 11:29:19 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:19 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: https://ml314.com/csync.ashx?fp=8eb06518f49fe4725dbca1fe348d5c4b&eid=50146&person_id=5978151465836987083
Cache-Control: no-cache
X-Server: 10.26.5.72
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2xVuCSswb2fkop4mIIX085NxsyZlYMrL6xU23ZWSU0nA&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil
https://ml314.com/csync.ashx?fp=2xVuCSswb2fkop4mIIX085NxsyZlYMrL6xU23ZWSU0nA&person_id=5978151465836987083&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil

70 B
171 B

62ms
24ms

Image
image/gif

54.93.117.16
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.93.117.16 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-93-117-16.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 15:29:19 GMT
Content-Length: 70
Content-Type: image/gif

Redirect headers

Date: Fri, 22 Mar 2019 15:29:19 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Cache-Control: private
Connection: keep-alive
Content-Length: 168
Expires: Sat, 23 Mar 2019 11:29:19 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 44 KB
12 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.technologyreview.com
URL: https://cdn.technologyreview.com/_/dist/js/default.js?v=cf749434

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

73980f3dfa2725a845dcc969220c3893ca230a5049b2afb0d43de5eacb4f98e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "114 / 408 of 1000 / last-modified: 1553212643"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 11643
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 15:29:19 GMT

GET
H2 200 container.html
d8rk54i4mohrb.cloudfront.net/ Frame D99D 0
0 27ms
23ms Document
text/html 2600:9000:2043:9000:1f:573d:79c0:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d8rk54i4mohrb.cloudfront.net/container.html?pid=5579ded9736b79d48fc40100&title=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&date=2019-03-05&authors=Martin%20Giles&channels=Connectivity&url=www.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&ignore_errors=false&tags=undefined&referrer=&ref_url=&page_url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&cb=SPR.API.callbacks.cbtopleckql&v=v2.1.1&cache_buster=1553268559557
Requested by: Host: d8rk54i4mohrb.cloudfront.net
URL: https://d8rk54i4mohrb.cloudfront.net/js/reach.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2043:9000:1f:573d:79c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: d8rk54i4mohrb.cloudfront.net
:scheme: https
:path: /container.html?pid=5579ded9736b79d48fc40100&title=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&date=2019-03-05&authors=Martin%20Giles&channels=Connectivity&url=www.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&ignore_errors=false&tags=undefined&referrer=&ref_url=&page_url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&cb=SPR.API.callbacks.cbtopleckql&v=v2.1.1&cache_buster=1553268559557
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 6523
x-amz-replication-status: COMPLETED
last-modified: Mon, 18 Mar 2019 11:57:52 GMT
x-amz-version-id: GkBqiQinzHYbCopIZpBeWN86vQclUjWh
accept-ranges: bytes
server: AmazonS3
date: Fri, 22 Mar 2019 15:29:19 GMT
etag: "493134efac4be5677b6b6b332c29a34d"
cache-control: no-cache
x-cache: Hit from cloudfront
via: 1.1 1463b274b31e0310acc7c754b8b5a550.cloudfront.net (CloudFront)
x-amz-cf-id: t0YdsFUP0N4Kz3sEO0PV74Pfc3JGrWM-FKc1VPMPAN9Tg6evfp55ow==

GET
H2 200 rules-p-ffE9vWW7lzZG-.js Show response
rules.quantcount.com/ 3 B
338 B 213ms
212ms Script
application/x-javascript 2600:9000:2043:a200:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-ffE9vWW7lzZG-.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2043:a200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 06:21:27 GMT
via: 1.1 bd3e2233bf25337a89461c638cad13b9.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 21:08:19 GMT
server: AmazonS3
age: 32916
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3
x-amz-cf-id: U9Nzl86cdWRYR_wEPa09TsIamQtQYlFOpqe97qQmgjm6s_Sdo-tIZw==

GET
H/1.1 200
OK n Show response
edge.simplereach.com/ 374 B
966 B 488ms
120ms Script
application/javascript 2406:da00:ff00::36e3:ea03
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.simplereach.com/n?pid=5579ded9736b79d48fc40100&title=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&date=2019-03-05&authors=Martin%20Giles&channels=Connectivity&url=www.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&ignore_errors=false&tags=undefined&referrer=&ref_url=&page_url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&cb=SPR.API.callbacks.cbtopleckql&v=v2.1.1
Requested by: Host: d8rk54i4mohrb.cloudfront.net
URL: https://d8rk54i4mohrb.cloudfront.net/js/reach.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da00:ff00::36e3:ea03 , United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: ac0826ef89f378af1d6f5c100aba69509dc7e6022d8215422696df2e452f249a

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 15:29:20 GMT
Server: nginx/1.8.0
Connection: keep-alive
Content-Length: 374
Content-Type: application/javascript

GET
H/1.1 200
OK technologyreview.com Show response
srv-2019-03-22-15.config.parsely.com/config/ 386 B
804 B 593ms
109ms Script
text/javascript 34.199.66.245
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://srv-2019-03-22-15.config.parsely.com/config/technologyreview.com
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.66.245 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-199-66-245.compute-1.amazonaws.com
Software: / Express
Resource Hash: 3156d1b6cf292ccf0adcb29e31da8a78a8b6b4740b5d00e71f3e94dd21dd1a85

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 15:29:20 GMT
Cache-Control: private, no-cache
Connection: keep-alive
X-Powered-By: Express
ETag: W/"182-XQCij5oZcHhDB6oNyHoszQ"
Content-Length: 386
Content-Type: text/javascript; charset=utf-8

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.technologyreview.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 22ms
16ms Script
application/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.technologyreview.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl_2019031802.js Show response
securepubads.g.doubleclick.net/gpt/ 160 KB
58 KB 44ms
41ms Script
text/javascript 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019031802.js?21063407

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

sffe /

Resource Hash

17d3e313f9cb6c498698b08058466b6e9d133e35945dc5700ecabfed21d059b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 18 Mar 2019 21:12:44 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 58755
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 15:29:19 GMT

POST
H2 200 /
www.facebook.com/tr/ Frame 9C4A 0
0 38ms
37ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL: https://www.facebook.com/tr/
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 4600
pragma: no-cache
cache-control: no-cache
origin: https://www.technologyreview.com
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
accept-encoding: gzip, deflate, br
cookie: fr=0PWVv0NLo3beeoR7B..BclP9P...1.0.BclP9P.
Origin: https://www.technologyreview.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://www.technologyreview.com
access-control-allow-credentials: true
content-length: 0
server: proxygen-bolt
date: Fri, 22 Mar 2019 15:29:19 GMT

GET
H/1.1 200
OK pixel;r=655627323;labels=undefined;rf=0;a=p-ffE9vWW7lzZG-;url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F;fpan=1;fpa=P0-92726775-15...
pixel.quantserve.com/ 35 B
479 B 205ms
28ms Image
image/gif 91.228.74.184
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=655627323;labels=undefined;rf=0;a=p-ffE9vWW7lzZG-;url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F;fpan=1;fpa=P0-92726775-1553268559900;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1553268559900;tzo=0;ogl=url.https%3A%2F%2Fwww%252Etechnologyreview%252Ecom%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-%2Ctitle.Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%252C%20and%20it%E2%80%99s%20spreading%2Ctype.article%2Cupdated_time.2019-03-06T05%3A52%3A31-05%3A00%2Cimage.https%3A%2F%2Fcdn%252Etechnologyreview%252Ecom%2Fi%2Fimages%2Fmitheaderfinalv4%252Ejpg%3Fcx%3D0%26cy%3D109%26cw%3D27%2Cimage%3Aurl.https%3A%2F%2Fcdn%252Etechnologyreview%252Ecom%2Fi%2Fimages%2Fmitheaderfinalv4%252Ejpg%3Fcx%3D0%26cy%3D109%26cw%3D27%2Cimage%3Atype.image%2Fjpeg%2Cimage%3Awidth.2760%2Cimage%3Aheight.1700%2Cdescription.The%20rogue%20code%20can%20disable%20safety%20systems%20designed%20to%20prevent%20catastrophic%20indus%2Csite_name.MIT%20Technology%20Review
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.184 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:20 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
9 KB 82ms
73ms XHR
text/javascript 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2515215680989793&correlator=2061942470877026&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=21063407%2C21063015%2C21063066%2C21063347&vrg=2019031802&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F3293%2F__site%2F__leaderboard&sz=728x90%7C970x90&cust_params=UrlHost%3Dwww.technologyreview.com%26UrlPath%3D%252Fs%252F613054%252Fcybersecurity-critical-infrastructure-triton-malware%26UrlQuery%3D%26page_id%3Dtr_www_613054%26channel%3Dmobile%26topic%3Dconnectivity&cookie_enabled=1&bc=15&abxe=1&lmt=1553268559&dt=1553268559981&dlt=1553268557602&idt=2316&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=150&adk=1283925206&uci=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&dssz=60&icsg=176160768&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x13908&msz=1585x130&blev=1&bisch=1&ga_vid=82530524.1553268560&ga_sid=1553268560&ga_hid=51076390&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8d48929b25be1b80c05e6bf9d82d070a4c63ab1a84c7f0c131ac247642270caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Origin: https://www.technologyreview.com

Response headers

date: Fri, 22 Mar 2019 15:29:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 9440
x-xss-protection: 1; mode=block
google-lineitem-id: 4970599882
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138263927402
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019031802.js Show response
securepubads.g.doubleclick.net/gpt/ 67 KB
25 KB 51ms
43ms Script
text/javascript 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

sffe /

Resource Hash

3b927dca3cf9e48bab1049acb8a413eb65ddd46815239d2886d6c0a25265b6b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 18 Mar 2019 21:12:44 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 25401
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 15:29:20 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ 0
0 10ms
9ms Other
text/html 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019031802.js?21063407
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
10 KB 69ms
62ms XHR
text/javascript 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2515215680989793&correlator=2061942470877026&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&adsid=NT&eid=21063407%2C21063015%2C21063066%2C21063347&vrg=2019031802&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F3293%2F__site%2F__square-rectangle&sz=300x250&cust_params=UrlQuery%3D%26UrlHost%3Dwww.technologyreview.com%26UrlPath%3D%252Fs%252F613054%252Fcybersecurity-critical-infrastructure-triton-malware%26page_id%3Dtr_www_613054%26channel%3Dmobile%26topic%3Dconnectivity&cookie_enabled=1&bc=15&abxe=1&lmt=1553268560&dt=1553268560051&dlt=1553268557602&idt=2316&frm=20&biw=1585&bih=1200&oid=3&adx=1083&ady=947&adk=3758317059&uci=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&dssz=61&icsg=176160768&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1240x10882&msz=300x270&blev=1&bisch=1&ga_vid=82530524.1553268560&ga_sid=1553268560&ga_hid=51076390&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d9cc098e1ef794d0e585270c0483cf8b0870ad06a2d5e6670ba7e7d056963ac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Origin: https://www.technologyreview.com

Response headers

date: Fri, 22 Mar 2019 15:29:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 9531
x-xss-protection: 1; mode=block
google-lineitem-id: 4874943574
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138252144996
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
10 KB 86ms
83ms XHR
text/javascript 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2515215680989793&correlator=2061942470877026&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&adsid=NT&eid=21063407%2C21063015%2C21063066%2C21063347&vrg=2019031802&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F3293%2F__site%2F__square-only&sz=300x250&cust_params=UrlQuery%3D%26UrlHost%3Dwww.technologyreview.com%26UrlPath%3D%252Fs%252F613054%252Fcybersecurity-critical-infrastructure-triton-malware%26page_id%3Dtr_www_613054%26channel%3Dmobile%26topic%3Dconnectivity&cookie_enabled=1&bc=15&abxe=1&lmt=1553268560&dt=1553268560096&dlt=1553268557602&idt=2316&frm=20&biw=1585&bih=1200&oid=3&adx=1083&ady=10931&adk=390207441&uci=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&dssz=61&icsg=176160768&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x300&msz=300x270&blev=1&bisch=1&ga_vid=82530524.1553268560&ga_sid=1553268560&ga_hid=51076390&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9410a5f364318807f762162b9ced47d76a0ee7e720ebd23cf3c62316eb3b193f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Origin: https://www.technologyreview.com

Response headers

date: Fri, 22 Mar 2019 15:29:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 9601
x-xss-protection: 1; mode=block
google-lineitem-id: 4652826132
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138231526294
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
10 KB 85ms
84ms XHR
text/javascript 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2515215680989793&correlator=2061942470877026&output=json_html&callback=googletag.impl.pubads.callbackProxy4&impl=fif&adsid=NT&eid=21063407%2C21063015%2C21063066%2C21063347&vrg=2019031802&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F3293%2F__site%2F__fullwidth-interstitial&sz=728x90%7C970x90%7C970x250%7C1440x500&cust_params=UrlQuery%3D%26UrlHost%3Dwww.technologyreview.com%26UrlPath%3D%252Fs%252F613054%252Fcybersecurity-critical-infrastructure-triton-malware%26page_id%3Dtr_www_613054%26channel%3Dmobile%26topic%3Dconnectivity&cookie_enabled=1&bc=15&abxe=1&lmt=1553268560&dt=1553268560110&dlt=1553268557602&idt=2316&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=11291&adk=3077253026&uci=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&dssz=61&icsg=176160768&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x130&msz=1585x130&blev=1&bisch=1&ga_vid=82530524.1553268560&ga_sid=1553268560&ga_hid=51076390&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9eb133a7436e40d5aca41e5ae3ba727c933472641abcaeaac298b9d07f6feda0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Origin: https://www.technologyreview.com

Response headers

date: Fri, 22 Mar 2019 15:29:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 9793
x-xss-protection: 1; mode=block
google-lineitem-id: 4875054426
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138252390124
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 ads Show response
securepubads.g.doubleclick.net/gampad/ 0
270 B 64ms
63ms XHR
text/html 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2515215680989793&correlator=2061942470877026&output=json_html&callback=googletag.impl.pubads.callbackProxy5&impl=fif&adsid=NT&eid=21063407%2C21063015%2C21063066%2C21063347&vrg=2019031802&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F3293%2F__subscriber%2F__roadblock&sz=0x0&cust_params=UrlQuery%3D%26UrlHost%3Dwww.technologyreview.com%26UrlPath%3D%252Fs%252F613054%252Fcybersecurity-critical-infrastructure-triton-malware%26page_id%3Dtr_www_613054%26channel%3Dmobile%26topic%3Dconnectivity&cookie_enabled=1&bc=15&abxe=1&lmt=1553268560&dt=1553268560124&dlt=1553268557602&idt=2316&frm=20&biw=1585&bih=1200&oid=3&adx=793&ady=600&adk=1006213698&uci=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&dssz=61&icsg=176160768&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=82530524.1553268560&ga_sid=1553268560&ga_hid=51076390&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Origin: https://www.technologyreview.com

Response headers

date: Fri, 22 Mar 2019 15:29:20 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 400
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20190320/r20110914/ Frame 8D85 29 KB
11 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190320/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

22319cb3b15cdd7ecfd35159216d2223c53d0127690078f07651d1e46090b4db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10971
x-xss-protection: 1; mode=block
server: cafe
etag: 543703436663340921
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2019 12:57:43 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190320/r20110914/client/ext/ Frame 8D85 2 KB
1 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190320/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2019 12:57:43 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D85 76 KB
28 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac5d30e060c2cf039455f8841ce68c1f509de085fa10e630ea9778be6d7ae28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1553103581034000"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28679
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 15:29:20 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/mittechnologyreviewdfp991240917930/ Frame 8D85 268 KB
83 KB 34ms
33ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/mittechnologyreviewdfp991240917930/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c971c1694ddb3db938966d60dbaa380e17948a93fb6e9879906b859d18547d41

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 15:29:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Feb 2019 16:56:15 GMT
Server: AmazonS3
x-amz-request-id: 9B3FD7FB3A78CCC4
ETag: "15234bb83d3583d3d062d389f218e887"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=32810
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 84804
x-amz-id-2: uPYYae+Any22GxriPrrrCEGg0nrwmwwJ+Zr8h/wg5kuTZU8DZUazxf5SRReqsmPgVPM6gHWKGzo=

GET
H2 200 7682009127509016215
tpc.googlesyndication.com/simgad/ Frame 8D85 43 KB
43 KB 11ms
9ms Image
image/png 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7682009127509016215

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62ebcf0c18cdfc584b1aaca160d121055d24cb8072ea4368613e89ed98c92d1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 11 Mar 2019 15:48:13 GMT
x-content-type-options: nosniff
age: 949267
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 43552
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Mar 2019 15:39:19 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Mar 2020 15:48:13 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1349d35cb629a932fe00785c3f6ac9454ec4c5cf3b1edcf25b8749ad36ba253a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1553103581034000"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27762
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 15:29:20 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20190320/r20110914/ Frame 5AA7 29 KB
11 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190320/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

22319cb3b15cdd7ecfd35159216d2223c53d0127690078f07651d1e46090b4db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10971
x-xss-protection: 1; mode=block
server: cafe
etag: 543703436663340921
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2019 12:57:43 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190320/r20110914/client/ext/ Frame 5AA7 2 KB
1 KB 14ms
6ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190320/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2019 12:57:43 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5AA7 76 KB
28 KB 47ms
39ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac5d30e060c2cf039455f8841ce68c1f509de085fa10e630ea9778be6d7ae28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1553103581034000"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28679
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 15:29:20 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/mittechnologyreviewdfp991240917930/ Frame 5AA7 268 KB
83 KB 32ms
26ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/mittechnologyreviewdfp991240917930/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c971c1694ddb3db938966d60dbaa380e17948a93fb6e9879906b859d18547d41

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 15:29:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Feb 2019 16:56:15 GMT
Server: AmazonS3
x-amz-request-id: 9B3FD7FB3A78CCC4
ETag: "15234bb83d3583d3d062d389f218e887"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=32810
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 84804
x-amz-id-2: uPYYae+Any22GxriPrrrCEGg0nrwmwwJ+Zr8h/wg5kuTZU8DZUazxf5SRReqsmPgVPM6gHWKGzo=

GET
H2 200 3848017339927353716
tpc.googlesyndication.com/simgad/ Frame 5AA7 59 KB
59 KB 13ms
11ms Image
image/jpeg 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3848017339927353716

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c6624373ca3bde0a4dfc2b92d20c4b4cfc7c062e544a1a3c3ecd15f94fe7d426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Mar 2019 22:17:19 GMT
x-content-type-options: nosniff
age: 1185121
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 59981
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Nov 2018 16:53:19 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Mar 2020 22:17:19 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20190320/r20110914/ Frame DE24 29 KB
11 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190320/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

22319cb3b15cdd7ecfd35159216d2223c53d0127690078f07651d1e46090b4db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10971
x-xss-protection: 1; mode=block
server: cafe
etag: 543703436663340921
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2019 12:57:43 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190320/r20110914/client/ext/ Frame DE24 2 KB
1 KB 20ms
9ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190320/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2019 12:57:43 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE24 76 KB
28 KB 47ms
40ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac5d30e060c2cf039455f8841ce68c1f509de085fa10e630ea9778be6d7ae28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1553103581034000"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28679
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 15:29:20 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DE24 0
55 B 29ms
19ms Image
text/html 2a00:1450:4001:824::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTN1kN7JX9ULW_e9Q0lGe92_fkpjjTad3Tb3s_xAQYQZX20XYM_hJC5-FYSH66FSzRNMg8I
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:824::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/mittechnologyreviewdfp991240917930/ Frame DE24 268 KB
83 KB 51ms
45ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/mittechnologyreviewdfp991240917930/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c971c1694ddb3db938966d60dbaa380e17948a93fb6e9879906b859d18547d41

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 15:29:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Feb 2019 16:56:15 GMT
Server: AmazonS3
x-amz-request-id: 9B3FD7FB3A78CCC4
ETag: "15234bb83d3583d3d062d389f218e887"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=32810
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 84804
x-amz-id-2: uPYYae+Any22GxriPrrrCEGg0nrwmwwJ+Zr8h/wg5kuTZU8DZUazxf5SRReqsmPgVPM6gHWKGzo=

GET
H2 200 8043241790053843568
tpc.googlesyndication.com/simgad/ Frame DE24 46 KB
46 KB 17ms
10ms Image
image/jpeg 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8043241790053843568

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

812919ca83bf113696dd460f078f66e4d442b7179341cf8459dd5f6270d41bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 03:05:53 GMT
x-content-type-options: nosniff
age: 1167807
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 47226
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Apr 2018 17:16:48 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Mar 2020 03:05:53 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20190320/r20110914/ Frame 4FAD 29 KB
11 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190320/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

22319cb3b15cdd7ecfd35159216d2223c53d0127690078f07651d1e46090b4db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10971
x-xss-protection: 1; mode=block
server: cafe
etag: 543703436663340921
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2019 12:57:43 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190320/r20110914/client/ext/ Frame 4FAD 2 KB
1 KB 36ms
0ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190320/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 20 Mar 2019 12:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2019 12:57:43 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4FAD 76 KB
28 KB 59ms
36ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac5d30e060c2cf039455f8841ce68c1f509de085fa10e630ea9778be6d7ae28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1553103581034000"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28679
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 15:29:20 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4FAD 0
55 B 51ms
15ms Image
text/html 2a00:1450:4001:824::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRIsxq1RvBF-PfIcM521LMAQJPhVMkZQbgSbVoLe2StbkRSNpNY2kPnVPO3BgpVhDu306HB
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:824::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/mittechnologyreviewdfp991240917930/ Frame 4FAD 268 KB
83 KB 40ms
25ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/mittechnologyreviewdfp991240917930/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c971c1694ddb3db938966d60dbaa380e17948a93fb6e9879906b859d18547d41

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 15:29:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Feb 2019 16:56:15 GMT
Server: AmazonS3
x-amz-request-id: 9B3FD7FB3A78CCC4
ETag: "15234bb83d3583d3d062d389f218e887"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=32810
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 84804
x-amz-id-2: uPYYae+Any22GxriPrrrCEGg0nrwmwwJ+Zr8h/wg5kuTZU8DZUazxf5SRReqsmPgVPM6gHWKGzo=

GET
H2 200 7452167049369359931
tpc.googlesyndication.com/simgad/ Frame 4FAD 41 KB
41 KB 42ms
6ms Image
image/jpeg 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7452167049369359931

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019031802.js?21063407

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f0032f921fd9629fbee0e5cddce8bf02545db825187e6b8e3f4973eab16b0cf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 02:05:00 GMT
x-content-type-options: nosniff
age: 1171460
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 41678
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Nov 2018 17:00:16 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Mar 2020 02:05:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8D85 0
62 B 55ms
21ms Image
image/gif 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcRCCjVGELUMipqUk3Gwee6HM-2kM-uzwSSw2Kc6EuEbBIttf_cgkEHaQQ0vP5YVTdUreFAsfwNzVVoz8_AcMoRbaxC_Xj5Z3g_paNgiLVOYMjdWcppkYUZXsVX2vHJeedRyBjJNamlPbFq6g1E_wKxlhpaWhIlxo9luY6OOrDnJkHZAOz-1bq7tkR_Sf3tKR3HMoX16_Jd5axqn3_16vsbfGtz9F0RqF-GMeuzf8KtyGQIkK6ikAtXUmpIOzwCgUEabMd03mTMNERM-0&sai=AMfl-YRfXIB7w4F-IQzsvAlTd4DYxZBoKR6tkaM_uZvx5HFYhrxdDzZN7VDDbRicg-3z-JfMWrwtDyGJ0B2gtc7e1J5eJsfekxvc5-qulYZzeA&sig=Cg0ArKJSzAMES6AmeK6EEAE&adurl=

Requested by

Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:20 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5AA7 0
62 B 50ms
21ms Image
image/gif 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuArcRN1baa8jcW6onGgoc7UgL1Q6nALiUeAyBI2SjbgIZCU85QrqXmJhR48FcqAJpBvquzHThjUqtBxl_d0U0zBjdhsOw7O5LZQpdcmRtV5swqxsjG91EfTFxSSauAw7uQGjbgjGvYlrlXT7bqSJURx3sau1hYIsWetrnRjHzMhgh0NN5lHUI0I1-4395LBUoFouFuTsf6sqyYat1KU6Ff-LRtCVN7rJXDJvur-80xslm_q-SjD2nbPV7n8DU7ORNm52GcXt6JuOAs_8Pv3MUWeg&sai=AMfl-YR7w670pbkiwXKz4qX-yur968r5u8Y9n7gvBwwTIfojWCKB7doA7ZEqmJOqOtgIWpF7IWCJsqfoVqVnGv9fLlTeoIFiEeBINwLl9zSS&sig=Cg0ArKJSzNyxAIVTM0MtEAE&adurl=

Requested by

Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:20 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame DE24 0
62 B 50ms
21ms Image
image/gif 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszuckV0jdjUwV0HOpHjotjE0CfkNxMg9xkNDsfhCECzoFoD1ZWKo7U-g-z_-NFdh2oHucYnkgYKKLQwBDoDLXModUCQ9vk4p6tQULxwEBR6MoZERuWl5Gkdo6wTMAGo5I-MphADyMrUT9_u-zqmTlY8NykQ4N1zx4PkmOmywwr4mTgcXXM17Gbs8Z3kFWbWX9CXt9HqNNBGpqsUKfQIUuoB0cj0FP8D0R82UG3gxI7dP40B_N5m8d1IDhRFtcqdPtzQHQICXRGEQAXlhU&sai=AMfl-YTQRVHRt1QbkLjXbdIJzdmmUUt9VvBq6zqMSXrDL5Qle7Bzklm3qEmtV2uwtCFotQp3vKTEp2oix0XCJuZoCm4CVj_Y-6d15pIj-JfQKdDDs4rjlUQFXleIpALQ&sig=Cg0ArKJSzDmwMZN18wxFEAE&adurl=

Requested by

Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:20 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4FAD 0
62 B 50ms
21ms Image
image/gif 172.217.21.194
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupn64D9z4cXzAv-UiEDdr1K9L08b1yVemUVMucDChztvyOfRe5_TxS7vZmIem4WIhTcw5f9mv2G1EsBTU2NP2oEEQ3A4J0FCaZwwdN1xLQeu28hIfHkx3TXlh-6baZtzr1GF10R-jzNK0cNPGWFQTNfHSyMoFnVBSOABFdMb4MUm4-nuvfSr99OuvyAqqC0vqtKS7DJTyxtRsp_AnTtuoZvERmej_d0q9ekEV8wz2_i7VfB-goenV1F4WhzyAgMlvs-Gh4OZhCVp3zFFyhnoXfhEgg8-Pg4Q&sai=AMfl-YQnOl75GBZBL6c3xadajeHAkDgx_na9fbG29yds3Y1WVgwdNBPv3GDBfzTyvfh7f5Umq2TO1-ogr9_rpoicJbPw9cmJyyVThOtPRqd35tQg1Sj2N3jZ8yFnG6U&sig=Cg0ArKJSzHA2f3hYN9WvEAE&adurl=

Requested by

Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 15:29:20 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK ptrack-v1.1.1-engagedtime.js Show response
d1z2jf7jlzjs58.cloudfront.net/code/ 35 KB
14 KB 13ms
10ms Script
application/x-javascript 143.204.98.108
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/code/ptrack-v1.1.1-engagedtime.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.108 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-108.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: f17090be520764660accb76f6b0afd46a86fc3ee5c84d5e2a6849459a2d005af

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Tue, 26 Jun 2018 22:39:30 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Jun 2018 22:20:16 GMT
Server: nginx
Age: 23215790
ETag: W/"5b32bc20-8b46"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
Cache-Control: max-age=315360000, public
Connection: keep-alive
X-Amz-Cf-Id: yJPlWxQ6uWcepPUykodgUDrPxrhKdvfCk5Pmr0hICdG7Ool9BxCNSg==
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 5AA7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa060a9bdebb66ad88ccfced7b465b07d0d664b1fa2db22cbdf0e27ba7524e5e

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8D85 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1af2c81a508642306c75af24bf7a2fe08c6d2687bffd2005598a7ae528686b54

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DE24 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45304177e143584757ac9d37dad9ad4ecca6ac919fc0b288f31b2985dd05758f

Request headers

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 31ms
30ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=MITTECHREVIEWDFP1&hp=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&o=3&t=1553268561036&de=987014507686&m=0&ar=ab37179-clean&q=2&cb=0&cu=1553268561036&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=15497267%3A2438678787%3A4874943574%3A138252144996&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&bo=32883227&bd=32886587&gw=mittechnologyreviewdfp991240917930&fd=1&ac=1&it=500&fs=159716&na=427834665&cs=0
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:21 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:21 GMT

GET
DATA 200
OK truncated
/ Frame 4FAD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fee2af693975c9ae136eca914eb46ad5b57b19fbb1ec9765332c96dc7ce22754

Request headers

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 31ms
30ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F3848017339927353716&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1553268561036&de=987014507686&cu=1553268561036&m=105&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=13990&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&as=0&ag=26&an=0&gf=26&gg=0&ix=26&ic=26&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=26&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=52&cd=0&ah=52&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=15497267%3A2438678787%3A4874943574%3A138252144996&bo=32883227&bd=32886587&gw=mittechnologyreviewdfp991240917930&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=1754246314&cs=0
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:21 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:21 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 26ms
25ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=MITTECHREVIEWDFP1&hp=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&o=3&t=1553268561152&de=495676125294&m=0&ar=ab37179-clean&q=5&cb=0&cu=1553268561152&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4451373307%3A2294459736%3A4652826132%3A138231526294&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&bo=32883227&bd=32886827&gw=mittechnologyreviewdfp991240917930&fd=1&ac=1&it=500&fs=159716&na=1310378617&cs=0
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:21 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:21 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 24ms
24ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F8043241790053843568&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1553268561152&de=495676125294&cu=1553268561152&m=93&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=13990&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=0&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=24&cd=0&ah=24&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4451373307%3A2294459736%3A4652826132%3A138231526294&bo=32883227&bd=32886827&gw=mittechnologyreviewdfp991240917930&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=2%3A&tc=0&fs=159716&na=232379557&cs=0
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:21 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:21 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 29ms
28ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=MITTECHREVIEWDFP1&hp=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&o=3&t=1553268561287&de=710362548403&m=0&ar=ab37179-clean&q=8&cb=0&cu=1553268561287&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=15497267%3A2498084044%3A4970599882%3A138263927402&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&bo=32883227&bd=32883347&gw=mittechnologyreviewdfp991240917930&fd=1&ac=1&it=500&fs=159716&na=43229022&cs=0
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:21 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:21 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 26ms
25ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F7682009127509016215&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1553268561287&de=710362548403&cu=1553268561287&m=62&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=13990&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&as=0&ag=23&an=0&gf=23&gg=0&ix=23&ic=23&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=23&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=45&cd=0&ah=45&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=15497267%3A2498084044%3A4970599882%3A138263927402&bo=32883227&bd=32883347&gw=mittechnologyreviewdfp991240917930&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=1139910961&cs=0
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:21 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:21 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 26ms
26ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=MITTECHREVIEWDFP1&hp=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&o=3&t=1553268561400&de=653413285484&m=0&ar=ab37179-clean&q=11&cb=0&cu=1553268561400&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=15497267%3A2438678787%3A4875054426%3A138252390124&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&bo=32883227&bd=32886107&gw=mittechnologyreviewdfp991240917930&fd=1&ac=1&it=500&fs=159716&na=1914997035&cs=0
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:21 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:21 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 25ms
24ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F7452167049369359931&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1553268561400&de=653413285484&cu=1553268561400&m=96&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=13990&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=0&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=30&cd=0&ah=30&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=15497267%3A2438678787%3A4875054426%3A138252390124&bo=32883227&bd=32886107&gw=mittechnologyreviewdfp991240917930&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=2%3A&tc=0&fs=159716&na=1400122484&cs=0
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:21 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:21 GMT

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/16198136/ 0
400 B 694ms
693ms Script
application/x-javascript 23.43.115.95
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/16198136/cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.115.95 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-43-115-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 15:29:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Mon, 25 Mar 2019 15:29:22 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4

Request headers

Response headers

Content-Type: image/svg+xml

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/ 32 B
587 B 165ms
108ms XHR
application/json 2606:4700::6811:cccc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/json?portalId=4518541

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c318f7e927701be1a5cb370e210b91c26df66249b47ed0d331c9550452221d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Origin: https://www.technologyreview.com

Response headers

date: Fri, 22 Mar 2019 15:29:21 GMT
content-encoding: br
status: 200
server: cloudflare
x-trace: 2B863543A703AA2AB32E7DB8123449EECE4DC94D51000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.technologyreview.com
access-control-max-age: 180
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 4bb9335f48eac292-FRA
access-control-allow-headers: *

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
101 B 21ms
20ms Image
image/gif 2606:4700::6810:fa05
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1332804328&v=1.1&a=4518541&rcu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&pu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&t=Triton+is+the+world%E2%80%99s+most+murderous+malware%2C+and+it%E2%80%99s+spreading+-+MIT+Technology+Review&cts=1553268561746&vi=fab116b86ce94005ba705b721158a19b&nc=true&u=12316075.fab116b86ce94005ba705b721158a19b.1553268561742.1553268561742.1553268561742.1&b=12316075.1.1553268561742

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4bb9335eff249aac-FRA
date: Fri, 22 Mar 2019 15:29:21 GMT
content-type: image/gif
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
101 B 20ms
19ms Image
image/gif 2606:4700::6810:fa05
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=3e69a4f7-5967-47be-bdc7-4326b12c2581&fci=0eff4a6c-3087-4ef7-a0ec-73cb59876458&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1332804328&v=1.1&a=4518541&rcu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&pu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&t=Triton+is+the+world%E2%80%99s+most+murderous+malware%2C+and+it%E2%80%99s+spreading+-+MIT+Technology+Review&cts=1553268561750&vi=fab116b86ce94005ba705b721158a19b&nc=true&u=12316075.fab116b86ce94005ba705b721158a19b.1553268561742.1553268561742.1553268561742.1&b=12316075.1.1553268561742

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4bb9335eff259aac-FRA
date: Fri, 22 Mar 2019 15:29:21 GMT
content-type: image/gif
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
218 B 20ms
19ms Image
image/gif 2606:4700::6810:fa05
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=3045c9cb-513f-4fa0-b110-58ef9d14b329&fci=ea204a88-1a05-41c4-9690-b8c98d1526c5&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1332804328&v=1.1&a=4518541&rcu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&pu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&t=Triton+is+the+world%E2%80%99s+most+murderous+malware%2C+and+it%E2%80%99s+spreading+-+MIT+Technology+Review&cts=1553268561751&vi=fab116b86ce94005ba705b721158a19b&nc=true&u=12316075.fab116b86ce94005ba705b721158a19b.1553268561742.1553268561742.1553268561742.1&b=12316075.1.1553268561742

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4bb9335eff279aac-FRA
date: Fri, 22 Mar 2019 15:29:21 GMT
content-type: image/gif
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 40 KB
3 KB 113ms
111ms XHR
application/json 2606:4700::6810:fb05
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=4518541&utk=fab116b86ce94005ba705b721158a19b&__hstc=12316075.fab116b86ce94005ba705b721158a19b.1553268561742.1553268561742.1553268561742.1&__hssc=12316075.1.1553268561742&currentUrl=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fb05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8487ebadc26aabde81a81acd5253ffb0276c292a6bb43a2f501b3f6987483e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Origin: https://www.technologyreview.com

Response headers

date: Fri, 22 Mar 2019 15:29:21 GMT
content-encoding: br
x-robots-tag: none
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 4bb9335f1ebd973e-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 24ms
23ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1553268561036&de=987014507686&cu=1553268561036&m=1168&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=72&vx=72%3A73%3A-&as=1&ag=1102&an=26&gf=590&gg=26&ix=590&ic=590&ez=1&ck=1102&kw=927&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1102&bx=26&ci=1102&jz=927&dj=1&aa=0&ad=951&cn=0&gk=439&gl=0&ik=439&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=927&cd=52&ah=927&am=52&rf=0&re=1&ft=951&fv=0&fw=951&wb=1&cl=0&at=0&d=15497267%3A2438678787%3A4874943574%3A138252144996&bo=32883227&bd=32886587&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=8651651&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:22 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:22 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 33ms
28ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1553268561287&de=710362548403&cu=1553268561287&m=1112&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1077&an=23&gi=1&gf=1077&gg=23&ix=1077&ic=1077&ez=1&ck=1077&kw=898&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1077&bx=23&ci=1077&jz=898&dj=1&aa=0&ad=956&cn=0&gk=956&gl=0&ik=956&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=898&cd=45&ah=898&am=45&rf=0&re=1&ft=956&fv=0&fw=956&wb=1&cl=0&at=0&d=15497267%3A2498084044%3A4970599882%3A138263927402&bo=32883227&bd=32883347&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=388219192&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:22 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:22 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8D85 42 B
122 B 29ms
28ms Image
image/gif 2a00:1450:4016:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvR2IygtQ_p1rbND56iX37YXXtkFJ3RHMSHnT2YxbICgYt5mHBnnujKLMDQG5N3mdKHDaTxj1-6q2S5HIMG8ATyQpr9rUJUla5fU-c&sig=Cg0ArKJSzId530Cok_hlEAE&adk=1283925206&tt=535&bs=1585%2C1200&mtos=1038,1038,1038,1038,1038&tos=1038,0,0,0,0&p=223,429,313,1157&mcvt=1038&rs=3&ht=0&tfs=424&tls=1462&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1553268560421&rpt=930&isd=0&msd=0&lm=2&oseid=3&xdi=0&ps=1585%2C13990&ss=1600%2C1200&pt=928&deb=1-4-4-8-12-49-63-10&tvt=1425&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=5&clc=1&cac=0&cd=728x90&v=20190320

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4016:800::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 15:29:22 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5AA7 42 B
122 B 28ms
27ms Image
image/gif 2a00:1450:4016:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTjVkA8T1qHkgzGqRfX3nu3jlVcPqI3m2pMyOg654E6HMwqheJUxofXGvpn0U6J_wtXbFT1gfTHoVtZBWwgo50FUvdq_IA_A5NS9o&sig=Cg0ArKJSzJmFe9ork5J1EAE&adk=3758317059&tt=535&bs=1585%2C1200&mtos=418,418,1038,1038,1038&tos=418,0,620,0,0&p=1020,1083,1270,1383&mcvt=1038&rs=3&ht=0&tfs=424&tls=1462&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1553268560508&rpt=638&isd=0&msd=0&lm=2&oseid=3&xdi=0&ps=1585%2C13990&ss=1600%2C1200&pt=928&deb=1-4-4-8-12-49-63-10&tvt=1425&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=5&clc=1&cac=0&cd=300x250&v=20190320

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4016:800::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 15:29:22 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 29ms
25ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1553268561287&de=710362548403&cu=1553268561287&m=1113&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1077&an=1077&gi=1&gf=1077&gg=1077&ix=1077&ic=1077&ez=1&ck=1077&kw=898&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1077&bx=1077&ci=1077&jz=898&dj=1&aa=0&ad=956&cn=956&gk=956&gl=956&ik=956&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=898&cd=898&ah=898&am=898&rf=0&re=1&ft=956&fv=956&fw=956&wb=1&cl=0&at=0&d=15497267%3A2498084044%3A4970599882%3A138263927402&bo=32883227&bd=32883347&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=866433547&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:22 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:22 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 25ms
24ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1553268561287&de=710362548403&cu=1553268561287&m=1113&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1077&an=1077&gi=1&gf=1077&gg=1077&ix=1077&ic=1077&ez=1&ck=1077&kw=898&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1077&bx=1077&ci=1077&jz=898&dj=1&aa=0&ad=956&cn=956&gk=956&gl=956&ik=956&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=898&cd=898&ah=898&am=898&rf=0&re=1&ft=956&fv=956&fw=956&wb=1&cl=0&at=0&d=15497267%3A2498084044%3A4970599882%3A138263927402&bo=32883227&bd=32883347&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=2072504724&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:22 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:22 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 24ms
23ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1553268561036&de=987014507686&cu=1553268561036&m=1375&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=72&vx=72%3A73%3A-&as=1&ag=1309&an=1102&gf=590&gg=590&ix=590&ic=590&ez=1&ck=1102&kw=927&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1309&bx=1102&ci=1102&jz=927&dj=1&aa=1&ad=1158&cn=951&gk=439&gl=439&ik=439&co=1158&cp=1128&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1128&cd=927&ah=1128&am=927&rf=0&re=1&ft=1158&fv=951&fw=951&wb=1&cl=0&at=0&d=15497267%3A2438678787%3A4874943574%3A138252144996&bo=32883227&bd=32886587&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=305957288&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:22 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:22 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 31ms
30ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1553268561287&de=710362548403&cu=1553268561287&m=1315&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1280&an=1077&gi=1&gf=1280&gg=1077&ix=1280&ic=1280&ez=1&ck=1077&kw=898&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1280&bx=1077&ci=1077&jz=898&dj=1&aa=1&ad=1159&cn=956&gn=1&gk=1159&gl=956&ik=1159&co=1159&cp=1099&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1099&cd=898&ah=1099&am=898&rf=0&re=1&ft=1159&fv=956&fw=956&wb=1&cl=0&at=0&d=15497267%3A2498084044%3A4970599882%3A138263927402&bo=32883227&bd=32883347&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=1639018892&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:22 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:22 GMT

GET
H/1.1 200
OK t Show response
edge.simplereach.com/ 107 B
267 B 118ms
118ms Script
application/javascript 2406:da00:ff00::36e3:ea03
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.simplereach.com/t?pid=5579ded9736b79d48fc40100&title=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&date=2019-03-05&authors=Martin%20Giles&channels=Connectivity&url=www.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&ignore_errors=false&tags=undefined&referrer=&ref_url=&page_url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&cb=SPR.API.callbacks.cbwcqlfzrdeb&v=v2.1.1&cache_buster=1553268559557&t=5000&e=5000&s=0
Requested by: Host: d8rk54i4mohrb.cloudfront.net
URL: https://d8rk54i4mohrb.cloudfront.net/js/reach.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da00:ff00::36e3:ea03 , United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: 482bf17c3106adb2d5e26858b4c4d119fc8e5192ea73e0145cca1381343c609d

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 15:29:24 GMT
Server: nginx/1.8.0
Connection: keep-alive
Content-Length: 107
Content-Type: application/javascript

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 27ms
26ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1553268561036&de=987014507686&cu=1553268561036&m=5208&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=72&vx=72%3A73%3A-&as=1&ag=5142&an=1309&gf=590&gg=590&ix=590&ic=590&ez=1&ck=1102&kw=927&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5142&bx=1309&ci=1102&jz=927&dj=1&aa=1&ad=4991&cn=1158&gk=439&gl=439&ik=439&co=1158&cp=1128&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4967&cd=1128&ah=4967&am=1128&rf=0&re=1&ft=4891&fv=1158&fw=951&wb=1&cl=0&at=0&d=15497267%3A2438678787%3A4874943574%3A138252144996&bo=32883227&bd=32886587&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=1748352006&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:26 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:26 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 24ms
23ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1553268561287&de=710362548403&cu=1553268561287&m=5144&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=5109&an=1280&gi=1&gf=5109&gg=1280&ix=5109&ic=5109&ez=1&ck=1077&kw=898&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5109&bx=1280&ci=1077&jz=898&dj=1&aa=1&ad=4988&cn=1159&gn=1&gk=4988&gl=1159&ik=4988&co=1159&cp=1099&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4930&cd=1099&ah=4930&am=1099&rf=0&re=1&ft=4888&fv=1159&fw=956&wb=2&cl=0&at=0&d=15497267%3A2498084044%3A4970599882%3A138263927402&bo=32883227&bd=32883347&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=402007854&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:26 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:26 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 33ms
28ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1553268561152&de=495676125294&cu=1553268561152&m=5295&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5084&cd=24&ah=5084&am=24&rf=0&re=1&wb=1&cl=0&at=0&d=4451373307%3A2294459736%3A4652826132%3A138231526294&bo=32883227&bd=32886827&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=2%3A&tc=0&fs=159716&na=247494583&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:26 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:26 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 29ms
28ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1553268561400&de=653413285484&cu=1553268561400&m=5250&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5039&cd=30&ah=5039&am=30&rf=0&re=0&wb=1&cl=0&at=0&d=15497267%3A2438678787%3A4875054426%3A138252390124&bo=32883227&bd=32886107&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=2%3A&tc=0&fs=159716&na=215861416&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:26 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:26 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 24ms
23ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1553268561036&de=987014507686&cu=1553268561036&m=10230&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=72&vx=72%3A73%3A-&as=1&ag=10165&an=5142&gf=590&gg=590&ix=590&ic=590&ez=1&ck=1102&kw=927&aj=1&pg=100&pf=100&ib=1&cc=1&bw=10165&bx=5142&ci=1102&jz=927&dj=1&aa=1&ad=10014&cn=4991&gk=439&gl=439&ik=439&co=1158&cp=1128&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9990&cd=4967&ah=9990&am=4967&rf=0&re=1&ft=4891&fv=4891&fw=951&wb=1&cl=0&at=0&d=15497267%3A2438678787%3A4874943574%3A138252144996&bo=32883227&bd=32886587&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=309047255&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:31 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:31 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 26ms
25ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1553268561287&de=710362548403&cu=1553268561287&m=10169&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=10135&an=5109&gi=1&gf=10135&gg=5109&ix=10135&ic=10135&ez=1&ck=1077&kw=898&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10135&bx=5109&ci=1077&jz=898&dj=1&aa=1&ad=10014&cn=4988&gn=1&gk=10014&gl=4988&ik=10014&co=1159&cp=1099&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9956&cd=4930&ah=9956&am=4930&rf=0&re=1&ft=4888&fv=4888&fw=956&wb=2&cl=0&at=0&d=15497267%3A2498084044%3A4970599882%3A138263927402&bo=32883227&bd=32883347&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=612796441&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:31 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:31 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 24ms
23ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1553268561152&de=495676125294&cu=1553268561152&m=10317&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10107&cd=5084&ah=10107&am=5084&rf=0&re=1&wb=1&cl=0&at=0&d=4451373307%3A2294459736%3A4652826132%3A138231526294&bo=32883227&bd=32886827&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=2%3A&tc=0&fs=159716&na=2083554052&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:31 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:31 GMT

GET
H/1.1 200
OK /
srv-2019-03-22-15.pixel.parsely.com/plogger/ 43 B
229 B 556ms
106ms Image
image/gif 54.208.18.17
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-2019-03-22-15.pixel.parsely.com/plogger/?rand=1553268571510&plid=59429843&idsite=technologyreview.com&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely_uuid%22%3A%22a26aacad-d502-42c7-a6f8-42ce4e5086a4%22%2C%22parsely_site_uuid%22%3A%22a1c1fe96-f23d-4530-b3e5-fc6dc4abbc5b%22%7D&sid=1&surl=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&sref=&sts=1553268571509&slts=0&date=Fri+Mar+22+2019+15%3A29%3A31+GMT%2B0000+(Coordinated+Universal+Time)&action=heartbeat&inc=5&tt=4900&u=a1c1fe96-f23d-4530-b3e5-fc6dc4abbc5b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.18.17 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-208-18-17.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 15:29:32 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 70ms
69ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1553268561400&de=653413285484&cu=1553268561400&m=10271&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10061&cd=5039&ah=10061&am=5039&rf=0&re=0&wb=1&cl=0&at=0&d=15497267%3A2438678787%3A4875054426%3A138252390124&bo=32883227&bd=32886107&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=2%3A&tc=0&fs=159716&na=1811813947&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 15:29:31 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 22 Mar 2019 15:29:31 GMT

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
edge.simplereach.com/	1970-01-18 23:27:50	Name: __srss Value: 4332fcd8-4cb7-11e9-a984-22000bdd47f7
.simplereach.com/	1970-01-18 23:27:50	Name: __srss Value: 4332fcd8-4cb7-11e9-a984-22000bdd47f7
edge.simplereach.com/	1970-01-19 08:14:50	Name: __srui Value: 4332fce2-4cb7-11e9-a984-22000bdd47f7
.simplereach.com/	1970-01-19 08:14:50	Name: __srui Value: 4332fce2-4cb7-11e9-a984-22000bdd47f7
.technologyreview.com/	1970-01-18 23:27:50	Name: __hssc Value: 12316075.1.1553268561742
.technologyreview.com/	1970-01-19 08:49:24	Name: hubspotutk Value: fab116b86ce94005ba705b721158a19b
.technologyreview.com/	1970-01-19 08:49:24	Name: __hstc Value: 12316075.fab116b86ce94005ba705b721158a19b.1553268561742.1553268561742.1553268561742.1
.technologyreview.com/	1970-01-18 23:27:50	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/%22%2C%22sref%22:%22%22%2C%22sts%22:1553268561005%2C%22slts%22:0}
.technologyreview.com/	1970-01-19 16:59:00	Name: __gads Value: ID=7cad136dbb661dec:T=1553268560:S=ALNI_MY13PIx46ERGr0lnJjraYtYP8SM3Q
.technologyreview.com/	1970-01-19 08:52:17	Name: __qca Value: P0-92726775-1553268559900
.technologyreview.com/	1970-01-19 08:13:24	Name: __cfduid Value: d522d69c09f7aab4ce03261503a414c651553268557
www.technologyreview.com/	1970-01-22 15:03:48	Name: _ccmaid Value: 5978151465836987083
.technologyreview.com/	1970-01-19 01:37:24	Name: _fbp Value: fb.1.1553268559230.331357688
www.technologyreview.com/	1970-01-19 08:59:29	Name: __atuvc Value: 1%7C12
www.technologyreview.com/	1970-01-22 15:03:48	Name: _ccmsi Value: 1553268558667_1nbpo429z\|1553268558769
www.technologyreview.com/	1970-01-27 11:03:50	Name: __srret Value: 1
www.technologyreview.com/	1970-01-18 23:27:50	Name: __atuvs Value: 5c94ff4ee4352c12000
.technologyreview.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.technologyreview.com/	1970-01-19 08:57:12	Name: _parsely_visitor Value: {%22id%22:%22a1c1fe96-f23d-4530-b3e5-fc6dc4abbc5b%22%2C%22session_count%22:1%2C%22last_session_ts%22:1553268561005}
www.technologyreview.com/	1970-01-27 11:03:50	Name: __srui Value: 4332fce2-4cb7-11e9-a984-22000bdd47f7
.www.technologyreview.com/	1970-01-19 08:13:24	Name: OptanonConsent Value: landingPath=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&datestamp=Fri+Mar+22+2019+15%3A29%3A21+GMT%2B0000+(Coordinated+Universal+Time)&version=4.1.0&EU=true&groups=112%3A1%2C1%3A1%2C105%3A1%2C106%3A1%2C116%3A1%2C2%3A1%2C118%3A1%2C3%3A1%2C107%3A1%2C104%3A1%2C108%3A1%2C4%3A1%2C126%3A1%2C109%3A1%2C110%3A1%2C129%3A1%2C111%3A1%2C113%3A1%2C114%3A1%2C115%3A1%2C117%3A1%2C119%3A1%2C120%3A1%2C121%3A1%2C122%3A1%2C123%3A1%2C124%3A1%2C125%3A1%2C127%3A1%2C128%3A1%2C130%3A1%2C101%3A1%2C102%3A1%2C131%3A1%2C103%3A1%2C0_100147%3A1%2C0_121150%3A1%2C0_121119%3A1
.technologyreview.com/	1970-01-19 01:37:24	Name: _gcl_au Value: 1.1.798360728.1553268558

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://cdn.technologyreview.com/_/dist/js/article.js?v=cf749434(Line 60) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 25) Message: [Facebook Pixel] - Duplicate Pixel ID: 302431540264875.
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 25) Message: [Facebook Pixel] - Invalid PixelID: function(b){return this.filter(function(e){return 0>b.indexOf(e)})}.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.quora.com
adservice.google.com
adservice.google.de
alb.reddit.com
analytics.twitter.com
api.hubapi.com
bat.bing.com
cdn.cookielaw.org
cdn.technologyreview.com
connect.facebook.net
d1z2jf7jlzjs58.cloudfront.net
d8rk54i4mohrb.cloudfront.net
edge.simplereach.com
forms.hsforms.com
forms.hubspot.com
geolocation.onetrust.com
idsync.rlcdn.com
js.hs-analytics.net
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
js.hsleadflows.net
m.addthisedge.com
ml314.com
pagead2.googlesyndication.com
pixel.mathtag.com
pixel.quantserve.com
ps.eyeota.net
px.ads.linkedin.com
px.moatads.com
q.quora.com
rules.quantcount.com
s3.amazonaws.com
s7.addthis.com
sb.scorecardresearch.com
script.hotjar.com
secure.quantserve.com
securepubads.g.doubleclick.net
sjs.bizographics.com
srv-2019-03-22-15.config.parsely.com
srv-2019-03-22-15.pixel.parsely.com
static.ads-twitter.com
static.hotjar.com
sync.crwdcntrl.net
t.co
tags.bluekai.com
tpc.googlesyndication.com
track.hubspot.com
vars.hotjar.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.redditstatic.com
www.technologyreview.com
z.moatads.com
104.111.241.32
104.244.42.3
104.244.42.5
13.74.252.44
143.204.98.108
147.75.205.49
147.75.83.19
151.101.1.140
151.101.1.2
151.101.120.157
172.217.21.194
2.18.233.201
2.18.235.40
2.23.104.167
204.79.197.200
23.210.248.44
23.43.115.95
2406:da00:ff00::36e3:ea03
2600:9000:2043:9000:1f:573d:79c0:21
2600:9000:2043:a200:6:44e3:f8c0:93a1
2606:4700:10::6814:1bee
2606:4700:10::6814:1cee
2606:4700::6810:5705
2606:4700::6810:fa05
2606:4700::6810:fb05
2606:4700::6811:47b0
2606:4700::6811:73b0
2606:4700::6811:b949
2606:4700::6811:cccc
2606:4700::6811:d3cc
2606:4700::6811:e9cc
2606:4700:e6::ac40:ca17
2620:109:c002::6cae:a0a
2620:109:c00c:104::b93f:9005
2a00:1450:4001:808::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:815::2001
2a00:1450:4001:81e::2002
2a00:1450:4001:820::2002
2a00:1450:4001:824::2004
2a00:1450:4016:800::2002
2a02:26f0:6c00:293::3adf
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
34.199.66.245
34.249.56.252
34.95.92.78
52.216.144.229
52.31.106.135
52.48.148.204
52.87.35.92
54.171.224.12
54.172.190.168
54.208.18.17
54.84.177.104
54.93.117.16
91.228.74.184
91.228.74.239
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06768ff08a78f24b60973b047561141c4413864fa2d3ac9292fb0b217a81f917
09a5596268b9389da432f3eced3319e6ec40220e613cdd742517713e431cb40b
0d09eefb45e90f4236f585e2fd604e9270dda2c91c85b3a38a66017c775da334
0dfb68082d7ed101a1a565f97577b529ebfd8df8286792d5e21434babae63e5f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4
1349d35cb629a932fe00785c3f6ac9454ec4c5cf3b1edcf25b8749ad36ba253a
13be0fad34aadb206ab194936a25a9979835f3e5551bd436e85125d142b663cc
1772bb9221cb908badb4c99fa3eab2f23b638e14f72125673fe8394681bf4d32
17d3e313f9cb6c498698b08058466b6e9d133e35945dc5700ecabfed21d059b8
1a20f6ee8f0590104e47e29e590d8f2698bf4bc5486b80d5f05e8ea5b4d427df
1ac5d30e060c2cf039455f8841ce68c1f509de085fa10e630ea9778be6d7ae28
1af2c81a508642306c75af24bf7a2fe08c6d2687bffd2005598a7ae528686b54
22319cb3b15cdd7ecfd35159216d2223c53d0127690078f07651d1e46090b4db
2b66eeb4d09255e5f5bfa2fb7f191a342a7c072a6426107fde848b065ba0a9e1
2d60d068778b4af2913f52dcd1f8fcd110295e51bedf959b2aa4e37ed290f150
2d937ae96df3f764ad89b068a2bbb15277e079eb9f40756198dea0521663435c
2d99efcd06c0c2bbd57247ca6c0c231560840ef20cd073c61cef5560d7b0709d
3156d1b6cf292ccf0adcb29e31da8a78a8b6b4740b5d00e71f3e94dd21dd1a85
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
381505fbbe1274b2f5b58f56e879542b46e7e5af1faa56176e8b437e288d5018
3b927dca3cf9e48bab1049acb8a413eb65ddd46815239d2886d6c0a25265b6b5
3f37d74095d27ff0f96a5db6eb5136c477109a18e09d9dc6b94bd9cb5f45fba2
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
4082a52c011028ce4f4d524b09c2a028170e7ff102dd8e2f7e66b230bb20c46c
45304177e143584757ac9d37dad9ad4ecca6ac919fc0b288f31b2985dd05758f
482bf17c3106adb2d5e26858b4c4d119fc8e5192ea73e0145cca1381343c609d
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ec92479b90fa26815b14755ca5645cf8900f7b5df5313f2f8046f9352c76a7a
5f7583a7b337ef2f75c1128c866d5dfbada071ddba793a2974ae41a654cc1665
5fc61bf0728b3a21438b4539c6fa9cfe549b89a537d375d72dd7c687ac26b41f
60119eec052ee61297a5db952be472f058908a8770133f7e7b35695d3461dbed
6039d59d280caf4100ed5c743b1793853d9c2d1e4aba63a037e14d50ce452538
623bbd6e9fc0d231a07dbde18fe91c2f1eccb1aaa13c0a2ca2be0bbb963408bb
6271892e0407de92b416611dd9a2a2c582146c66837a62c8291f0019645914de
62ebcf0c18cdfc584b1aaca160d121055d24cb8072ea4368613e89ed98c92d1e
6464eeaf0666b5948fbc683eec370a6601d12abdaaac0d8560672c6d4a2e0bf8
648bde3606e8abcadc6a94dab68193fb00b97a69c7ceeba4ce95daf3a61afe61
696f31b56da5b1713ffb8b3bbbf7b56a7cec56a34a156ee93e9b59ccf516ca30
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6bb981959d783d83df88b9aa48738948c9a8a22c1a31b8cb5305d3e338ebf9a7
6e3e0c14cd2f2f6c9e3f7f49ca91e0285b0f748c29e82380e2ac77750f613958
725913eab3460e2955a8ac4ec176f902c7d8d2db60757248b735cbf8698b0749
73980f3dfa2725a845dcc969220c3893ca230a5049b2afb0d43de5eacb4f98e2
760142cff640e00f8d7cb46efde7e54920be358cc2c095107b006d86c9294110
762e5fd7df3e5f35b2b9cf5c5cc01b0e67420fb73a4a9be8eb236184bf6ad763
80e0e663ec8e77b09b27581a613982039b6fd7830eb55c6cf6e038fdf9e13e63
812919ca83bf113696dd460f078f66e4d442b7179341cf8459dd5f6270d41bad
83f0568d44d6151864a2921696af9d5460c47e955dbc79c1df5be58097b317ef
8487ebadc26aabde81a81acd5253ffb0276c292a6bb43a2f501b3f6987483e5d
8b2630fa237b81931335c873da5f889928686854892edb91f1ad9476b955869b
8d48929b25be1b80c05e6bf9d82d070a4c63ab1a84c7f0c131ac247642270caa
9410a5f364318807f762162b9ced47d76a0ee7e720ebd23cf3c62316eb3b193f
95988cd724c335017a45083d6113304f8ff09502a3aa961b804f8ae03f4c3ada
9804319e04965fab520e9c970fbf67c1f08038c26fc8312af3dcaecd815f6515
9c318f7e927701be1a5cb370e210b91c26df66249b47ed0d331c9550452221d8
9eb133a7436e40d5aca41e5ae3ba727c933472641abcaeaac298b9d07f6feda0
9f77743f6848ac60f92e05cd59b29fda0e596f579343647f8930254ef996b455
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3273dce4deb1a87d9c6b75ce1b9305872ee56ad6da2ab873858d9d20d1ff3a8
a53e645f8df92311cfd26567012ec54759b444dd8b4e008646a905d6dfd832da
aa060a9bdebb66ad88ccfced7b465b07d0d664b1fa2db22cbdf0e27ba7524e5e
ac0826ef89f378af1d6f5c100aba69509dc7e6022d8215422696df2e452f249a
ac2e2b519ca957fedb4a79d2dfeb00f172b912063180e788b423be4eeefec2f1
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae3ea387b378c0292d88b248f89469115159836aa628d33862e409f2cc7ba67a
ae6cb9e1ef4b334f6182c560e74a7e4f137f84a5800d2cc6636c79b2122155d8
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
c4f74426cd765a619d66202aedab4f4005582aa69ee114d54704b9097f0285db
c6624373ca3bde0a4dfc2b92d20c4b4cfc7c062e544a1a3c3ecd15f94fe7d426
c971c1694ddb3db938966d60dbaa380e17948a93fb6e9879906b859d18547d41
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cab9300f0ecfc026cc2e558aaea117dc5b536c0728deb27e763b27659a093118
cd191ef8796b5d0f92892273e05517556478b9401863b8f69c5550726f24d901
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3145e9b70309578810dd484cbb2f225f87ce90ec15ada2ae3388d9723a20142
d9cc098e1ef794d0e585270c0483cf8b0870ad06a2d5e6670ba7e7d056963ac7
da0ec95c7f4beb658ce61a4e6db2d57cbfaf0bcfdbd2bf508506ced773eca16f
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd1e2fe2887db6cffac6a9bdfb3954a97b581d6b7db0d75439eb7075adbe9f95
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83c9abb65221b77d3c57b4f326d9ecb131bc2f1ff8fb2b4077633e5317e937f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0032f921fd9629fbee0e5cddce8bf02545db825187e6b8e3f4973eab16b0cf8
f17090be520764660accb76f6b0afd46a86fc3ee5c84d5e2a6849459a2d005af
f20738fd2ecc88cdac45a4ce358fec1ab0b1693d2a1d861aa82872919f528cbc
f58326635cae286410167913c832771c99ac773493137d769585ba661f547cc7
f5ee20343782e170511daaa30e087970a5dec8ad9ad108ed0e174d0ec583dbf3
fa406a3b680dad647af5fa7aa717580bb12e1b13d6efb7e23f344c751f03cfb3
fcb266205826d7200403a3b88f415a211e3db0503c6bc7b2b06bef0e1991f11e
fee2af693975c9ae136eca914eb46ad5b57b19fbb1ec9765332c96dc7ce22754

www.technologyreview.com Open in urlscan Pro 52.87.35.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

149 Requests

100 %HTTPS

47 %IPv6

45 Domains

57 Subdomains

54 IPs

7 Countries

2358 kBTransfer

6433 kBSize

22 Cookies

18 Outgoing links

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.technologyreview.com Open in urlscan Pro
52.87.35.92 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

100 %
HTTPS

47 %
IPv6

45
Domains

57
Subdomains

54
IPs

7
Countries

2358 kB
Transfer

6433 kB
Size

22
Cookies

149 HTTP transactions
5 data transactions