www.fastcompany.com Open in urlscan Pro
151.101.129.54 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?...
Submission: On December 16 via manual (December 16th 2021, 6:42:09 am UTC) from US — Scanned from DE

Summary HTTP 321 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 91 IPs in 9 countries across 66 domains to perform 321 HTTP transactions. The main IP is 151.101.129.54, located in United States and belongs to FASTLY, US. The main domain is www.fastcompany.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2020 on May 13th 2021. Valid for: a year.

This is the only time www.fastcompany.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
53	151.101.129.54 151.101.129.54	54113 (FASTLY) (FASTLY)
4	2.21.143.57 2.21.143.57	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.216.98.141 52.216.98.141	16509 (AMAZON-02) (AMAZON-02)
4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
3	13.225.87.127 13.225.87.127	16509 (AMAZON-02) (AMAZON-02)
2	108.156.253.64 108.156.253.64	16509 (AMAZON-02) (AMAZON-02)
2	18.66.92.228 18.66.92.228	16509 (AMAZON-02) (AMAZON-02)
18	151.101.1.54 151.101.1.54	54113 (FASTLY) (FASTLY)
3	2a02:26f0:fb:... 2a02:26f0:fb:59e::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	104.92.84.47 104.92.84.47	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.89.31.187 104.89.31.187	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2606:4700:20:... 2606:4700:20::ac43:497c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:1a00:12:1bcc:1d00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42::282 2a04:4e42::282	54113 (FASTLY) (FASTLY)
1 9	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1 3	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
1	54.72.156.114 54.72.156.114	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.170.183.138 18.170.183.138	16509 (AMAZON-02) (AMAZON-02)
2	18.169.85.185 18.169.85.185	16509 (AMAZON-02) (AMAZON-02)
1	52.208.138.90 52.208.138.90	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6811:bab1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::6815:3c3f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.252.195.31 34.252.195.31	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
3	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
1	143.204.101.156 143.204.101.156	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:fb:... 2a02:26f0:fb:5ae::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.174.97.254 54.174.97.254	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
7	52.222.210.175 52.222.210.175	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	46.137.57.74 46.137.57.74	16509 (AMAZON-02) (AMAZON-02)
1 1	34.248.191.66 34.248.191.66	16509 (AMAZON-02) (AMAZON-02)
1 4	2600:9000:231... 2600:9000:2315:4200:e:ec66:e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	2600:9000:224... 2600:9000:224a:3600:1d:1e33:7c40:21	16509 (AMAZON-02) (AMAZON-02)
3 9	2600:9000:215... 2600:9000:2156:0:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1	3.220.57.224 3.220.57.224	14618 (AMAZON-AES) (AMAZON-AES)
2	52.22.141.132 52.22.141.132	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:231... 2600:9000:2315:5400:c:d8a6:21c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
7	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1 4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:4fa5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a03:2880:f21... 2a03:2880:f21c:80c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f20... 2a03:2880:f207:e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	151.101.2.51 151.101.2.51	54113 (FASTLY) (FASTLY)
1	151.101.64.233 151.101.64.233	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:e200:10:ce97:9fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.144.144.142 54.144.144.142	14618 (AMAZON-AES) (AMAZON-AES)
13	2a04:4e42:600... 2a04:4e42:600::626	54113 (FASTLY) (FASTLY)
1	2600:9000:231... 2600:9000:2315:6400:6:21a6:f4c0:21	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:fb:... 2a02:26f0:fb:59f::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	52.59.69.103 52.59.69.103	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:b9b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	104.18.22.230 104.18.22.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 9	2.21.141.169 2.21.141.169	16625 (AKAMAI-AS) (AKAMAI-AS)
2	152.199.22.243 152.199.22.243	15133 (EDGECAST) (EDGECAST)
7	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	3.215.137.103 3.215.137.103	14618 (AMAZON-AES) (AMAZON-AES)
8	3.13.126.66 3.13.126.66	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::626	54113 (FASTLY) (FASTLY)
2 2	2600:9000:214... 2600:9000:214f:3400:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.167.42.48 54.167.42.48	14618 (AMAZON-AES) (AMAZON-AES)
6	2606:4700::68... 2606:4700::6812:da5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1	20.40.202.0 20.40.202.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:f015	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	() ()
1 2	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
3	178.63.12.208 178.63.12.208	24940 (HETZNER-AS) (HETZNER-AS)
6	146.20.132.75 146.20.132.75	27357 (RACKSPACE) (RACKSPACE)
6	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:231... 2600:9000:2315:5800:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	54.163.236.63 54.163.236.63	14618 (AMAZON-AES) (AMAZON-AES)
321	91

53 151.101.129.54 (United States)

ASN54113 (FASTLY, US)

www.fastcompany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.fastcompany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.fastcompany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.fastcompany.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.inc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.21.143.57 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-143-57.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.98.141 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.87.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-127.fra2.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.156.253.64 (United States)

ASN16509 (AMAZON-02, US)

d2qhg50jab93jy.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.92.228 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-92-228.fra56.r.cloudfront.net

d2t7a3zbo166a9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 151.101.1.54 (United States)

ASN54113 (FASTLY, US)

images.fastcompany.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fc-api.fastcompany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:fb:59e::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.92.84.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-84-47.deploy.static.akamaitechnologies.com

cdn.conversant.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.89.31.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-31-187.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:497c (United States)

ASN13335 (CLOUDFLARENET, US)

www.queryly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:1a00:12:1bcc:1d00:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.knotch-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.194.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.37 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.156.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-156-114.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.170.183.138 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-183-138.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.169.85.185 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-85-185.eu-west-2.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.138.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-138-90.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)

api.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:3c3f (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.195.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-195-31.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.156 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-156.fra50.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:fb:5ae::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.174.97.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-97-254.compute-1.amazonaws.com

ac.realvu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.222.210.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-210-175.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.137.57.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-57-74.eu-west-1.compute.amazonaws.com

mansueto.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.191.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-191-66.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2315:4200:e:ec66:e40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cdn.keywee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:3600:1d:1e33:7c40:21 (United States)

ASN16509 (AMAZON-02, US)

drlimmode9ddd.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2156:0:1:a3fa:7cc0:93a1 (United States) 3 redirects

ASN16509 (AMAZON-02, US)

content.jwplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.188.95.229 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

grunerandjahr.112.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.57.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-57-224.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.22.141.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-141-132.compute-1.amazonaws.com

api.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:5400:c:d8a6:21c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

units.knotch.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:4fa5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jsapi.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f21c:80c4:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f207:e5:face:b00c:0:4420 (Vienna, Austria) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.51 (United States)

ASN54113 (FASTLY, US)

view.ceros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.233 (United States)

ASN54113 (FASTLY, US)

creative-services.ceros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:e200:10:ce97:9fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.durationmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a04:4e42:600::626 (United States)

ASN54113 (FASTLY, US)

ssl.p.jwpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets-jpcust.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ping-meta-prd.jwpltx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prd.jwpltx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:6400:6:21a6:f4c0:21 (United States)

ASN16509 (AMAZON-02, US)

d3aiy6aqoa3ykz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:fb:59f::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.69.103 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-69-103.eu-central-1.compute.amazonaws.com

free-geo-ip.p.rapidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b9b1 (United States)

ASN13335 (CLOUDFLARENET, US)

social.fastcompany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.18.22.230 (None, )

ASN13335 (CLOUDFLARENET, US)

www.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

api.conversant.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.21.141.169 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-169.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.22.243 (United States)

ASN15133 (EDGECAST, US)

entitlements.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.215.137.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-137-103.compute-1.amazonaws.com

be.durationmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.13.126.66 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-126-66.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

972240864.privacysandbox.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::626 (United States)

ASN54113 (FASTLY, US)

assets-jpcust.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:3400:1:a3fa:7cc0:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.167.42.48 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-42-48.compute-1.amazonaws.com

pixel.keywee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:da5 (United States)

ASN13335 (CLOUDFLARENET, US)

videos-cloudflare.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lightboxapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (None, )

ASN- ()

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.63.12.208 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: de716.cxense.com

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 146.20.132.75 (United States)

ASN27357 (RACKSPACE, US)

ssp.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn2t6mdnujruus8jh-inc.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:5800:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.163.236.63 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-236-63.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	fastcompany.net images.fastcompany.net	6 MB
18	connatix.com 1 redirects cd.connatix.com cds.connatix.com capi.connatix.com vid.connatix.com demo.connatix.com Failed img.connatix.com	433 KB
15	dianomi.com www.dianomi.com	144 KB
14	fastcompany.com www.fastcompany.com assets.fastcompany.com images.fastcompany.com fc-api.fastcompany.com social.fastcompany.com	871 KB
11	jwpsrv.com assets-jpcust.jwpsrv.com videos-cloudflare.jwpsrv.com	478 KB
10	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net ad.doubleclick.net	173 KB
9	jwplatform.com 3 redirects content.jwplatform.com	237 KB
8	consensu.org cdn.conversant.mgr.consensu.org api.conversant.mgr.consensu.org	190 KB
8	cloudfront.net d2qhg50jab93jy.cloudfront.net d2t7a3zbo166a9.cloudfront.net d1z2jf7jlzjs58.cloudfront.net drlimmode9ddd.cloudfront.net d3aiy6aqoa3ykz.cloudfront.net	40 KB
7	googleapis.com imasdk.googleapis.com	1 MB
7	cxense.com cdn.cxense.com p1cluster.cxense.com comcluster.cxense.com id.cxense.com	54 KB
7	facebook.com www.facebook.com	719 B
7	amazon-adsystem.com c.amazon-adsystem.com	41 KB
7	skimresources.com s.skimresources.com r.skimresources.com t.skimresources.com p.skimresources.com	15 KB
7	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	64 KB
7	moatads.com z.moatads.com mb.moatads.com geo.moatads.com	151 KB
6	qualtrics.com zn2t6mdnujruus8jh-inc.siteintercept.qualtrics.com siteintercept.qualtrics.com	27 KB
6	lkqd.net ssp.lkqd.net	2 KB
6	lightboxcdn.com www.lightboxcdn.com jsapi.lightboxcdn.com	161 KB
5	jwpltx.com ping-meta-prd.jwpltx.com prd.jwpltx.com	186 B
5	pinterest.com 1 redirects ct.pinterest.com www.pinterest.com	2 KB
5	jwpcdn.com ssl.p.jwpcdn.com	256 KB
5	keywee.co 1 redirects cdn.keywee.co pixel.keywee.co	34 KB
4	pinterest.de www.pinterest.de	15 KB
4	jwplayer.com 2 redirects entitlements.jwplayer.com cdn.jwplayer.com	1 KB
4	google.de www.google.de	736 B
4	google.com 1 redirects www.google.com	696 B
4	twitter.com analytics.twitter.com platform.twitter.com syndication.twitter.com	134 KB
4	parsely.com api.parsely.com cdn.parsely.com p1.parsely.com	33 KB
4	2o7.net 1 redirects grunerandjahr.112.2o7.net	2 KB
4	googletagmanager.com www.googletagmanager.com	149 KB
4	facebook.net connect.facebook.net	288 KB
4	google-analytics.com www.google-analytics.com	40 KB
3	googleadservices.com www.googleadservices.com 972240864.privacysandbox.googleadservices.com	16 KB
3	instagram.com 2 redirects platform.instagram.com www.instagram.com	5 KB
3	demdex.net dpm.demdex.net mansueto.demdex.net	5 KB
3	tinypass.com api.tinypass.com cdn.tinypass.com buy.tinypass.com	124 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	queryly.com www.queryly.com	11 KB
3	adobedtm.com assets.adobedtm.com	121 KB
3	adlightning.com tagan.adlightning.com	70 KB
2	2mdn.net s0.2mdn.net	33 KB
2	rapidapi.com free-geo-ip.p.rapidapi.com	2 KB
2	durationmedia.net tag.durationmedia.net be.durationmedia.net	31 KB
2	ceros.com view.ceros.com creative-services.ceros.com	4 KB
2	pinimg.com s.pinimg.com	19 KB
2	polyfill.io cdn.polyfill.io	3 KB
2	fastclick.net secure.cdn.fastclick.net	19 KB
2	amazonaws.com s3.amazonaws.com	2 KB
1	chartbeat.net ping.chartbeat.net	201 B
1	chartbeat.com static.chartbeat.com	14 KB
1	piano.io c2.piano.io	3 KB
1	azurewebsites.net lightboxapi.azurewebsites.net	635 B
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	t.co t.co	470 B
1	knotch.it units.knotch.it	6 KB
1	ipify.org api.ipify.org	244 B
1	inc.com www.inc.com	744 B
1	dotomi.com proc.ad.cpe.dotomi.com	616 B
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	realvu.net ac.realvu.net	356 B
1	ads-twitter.com static.ads-twitter.com	6 KB
1	npttech.com www.npttech.com	3 KB
1	ml314.com ml314.com	13 KB
1	imrworldwide.com secure-us.imrworldwide.com	369 B
1	knotch-cdn.com www.knotch-cdn.com	37 KB
321	66

	Domain	Requested by
57	images.fastcompany.net	www.fastcompany.com
15	www.dianomi.com	assets.fastcompany.com www.dianomi.com tagan.adlightning.com www.fastcompany.com
9	content.jwplatform.com	3 redirects tagan.adlightning.com content.jwplatform.com ssl.p.jwpcdn.com
8	capi.connatix.com	cd.connatix.com
7	imasdk.googleapis.com	content.jwplatform.com tagan.adlightning.com cd.connatix.com imasdk.googleapis.com
7	www.facebook.com	www.fastcompany.com
7	c.amazon-adsystem.com	s3.amazonaws.com c.amazon-adsystem.com
6	ssp.lkqd.net	cd.connatix.com
6	img.connatix.com	www.fastcompany.com
6	videos-cloudflare.jwpsrv.com	ssl.p.jwpcdn.com
6	images.fastcompany.com	www.fastcompany.com
5	pagead2.googlesyndication.com	srcdoc
5	assets-jpcust.jwpsrv.com	www.fastcompany.com
5	ssl.p.jwpcdn.com	content.jwplatform.com tagan.adlightning.com
5	www.lightboxcdn.com	www.fastcompany.com www.lightboxcdn.com tagan.adlightning.com
5	cdn.conversant.mgr.consensu.org	www.fastcompany.com secure.cdn.fastclick.net cdn.conversant.mgr.consensu.org
4	siteintercept.qualtrics.com	tagan.adlightning.com siteintercept.qualtrics.com
4	www.pinterest.de	tagan.adlightning.com www.fastcompany.com
4	prd.jwpltx.com
4	ct.pinterest.com	s.pinimg.com www.fastcompany.com
4	cdn.cxense.com	cdn.tinypass.com cdn.cxense.com tagan.adlightning.com
4	www.google.de	www.fastcompany.com
4	www.google.com	1 redirects www.fastcompany.com
4	grunerandjahr.112.2o7.net	1 redirects assets.adobedtm.com www.fastcompany.com
4	cdn.keywee.co	1 redirects www.fastcompany.com tagan.adlightning.com cdn.keywee.co
4	www.googletagmanager.com	tagan.adlightning.com www.googletagmanager.com
4	connect.facebook.net	www.fastcompany.com connect.facebook.net
4	www.google-analytics.com	www.fastcompany.com www.google-analytics.com www.googletagmanager.com
4	securepubads.g.doubleclick.net	www.fastcompany.com tagan.adlightning.com securepubads.g.doubleclick.net
4	assets.fastcompany.com	www.fastcompany.com
4	z.moatads.com	www.fastcompany.com z.moatads.com assets.fastcompany.com
3	api.conversant.mgr.consensu.org	cdn.conversant.mgr.consensu.org
3	t.skimresources.com	www.fastcompany.com s.skimresources.com
3	sb.scorecardresearch.com	1 redirects www.fastcompany.com
3	www.queryly.com	www.fastcompany.com
3	assets.adobedtm.com	www.fastcompany.com tagan.adlightning.com
3	tagan.adlightning.com	www.fastcompany.com tagan.adlightning.com
2	zn2t6mdnujruus8jh-inc.siteintercept.qualtrics.com	tagan.adlightning.com
2	ad.doubleclick.net	1 redirects www.dianomi.com
2	s0.2mdn.net	imasdk.googleapis.com
2	cdn.jwplayer.com	2 redirects
2	googleads.g.doubleclick.net	1 redirects tagan.adlightning.com
2	entitlements.jwplayer.com	content.jwplatform.com
2	free-geo-ip.p.rapidapi.com	assets.fastcompany.com
2	www.googleadservices.com	www.googletagmanager.com tagan.adlightning.com
2	platform.twitter.com	assets.fastcompany.com tagan.adlightning.com
2	www.instagram.com	1 redirects www.fastcompany.com
2	api.parsely.com	assets.fastcompany.com
2	drlimmode9ddd.cloudfront.net	assets.fastcompany.com drlimmode9ddd.cloudfront.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	s.pinimg.com	tagan.adlightning.com s.pinimg.com
2	p.skimresources.com	www.fastcompany.com
2	dpm.demdex.net	assets.adobedtm.com www.fastcompany.com
2	geo.moatads.com	z.moatads.com
2	cds.connatix.com	www.fastcompany.com tagan.adlightning.com
2	cdn.polyfill.io	www.fastcompany.com
2	tpc.googlesyndication.com	www.fastcompany.com tagan.adlightning.com
2	secure.cdn.fastclick.net	www.fastcompany.com secure.cdn.fastclick.net
2	d2t7a3zbo166a9.cloudfront.net	www.fastcompany.com d2qhg50jab93jy.cloudfront.net
2	d2qhg50jab93jy.cloudfront.net	www.fastcompany.com
2	s3.amazonaws.com	www.fastcompany.com
2	www.fastcompany.com	www.fastcompany.com
1	ping.chartbeat.net
1	www.pinterest.com	1 redirects
1	ping-meta-prd.jwpltx.com
1	static.chartbeat.com	www.fastcompany.com
1	jsapi.lightboxcdn.com	www.lightboxcdn.com
1	id.cxense.com	cdn.cxense.com
1	comcluster.cxense.com	cdn.cxense.com
1	p1cluster.cxense.com	cdn.cxense.com
1	vid.connatix.com	cd.connatix.com
1	syndication.twitter.com	platform.twitter.com
1	c2.piano.io	cdn.tinypass.com
1	lightboxapi.azurewebsites.net	www.lightboxcdn.com
1	pixel.keywee.co	www.fastcompany.com
1	972240864.privacysandbox.googleadservices.com	www.fastcompany.com
1	be.durationmedia.net	tag.durationmedia.net
1	social.fastcompany.com	cdn.tinypass.com
1	buy.tinypass.com	cdn.tinypass.com
1	d3aiy6aqoa3ykz.cloudfront.net	drlimmode9ddd.cloudfront.net
1	p1.parsely.com	www.fastcompany.com
1	tag.durationmedia.net	assets.adobedtm.com
1	cdnjs.cloudflare.com	assets.fastcompany.com
1	creative-services.ceros.com	assets.fastcompany.com
1	view.ceros.com	assets.fastcompany.com
1	platform.instagram.com	1 redirects
1	t.co	www.fastcompany.com
1	analytics.twitter.com	tagan.adlightning.com
1	cdn.parsely.com	tagan.adlightning.com
1	units.knotch.it	tagan.adlightning.com
1	fc-api.fastcompany.com	assets.fastcompany.com
1	api.ipify.org	assets.fastcompany.com
1	www.inc.com	tagan.adlightning.com
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	cdn.tinypass.com	api.tinypass.com
1	cm.everesttech.net	1 redirects
1	mansueto.demdex.net	tagan.adlightning.com
1	ac.realvu.net	assets.adobedtm.com
1	d1z2jf7jlzjs58.cloudfront.net	tagan.adlightning.com
1	r.skimresources.com	s.skimresources.com
1	static.ads-twitter.com	tagan.adlightning.com
1	www.npttech.com	tagan.adlightning.com
1	api.tinypass.com	www.fastcompany.com
1	ml314.com	www.fastcompany.com
1	mb.moatads.com	z.moatads.com
1	secure-us.imrworldwide.com	www.fastcompany.com
1	cd.connatix.com	1 redirects
1	www.knotch-cdn.com	www.fastcompany.com
1	s.skimresources.com	www.fastcompany.com
0	demo.connatix.com Failed	www.fastcompany.com
321	110

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
fastcompany.zendesk.com
events.fastcompany.com
catalog.mindedge.com
www.zdnet.com
nypost.com
www.wkyc.com
www.theguardian.com
www.mansueto.com
kudos.fastcompany.com
fastcompany.com

Subject Issuer	Validity	Valid
*.fast-co.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-13` - `2022-06-14`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.adlightning.com Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
cdn.conversant.mgr.consensu.org R3	`2021-10-25` - `2022-01-23`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2021-03-11` - `2022-03-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2021-09-27` - `2022-10-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-08` - `2022-05-07`	a year	crt.sh
www.knotch-cdn.com Amazon	`2021-11-07` - `2022-12-06`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-25` - `2021-12-24`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2021-08-19` - `2022-09-18`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
ac.realvu.net Amazon	`2021-02-27` - `2022-03-28`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-07-13` - `2022-06-25`	a year	crt.sh
jwplayer.com Amazon	`2021-01-29` - `2022-02-26`	a year	crt.sh
*.112.2o7.net DigiCert TLS RSA SHA256 2020 CA1	`2021-04-14` - `2022-04-20`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.knotch.it Amazon	`2021-07-10` - `2022-08-08`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
ssl1029400.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-06` - `2022-06-30`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
atrun.redbull.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-08-17` - `2022-09-18`	a year	crt.sh
*.ceros.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-04` - `2022-06-05`	a year	crt.sh
*.durationmedia.net Amazon	`2021-08-23` - `2022-09-21`	a year	crt.sh
*.anyword.com Amazon	`2021-08-04` - `2022-09-02`	a year	crt.sh
*.jwplayer.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2021-05-21` - `2022-05-26`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.p.rapidapi.com Amazon	`2021-08-07` - `2022-09-05`	a year	crt.sh
social.fastcompany.com Cloudflare Inc ECC CA-3	`2021-01-22` - `2022-01-21`	a year	crt.sh
dianomi.com Cloudflare Inc ECC CA-3	`2021-06-03` - `2022-06-02`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
*.conversant.mgr.consensu.org GlobalSign RSA OV SSL CA 2018	`2020-03-31` - `2022-06-06`	2 years	crt.sh
entitlements.jwplayer.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-30` - `2022-06-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.privacysandbox.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
pixel.keywee.co Sectigo ECC Domain Validation Secure Server CA	`2021-01-20` - `2022-02-19`	a year	crt.sh
videos-cloudflare.jwpsrv.com Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.azurewebsites.net Microsoft RSA TLS CA 02	`2021-07-07` - `2022-07-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-09` - `2022-07-14`	a year	crt.sh
*.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-24` - `2022-09-24`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Frame ID: 542F4DDB5649855DA71FE6D221FD4B1F
Requests: 260 HTTP requests in this frame

Frame: https://cds.connatix.com/p/142603/connatix.playspace.dc.js
Frame ID: C4211ED21ABB984787C8F66A85614154
Requests: 18 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 3484E72A115D3D70C9F3FE0A80D3E4B6
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.7698588618956252
Frame ID: A965F453518B8408EAF119E22B6A34E4
Requests: 1 HTTP requests in this frame

Frame: https://mansueto.demdex.net/dest5.html?d_nsid=0
Frame ID: CD0647F564EADA58679FA1417F77A758
Requests: 1 HTTP requests in this frame

Frame: https://drlimmode9ddd.cloudfront.net/f/3eJyrVspUslJQMjQxNlLSUVAqB3HSEotLkvNzCxLzKvWANEi8BCwOYuXnpcZn5gG5hrUA4rMQYA====/1432.html
Frame ID: 41267319D9A4180C6929ABA5F2289AA9
Requests: 3 HTTP requests in this frame

Frame: https://units.knotch.it/reporter/ver-fac59b9/index.html
Frame ID: DBC33863533912A9CF73CFFB223E244C
Requests: 1 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/252af0a6-c9ae-4612-9dbe-5d1552fad623/lightbox.js?mb=1639636918230&lv=1
Frame ID: C0228F8428753DE95E87B0CF1FA03690
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.fastcompany.com
Frame ID: 6CA96762279B986DB538E6BBDB4BE9AA
Requests: 2 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=5350&num_ads=4&cf=1061.76.FC&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&unitId=dianomi-5350-YbrftozT8yT5XFAegmU7rgAAABc0
Frame ID: D0B3090BF3506C353A1173701F02A9B3
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A8C82335A73086E7B48B93234EE499A8
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Frame ID: C6B4EA13292C4181B4044CE42E5CC88A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A3D6A4EC36DA127035AA08DF071C5F74
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1275654FCB6512C7E38BD2061B8DF5C7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Frame ID: 67866F0AB754D6575125CA543052E303
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: A9E25471717FA509B1D11129769AAB28
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 70AAD8939F7E45824D1126D86FDE2B54
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F6889E3D1292754C19CDA367AF884834
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Frame ID: B30DF35E7D7C0D5C8B6AB21E12F78473
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Frame ID: D60E46C9F199B01CDC05A4B5C07F5B31
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Frame ID: E6EAACF30AA18B06DC78ECDC227E78A8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 37F7376F685DA85C1B8F297E76D4360C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F91E17C623628B99062B434C9F092B5F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 30474206654D5D224065886956FCCCA2
Requests: 1 HTTP requests in this frame

Frame: https://www.pinterest.de/ct.html
Frame ID: F70BD0DAB064709A4E8210CF05B6F07A
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kronos ransomware attack: Will it affect my paycheck?Kronos ransomware attack: Will it affect my paycheck?

Page Statistics

321
Requests

95 %
HTTPS

43 %
IPv6

66
Domains

110
Subdomains

91
IPs

9
Countries

11473 kB
Transfer

25196 kB
Size

68
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/FastCompany/

Search URL Search Domain Scan URL

URL: https://twitter.com/fastcompany

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fastcompany/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/fast-company

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/FastCompany

Search URL Search Domain Scan URL

URL: https://fastcompany.zendesk.com/hc/en-us
Title: Help Center

Search URL Search Domain Scan URL

URL: https://events.fastcompany.com/innovationfestival21
Title: Innovation Festival

Search URL Search Domain Scan URL

URL: https://catalog.mindedge.com/fastcompany
Title: Courses and Learning

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas&app_id=178479832213933&display=popup

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas&text=Kronos%20ransomware%20attack%3A%20The%20nightmare%20that%20could%20hit%20paychecks%20right%20before%20Christmas

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas&media=Kronos%20ransomware%20attack%3A%20The%20nightmare%20that%20could%20hit%20paychecks%20right%20before%20Christmas

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/hr-platform-kronos-brought-down-by-ransomware-attack-ukg-warns-of-data-breach/
Title: reported that multiple companies were unable to process payrolls

Search URL Search Domain Scan URL

URL: https://nypost.com/2021/12/13/mta-timekeeping-system-goes-dark-after-ransomware-attack/
Title: also revealed

Search URL Search Domain Scan URL

URL: https://www.wkyc.com/article/news/local/cleveland/cleveland-kronos-cybersecurity-incident/95-5cab1459-0779-4125-a74e-443bed04e90c
Title: it received an alert from UKG

Search URL Search Domain Scan URL

URL: https://www.theguardian.com/technology/2021/dec/10/software-flaw-most-critical-vulnerability-log-4-shell
Title: discovered

Search URL Search Domain Scan URL

URL: https://www.mansueto.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.mansueto.com/terms-of-service
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.mansueto.com/privacy-policy/#collection
Title: Notice of Collection

Search URL Search Domain Scan URL

URL: https://fastcompany.zendesk.com/hc/en-us/requests/new
Title: Do Not Sell My Data

Search URL Search Domain Scan URL

URL: https://kudos.fastcompany.com/
Title: Permissions

Search URL Search Domain Scan URL

URL: https://www.mansueto.com/vendor-policies.html

Search URL Search Domain Scan URL

URL: https://fastcompany.com/videos
Title: Video

Search URL Search Domain Scan URL

URL: http://www.mansueto.com/privacy-policy/
Title: privacy policy.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/142603/connatix.playspace.dc.js

Request Chain 73

https://sb.scorecardresearch.com/b?c1=2&c2=6916907&ns__t=1639636917343&ns_c=UTF-8&cv=3.5&c8=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&c7=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6916907&ns__t=1639636917343&ns_c=UTF-8&cv=3.5&c8=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&c7=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&c9=

Request Chain 83

https://cm.everesttech.net/cm/dd?d_uuid=43467505268114911281011497352994340986 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YbrftQAAAFKhbQO1

Request Chain 84

https://cdn.keywee.co/dist/analytics.min.js HTTP 301
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

Request Chain 109

https://grunerandjahr.112.2o7.net/b/ss/gjincfastcoprod/1/H.24.4/s85357617367214?AQB=1&ndh=1&t=16%2F11%2F2021%206%3A41%3A57%204%200&vmt=475EF8B1&ce=UTF-8&pageName=fastcompany%3A90706145%3Akronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas&g=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&cc=USD&server=fastcompany&v0=rss&events=event9&c1=news&v1=D%3Dc1&c2=news&v2=D%3Dc2&c3=Kronos%20ransomware%20attack%3A%20The%20nightmare%20that%20could%20hit%20paychecks%20right%20before%20Christmas&v3=D%3Dc3&c4=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas&c5=misc&v5=D%3Dc5&c6=misc&v6=D%3Dc6&c8=Connie%20Lin&v8=D%3Dc8&c9=2021-12-14&v9=D%3Dc9&c10=90706145&v10=D%3Dc10&c11=Connie%20Lin&v11=D%3Dc11&c13=1&v15=D%3Dc17&v16=D%3Dc18&c17=1%3A30AM%3AThursday%3AWeekday&v17=D%3Dc19&c18=New&v18=D%3Dc20&c19=1&v19=rss&c20=First%20Visit&c21=anonymous&c22=anonymous%3Afastcompany%3A90706145%3Akronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas&c23=anonymous&v23=D%3Dc21&c25=H24.4%7C2012.10.01&c26=D%3Ds_vi&v27=D%3Dc4&c28=article&v28=D%3Dc13&v29=D%3Ds_vi&c33=News&v35=D%3Dc28&v44=D%3Dr&v49=13&v55=D%3Dc33&h1=D%3DpageName&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&p=Chrome%20PDF%20Plugin%3BChrome%20PDF%20Viewer%3BNative%20Client%3B&AQE=1 HTTP 302
https://grunerandjahr.112.2o7.net/b/ss/gjincfastcoprod/1/H.24.4/s85357617367214?AQB=1&pccr=true&ndh=1&t=16%2F11%2F2021%206%3A41%3A57%204%200&vmt=475EF8B1&ce=UTF-8&pageName=fastcompany%3A90706145%3Akronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas&g=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&cc=USD&server=fastcompany&v0=rss&events=event9&c1=news&v1=D%3Dc1&c2=news&v2=D%3Dc2&c3=Kronos%20ransomware%20attack%3A%20The%20nightmare%20that%20could%20hit%20paychecks%20right%20before%20Christmas&v3=D%3Dc3&c4=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas&c5=misc&v5=D%3Dc5&c6=misc&v6=D%3Dc6&c8=Connie%20Lin&v8=D%3Dc8&c9=2021-12-14&v9=D%3Dc9&c10=90706145&v10=D%3Dc10&c11=Connie%20Lin&v11=D%3Dc11&c13=1&v15=D%3Dc17&v16=D%3Dc18&c17=1%3A30AM%3AThursday%3AWeekday&v17=D%3Dc19&c18=New&v18=D%3Dc20&c19=1&v19=rss&c20=First%20Visit&c21=anonymous&c22=anonymous%3Afastcompany%3A90706145%3Akronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas&c23=anonymous&v23=D%3Dc21&c25=H24.4%7C2012.10.01&c26=D%3Ds_vi&v27=D%3Dc4&c28=article&v28=D%3Dc13&v29=D%3Ds_vi&c33=News&v35=D%3Dc28&v44=D%3Dr&v49=13&v55=D%3Dc33&h1=D%3DpageName&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&p=Chrome%20PDF%20Plugin%3BChrome%20PDF%20Viewer%3BNative%20Client%3B&AQE=1

Request Chain 116

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

Request Chain 212

https://content.jwplatform.com/strips/0wANTenf-120.vtt HTTP 301
https://assets-jpcust.jwpsrv.com/strips/0wANTenf-120.vtt

Request Chain 215

https://cdn.jwplayer.com/v2/media/0wANTenf/poster.jpg?width=480 HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/lfh2epyx-480.jpg

Request Chain 233

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972240864/?random=1439347571&cv=9&fst=1639636918496&num=1&label=bcfgCMbv9bYBEODvzM8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3DMV%20Landing%20Page%20View%3Bevent_category%3DPage%20view&frm=0&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&tiba=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&auid=209208355.1639636918&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=tt-6YbC7IPCYx_AP4Y6M4Ao&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/972240864/?random=1439347571&cv=9&fst=1639636918496&num=1&label=bcfgCMbv9bYBEODvzM8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3DMV%20Landing%20Page%20View%3Bevent_category%3DPage%20view&frm=0&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&tiba=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&auid=209208355.1639636918&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=tt-6YbC7IPCYx_AP4Y6M4Ao&cid=CAQSKQCNIrLMVU3ljENXhAAlc6ZhG0Nx9IXGRs5k0Jd38DYclJJuZv0-uRA-&random=2013698536&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/972240864/?random=1439347571&cv=9&fst=1639636918496&num=1&label=bcfgCMbv9bYBEODvzM8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3DMV%20Landing%20Page%20View%3Bevent_category%3DPage%20view&frm=0&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&tiba=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&auid=209208355.1639636918&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=tt-6YbC7IPCYx_AP4Y6M4Ao&cid=CAQSKQCNIrLMVU3ljENXhAAlc6ZhG0Nx9IXGRs5k0Jd38DYclJJuZv0-uRA-&random=2013698536&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 250

https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B26132838.311090651;dc_trk_aid=503752313;dc_trk_cid=155962322;ord=1639636918;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B26132838.311090651;dc_pre=CP2j98Db5_QCFQDjuwgdOnoBfQ;dc_trk_aid=503752313;dc_trk_cid=155962322;ord=1639636918;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 251

https://content.jwplatform.com/strips/JnYw1RQo-120.vtt HTTP 301
https://assets-jpcust.jwpsrv.com/strips/JnYw1RQo-120.vtt

Request Chain 253

https://content.jwplatform.com/v2/media/JnYw1RQo/poster.jpg?width=720 HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/adr3egp7-720.jpg

Request Chain 268

https://cdn.jwplayer.com/v2/media/yFpv1hU8/poster.jpg?width=120 HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/obx921zd-120.jpg

Request Chain 305

https://www.pinterest.com/ct.html HTTP 302
https://www.pinterest.de/ct.html

321 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas Show response
www.fastcompany.com/90706145/ 1 MB
157 KB 388ms
97ms Document
text/html 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.54 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3c715b5829390cff20595181b32ff48bb400dc86119a5ad4a6e75201d1838026

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
etag: W/"10da0d-20DIBH9E1m9M81jYVdm835qsNHI"
content-encoding: gzip
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
age: 27680
last-modified: Thu, 16 Dec 2021 06:41:56 GMT
date: Thu, 16 Dec 2021 06:41:56 GMT
x-served-by: cache-iad-kjyo7100130-IAD, cache-cdg20764-CDG
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1639636917.683566,VS0,VE80
cache-control: max-age=0
vary: Accept-Encoding, Cookie, X-abtest
content-length: 160083

GET
H2 200 moatheader.js Show response
z.moatads.com/mansuetoprebidheader15141606144/ 261 KB
89 KB 139ms
16ms Script
application/x-javascript 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/mansuetoprebidheader15141606144/moatheader.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e97f4cc64ea113bf42adddcce7dd58977fbcdba7783a0227d3a44ddbd89aad0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 17:13:53 GMT
server: AmazonS3
x-amz-request-id: D95CEX6AB9HBM26J
etag: "6c870f1643a57b986dc667627bb49f06"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=61241
accept-ranges: bytes
content-length: 90324
x-amz-id-2: Mulb81fh5LTrDuHRUIZMyBMyj44fFw9tomL2Tj9rQsvxGRwi8LBoe21YQvh6KBMWs68Fons6jvw=

GET
H2 200 prebid_5.6_st.js Show response
assets.fastcompany.com/assets/js/vendor/prebid/ 278 KB
86 KB 89ms
21ms Script
application/javascript 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.fastcompany.com/assets/js/vendor/prebid/prebid_5.6_st.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6c92242764e39944f89698647d2760246377b5020c7a81b3e9e5db5c52eabe14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
x-cache: HIT, HIT
x-jpa-by: s3-redirect
x-by: 0932149ecf23da196:s3-redirect
x-cache-hits: 1, 1
content-length: 87678
x-served-by: cache-bwi5169-BWI, cache-cdg20764-CDG
last-modified: Wed, 04 Aug 2021 21:23:14 GMT
server: nginx
x-timer: S1639636917.868984,VS0,VE1
etag: W/"3400018976b53152256b97b680051518"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000
accept-ranges: bytes
expires: Fri, 21 Nov 2031 03:26:30 GMT

GET
H/1.1 200
OK mansueto_tam.js Show response
s3.amazonaws.com/assets.fastcompany.com/assets/js/vendor/prebid/ 534 B
955 B 468ms
125ms Script
application/javascript 52.216.98.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.fastcompany.com/assets/js/vendor/prebid/mansueto_tam.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.98.141 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f5fa155d6255d27071255802f89607b32018e797ee5a10c579b8654a11c36a2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:41:58 GMT
Last-Modified: Mon, 24 Feb 2020 18:33:16 GMT
Server: AmazonS3
x-amz-request-id: GYMDTWGWPXANYH20
ETag: "a08ae130d1a76e8205ee939debc9a4e2"
Content-Type: application/javascript
x-amz-version-id: ftpDjBw1Tb2iI6ZzpwES1OfAUJnhtjXq
Accept-Ranges: bytes
Content-Length: 534
x-amz-id-2: 5DPWKRp7Zs+Ix6L/8WyvEx8XHgfsMbseGoKFah+JYkWQGRtLDkWTbLVbXWbiuJOkla7QTe3ucwc=

GET
H/1.1 200
OK keywee.js Show response
s3.amazonaws.com/assets.fastcompany.com/assets/js/vendor/keywee/ 295 B
716 B 499ms
156ms Script
application/javascript 52.216.98.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.fastcompany.com/assets/js/vendor/keywee/keywee.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.98.141 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7f0eb1cee4526013019d0eddaf6d222722f6b1684cd6ac01cf886703d04e7a97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:41:58 GMT
Last-Modified: Thu, 10 Dec 2020 17:23:23 GMT
Server: AmazonS3
x-amz-request-id: GYMDQ4JC0G6DTD7J
ETag: "f286fed6e5ad8a8a923557a05f7cf518"
Content-Type: application/javascript
x-amz-version-id: MaoU7gfms0L7V9RzyiMmT1LeE.7woe28
Accept-Ranges: bytes
Content-Length: 295
x-amz-id-2: Fdfm/nMaUwGUEEOW5k6PSRLm0h2eHPds/SXttCwXEeMOb72arbQqK5xMXzu02gH0qasHMaU6+J0=

GET
H2 200 vendor.dc872e360e7420032cd2.js Show response
assets.fastcompany.com/_/fc/bundle/js/ 829 KB
245 KB 101ms
33ms Script
application/javascript 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.fastcompany.com/_/fc/bundle/js/vendor.dc872e360e7420032cd2.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7ce3f47f9e89b0598a5a17e88ed0557efd817e73a9d3982b61ff6626cd65a2d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
x-amz-request-id: MBW03F5TN631AV84
x-cache: HIT, HIT
x-by: 0932149ecf23da196:inc-assets:ansible
x-cache-hits: 1, 1
content-length: 250218
x-amz-id-2: d4WprlzFHE+5r8D+V/9ecqejlnX5BaU7wH+1DRkzfPThg/kMLIC82LhiIj2xTLwE8gIsPtlFEuE=
x-served-by: cache-bwi5158-BWI, cache-cdg20764-CDG
last-modified: Mon, 13 Dec 2021 20:02:19 GMT
server: nginx
x-timer: S1639636917.868882,VS0,VE1
etag: "ebfd007642f13406b985532c5c32ca7b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 11 Dec 2031 20:19:43 GMT

GET
H2 200 app.dc872e360e7420032cd2.js Show response
assets.fastcompany.com/_/fc/bundle/js/ 1 MB
214 KB 101ms
33ms Script
application/javascript 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.fastcompany.com/_/fc/bundle/js/app.dc872e360e7420032cd2.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c3ba0bcc847fcf19468f2cc2ec493d2ba7a6cdd0c509dad5af877b5706057565

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
x-amz-request-id: MBWFYA9KJ8NPHX11
x-cache: HIT, HIT
x-by: 003e0b5459976ffa0:inc-assets:ansible
x-cache-hits: 1, 1
content-length: 218802
x-amz-id-2: ZOJG88mM53i9cQMuLf30a4qwZhW60jdqf5syT0kb4xdYJVEucT0w7pd+W0xLZhTjwIfpbTZo8dg=
x-served-by: cache-bwi5122-BWI, cache-cdg20764-CDG
last-modified: Mon, 13 Dec 2021 20:02:10 GMT
server: nginx
x-timer: S1639636917.868732,VS0,VE1
etag: "f97afc51207099711c543ec3c5196c7c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 11 Dec 2031 20:19:43 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 84ms
24ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1072 / 55 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Dec 2021 06:41:56 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/mansueto/ 44 KB
19 KB 77ms
21ms Script
application/javascript 13.225.87.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/mansueto/op.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-127.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f6f94fe76b0cc361818bc69213bbdc769982647c1975d4a99c1f17dde0ea961

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 9VLw_FX1UvgjKLDoo.vondkrg1gZu5XW
content-encoding: gzip
etag: "a5e485ca63c51b7df6271fe4b6c3f589"
age: 472
x-cache: Hit from cloudfront
content-length: 18605
x-amz-meta-git_commit: 7b120a5
last-modified: Tue, 14 Dec 2021 08:02:27 GMT
server: AmazonS3
date: Thu, 16 Dec 2021 06:34:13 GMT
content-type: application/javascript
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: -vbUtObCas-MA0mCkGKWXum7YbTibj072EL4e5nXsz8tfuA4IfwlUw==

GET
H/1.1 200
OK fc3.js Show response
d2qhg50jab93jy.cloudfront.net/js/ 29 KB
29 KB 625ms
580ms Script
application/javascript 108.156.253.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2qhg50jab93jy.cloudfront.net/js/fc3.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.253.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2477320837bb15f65124dbcc523a400df4a3cbbf586ecfad1f8a58372d7ac26a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: eCgkJPI1UhoDRURLPUa7l2MWZ607Gg7u
Via: 1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
Last-Modified: Tue, 31 Aug 2021 18:48:09 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-P2
ETag: "40e3b965de93af72dde1efb15e79e694"
x-amz-meta-sha256: 2477320837bb15f65124dbcc523a400df4a3cbbf586ecfad1f8a58372d7ac26a
Content-Type: application/javascript
Date: Thu, 16 Dec 2021 06:41:58 GMT
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29311
X-Amz-Cf-Id: bNAi_Z9n-5A_XMjBnqUE3XoIsh6ZTB5to2Xe-SZZ0Qb_3jWptOH1Fg==
x-amz-meta-s3b-last-modified: 20210831T184731Z

GET
H/1.1 200
OK fc3.css
d2t7a3zbo166a9.cloudfront.net/css/ 6 KB
7 KB 106ms
14ms Stylesheet
text/css 18.66.92.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2t7a3zbo166a9.cloudfront.net/css/fc3.css
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-228.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ea536e4e260be6d01bf51e11faf0b761716136fc1663dc45218453cdef94a65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 6Ge0GCl3Y50ozCixgJAxZL35dQeEzrdP
Via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
ETag: "b0b0694de70fd5e42f19d8d595f6ef77"
Age: 83899
x-amz-meta-sha256: 5ea536e4e260be6d01bf51e11faf0b761716136fc1663dc45218453cdef94a65
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 6163
Last-Modified: Tue, 31 Aug 2021 18:48:52 GMT
Server: AmazonS3
Date: Wed, 15 Dec 2021 07:23:43 GMT
Content-Type: text/css
X-Amz-Cf-Pop: FRA56-P2
Accept-Ranges: bytes
X-Amz-Cf-Id: wP0AKlXgJyJ_hb6ikfECuMsPxrCKcoKIjBAHhaFkLnJHFoFz4S0DVw==
x-amz-meta-s3b-last-modified: 20210831T184837Z

GET
H2 200 A2Beckett-BookWEB.woff
images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/Beckett/ 77 KB
68 KB 93ms
10ms Font
application/font-woff 151.101.1.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/Beckett/A2Beckett-BookWEB.woff
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e5dc10664c94f8923a14174aaa4bfb412484529559de7f51e78651f1896b50a7

Request headers

Referer: https://www.fastcompany.com/
Origin: https://www.fastcompany.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
x-cache: HIT, HIT
x-jpa-by: s3-redirect
x-by: 05d644beebe5ec4a1:s3-redirect
x-cache-hits: 1, 67
content-length: 69057
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5145-BWI, cache-hhn4083-HHN
last-modified: Tue, 25 Sep 2018 17:49:26 GMT
server: nginx
x-timer: S1639636917.879362,VS0,VE0
etag: "3aa5fc8aa6f4a6d004bb18571c47b628"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=3153600001
accept-ranges: bytes
expires: Sun, 16 Nov 2031 07:23:03 GMT

GET
H2 200 CentraNo1-Bold.woff
images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/CentraNo1-Bold-Italic-Web/ 40 KB
40 KB 93ms
10ms Font
application/font-woff 151.101.1.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/CentraNo1-Bold-Italic-Web/CentraNo1-Bold.woff
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3cd06c630775fb5a815578075b1a03abdd58815e8cc528a4df56cfd355ec090e

Request headers

Referer: https://www.fastcompany.com/
Origin: https://www.fastcompany.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
x-cache: HIT, HIT
x-jpa-by: s3-redirect
x-by: 0932149ecf23da196:s3-redirect
x-cache-hits: 1, 69
content-length: 41117
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5153-BWI, cache-hhn4083-HHN
last-modified: Tue, 25 Sep 2018 17:49:26 GMT
server: nginx
x-timer: S1639636917.879727,VS0,VE0
etag: "2c2118e69c8d7880c31ac23cf951b0c4"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=3153600001
accept-ranges: bytes
expires: Sun, 02 Nov 2031 08:16:48 GMT

GET
H2 200 CentraNo1-BoldItalic.woff
images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/CentraNo1-Bold-Italic-Web/ 42 KB
43 KB 92ms
10ms Font
application/font-woff 151.101.1.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/CentraNo1-Bold-Italic-Web/CentraNo1-BoldItalic.woff
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 384a39e0380c9c721bb3f374d252d34ceb2d7ebcd562c180eeb5b84a3b54d3b9

Request headers

Referer: https://www.fastcompany.com/
Origin: https://www.fastcompany.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
x-cache: HIT, HIT
x-jpa-by: s3-redirect
x-by: 0932149ecf23da196:s3-redirect
x-cache-hits: 1, 71
content-length: 43306
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5146-BWI, cache-hhn4083-HHN
last-modified: Tue, 25 Sep 2018 17:49:26 GMT
server: nginx
x-timer: S1639636917.879864,VS0,VE0
etag: "2f2f3f500184b926dbcaf1acdedf5141"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=3153600001
accept-ranges: bytes
expires: Sat, 06 Dec 2031 07:22:01 GMT

GET
H2 200 CentraNo1-Book.woff
images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/CentraNo1-Book-Italic-Web/ 57 KB
58 KB 123ms
41ms Font
application/font-woff 151.101.1.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/CentraNo1-Book-Italic-Web/CentraNo1-Book.woff
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c2e9feba2a57131591142d0e7be1ee1f1defe7477b0de74a207c0daeb245f7be

Request headers

Referer: https://www.fastcompany.com/
Origin: https://www.fastcompany.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
x-cache: HIT, HIT
x-jpa-by: s3-redirect
x-by: 0932149ecf23da196:s3-redirect
x-cache-hits: 1, 75
content-length: 58809
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5172-BWI, cache-hhn4083-HHN
last-modified: Tue, 25 Sep 2018 17:49:26 GMT
server: nginx
x-timer: S1639636917.880015,VS0,VE0
etag: "228b9f876bb5d92254b6633e3a7821bd"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=3153600001
accept-ranges: bytes
expires: Sun, 02 Nov 2031 08:02:24 GMT

GET
H2 200 CentraNo1-BookItalic.woff
images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/CentraNo1-Book-Italic-Web/ 60 KB
60 KB 122ms
41ms Font
application/font-woff 151.101.1.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/CentraNo1-Book-Italic-Web/CentraNo1-BookItalic.woff
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2025033864defb543e70d082629f7e59b2a86a4c0a36e2b5638f025c2be6b7b9

Request headers

Referer: https://www.fastcompany.com/
Origin: https://www.fastcompany.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
x-cache: HIT, HIT
x-jpa-by: s3-redirect
x-by: 0a230877e27f33f53:s3-redirect
x-cache-hits: 1, 73
content-length: 61594
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5159-BWI, cache-hhn4083-HHN
last-modified: Tue, 25 Sep 2018 17:49:26 GMT
server: nginx
x-timer: S1639636917.880104,VS0,VE0
etag: "d8bce43f7eb69a799c3bc27e656babf0"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=3153600001
accept-ranges: bytes
expires: Sat, 08 Nov 2031 12:57:00 GMT

GET
H2 200 CentraNo2-BookItalic.woff
images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/CentraNo2-Web/Book-Italic/ 59 KB
59 KB 122ms
40ms Font
application/font-woff 151.101.1.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/CentraNo2-Web/Book-Italic/CentraNo2-BookItalic.woff
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e94355ffe67ac6ed4fb5de61e6d269c7f0ce3fe745c33773cf0eff433575e6b

Request headers

Referer: https://www.fastcompany.com/
Origin: https://www.fastcompany.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
x-cache: HIT, HIT
x-jpa-by: s3-redirect
x-by: 003e0b5459976ffa0:s3-redirect
x-cache-hits: 1, 71
content-length: 60566
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5176-BWI, cache-hhn4083-HHN
last-modified: Tue, 23 Feb 2021 21:06:26 GMT
server: nginx
x-timer: S1639636917.880635,VS0,VE0
etag: "434c2510223b025a3aa68d7cda9c6d36"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=3153600001
accept-ranges: bytes
expires: Sat, 29 Nov 2031 15:26:57 GMT

GET
H2 200 CentraNo2-Bold.woff
images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/CentraNo2-Web/Bold/ 40 KB
40 KB 121ms
40ms Font
application/font-woff 151.101.1.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/CentraNo2-Web/Bold/CentraNo2-Bold.woff
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 53bc15d5e085d9bb7c77dae8427c4d064a6db1d1211d91b8084eda4254e39903

Request headers

Referer: https://www.fastcompany.com/
Origin: https://www.fastcompany.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
x-cache: HIT, HIT
x-jpa-by: s3-redirect
x-by: 003e0b5459976ffa0:s3-redirect
x-cache-hits: 1, 67
content-length: 40733
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5146-BWI, cache-hhn4083-HHN
last-modified: Tue, 23 Feb 2021 21:06:23 GMT
server: nginx
x-timer: S1639636917.880776,VS0,VE0
etag: "182cc5c080bde0d0e444acce2e79fb20"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=3153600001
accept-ranges: bytes
expires: Sun, 02 Nov 2031 12:09:29 GMT

GET
H2 200 monosten-stencil-light-pro.woff
images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/Monosten-stencil-light/ 40 KB
40 KB 134ms
54ms Font
application/font-woff 151.101.1.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/Monosten-stencil-light/monosten-stencil-light-pro.woff
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b16b9f24db05d01943c33166e92aa38382e53d5daa6c1859ae7aa81cf7e6c45

Request headers

Referer: https://www.fastcompany.com/
Origin: https://www.fastcompany.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
x-cache: HIT, HIT
x-jpa-by: s3-redirect
x-by: 0932149ecf23da196:s3-redirect
x-cache-hits: 9, 62
content-length: 41139
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5174-BWI, cache-hhn4083-HHN
last-modified: Tue, 23 Feb 2021 22:57:16 GMT
server: nginx
x-timer: S1639636917.888245,VS0,VE0
etag: "c3d1b25e53e0f9f1eb01ab6f0f08d54b"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=3153600001
accept-ranges: bytes
expires: Wed, 03 Dec 2031 21:18:16 GMT

GET
H2 200 Grifito-L-Bold.woff
images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/Grifito-Grifo/Grifito-Web/ 37 KB
37 KB 120ms
40ms Font
application/font-woff 151.101.1.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/Grifito-Grifo/Grifito-Web/Grifito-L-Bold.woff
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5748291ce8dc252f2f7b80c774cd824d1bed00c3c58663629bb93aaa1c3f2337

Request headers

Referer: https://www.fastcompany.com/
Origin: https://www.fastcompany.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
x-cache: HIT, HIT
x-jpa-by: s3-redirect
x-by: 0a230877e27f33f53:s3-redirect
x-cache-hits: 1, 69
content-length: 37424
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5179-BWI, cache-hhn4083-HHN
last-modified: Tue, 25 Sep 2018 17:49:26 GMT
server: nginx
x-timer: S1639636917.880990,VS0,VE0
etag: "f3a503bb022e8c122331a68c5ce3074a"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=3153600001
accept-ranges: bytes
expires: Fri, 05 Dec 2031 09:20:59 GMT

GET
H2 200 Grifito-L-Bold-Italic.woff
images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/Grifito-Grifo/Grifito-Web/ 38 KB
38 KB 135ms
55ms Font
application/font-woff 151.101.1.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/Grifito-Grifo/Grifito-Web/Grifito-L-Bold-Italic.woff
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a10332bd53b68134ef87252e79e7cb2046b1be8eb3030b61d0e47b7ce203c18

Request headers

Referer: https://www.fastcompany.com/
Origin: https://www.fastcompany.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
x-cache: HIT, HIT
x-jpa-by: s3-redirect
x-by: 0932149ecf23da196:s3-redirect
x-cache-hits: 1, 70
content-length: 38452
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5176-BWI, cache-hhn4083-HHN
last-modified: Tue, 25 Sep 2018 17:49:26 GMT
server: nginx
x-timer: S1639636917.888420,VS0,VE0
etag: "784b572919e12593d5849c6ad3883dfd"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=3153600001
accept-ranges: bytes
expires: Fri, 05 Dec 2031 09:11:37 GMT

GET
H2 200 launch-ENf6f754d17779412f8d246f49c783f295.min.js Show response
assets.adobedtm.com/ 550 KB
107 KB 124ms
8ms Script
application/x-javascript 2a02:26f0:fb:59e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENf6f754d17779412f8d246f49c783f295.min.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 424b6a2db407e4ddc198fefe5dfe184903376f35989053c2db84358652f8d957

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 23:57:33 GMT
server: AkamaiNetStorage
etag: "30bcdce239257d9bb975d3ba7f27f89f:1638403053.667498"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fastcompany.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 108902
expires: Thu, 16 Dec 2021 07:41:56 GMT

GET
H2 200 gdpr-cmp-stub.js Show response
cdn.conversant.mgr.consensu.org/gdpr/cmp/ 1 KB
957 B 161ms
8ms Script
application/javascript 104.92.84.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/gdpr-cmp-stub.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.84.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-84-47.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8334e5eb7851550868428f192dd7d9f10d7b513381d8bb3f5606774bc78c3976

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 18:20:57 GMT
server: Apache
etag: "48a-5cc99935cdc06-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 667

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 10 KB
4 KB 130ms
15ms Script
application/javascript 104.89.31.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.31.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-31-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 22:23:11 GMT
server: Apache
etag: "2988-5b94848b276f9-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 3813
expires: Thu, 16 Dec 2021 06:56:56 GMT

GET
H2 200 fb-icon-circle-fb.svg
images.fastcompany.com/image/upload/v1576118408/ 2 KB
958 B 78ms
32ms Image
image/svg+xml 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.com/image/upload/v1576118408/fb-icon-circle-fb.svg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6fc83f31b584dfdb7ce5ae4e0adb760008834348e95e6804dec6acfb24a21191

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
x-cache: HIT, HIT
content-disposition: attachment; filename="fb-icon-circle-fb.svg"
server-timing: akam;dur=1;start=2021-11-20T17:05:30.872Z;total=1;desc=hit,rtt;dur=0
content-length: 721
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5148-BWI, cache-cdg20764-CDG
last-modified: Thu, 12 Dec 2019 02:40:10 GMT
server: nginx
x-timer: S1639636917.876018,VS0,VE1
etag: W/"2c1bd501dc96e0d8fddac9701c013d22"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31515160
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 2, 1

GET
H2 200 tw-icon-circle-tw.svg
images.fastcompany.com/image/upload/v1576118408/ 3 KB
2 KB 78ms
32ms Image
image/svg+xml 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.com/image/upload/v1576118408/tw-icon-circle-tw.svg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 467cb0d9156a3f6a25c0d3519c19dea339119641e21630a939ca14bc034350c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
x-cache: HIT, HIT
content-disposition: attachment; filename="tw-icon-circle-tw.svg"
server-timing: akam;dur=1;start=2021-12-01T11:18:07.301Z;total=1;desc=hit,rtt;dur=1
content-length: 1247
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5143-BWI, cache-cdg20764-CDG
last-modified: Thu, 12 Dec 2019 02:40:10 GMT
server: nginx
x-timer: S1639636917.875875,VS0,VE1
etag: W/"66ef9ceb19c4b7e4c8fcc361817569cf"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31554661
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 insta-icon-circle-in.svg
images.fastcompany.com/image/upload/v1576118408/ 4 KB
2 KB 78ms
32ms Image
image/svg+xml 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.com/image/upload/v1576118408/insta-icon-circle-in.svg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0020ace5cc6cfb1333a18cffc7532d6cebdb75cfddf5607c2fede40bb197df24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
x-cache: HIT, HIT
content-disposition: attachment; filename="insta-icon-circle-in.svg"
server-timing: akam;dur=8;start=2021-11-17T23:53:58.943Z;total=101;desc=miss,rtt;dur=1
content-length: 1506
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5149-BWI, cache-cdg20764-CDG
last-modified: Thu, 12 Dec 2019 02:40:10 GMT
server: nginx
x-timer: S1639636917.876164,VS0,VE1
etag: W/"1d683f0c4524f27e94ca74247101c62f"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31557568
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 linkedin-icon-circle-li.svg
images.fastcompany.com/image/upload/v1576118408/ 2 KB
1 KB 78ms
32ms Image
image/svg+xml 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.com/image/upload/v1576118408/linkedin-icon-circle-li.svg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9f976f76688d755b7d352e1fd777662af17c6ef501b1143275a8ead5459a026f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
x-cache: HIT, HIT
content-disposition: attachment; filename="linkedin-icon-circle-li.svg"
server-timing: akam;dur=9;start=2021-11-04T07:54:03.808Z;total=78;desc=miss,rtt;dur=0
content-length: 866
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5160-BWI, cache-cdg20764-CDG
last-modified: Thu, 12 Dec 2019 02:40:10 GMT
server: nginx
x-timer: S1639636917.876299,VS0,VE1
etag: W/"3f73f3cfda40c8f15ad442ef3fbecf6a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-5/html/ 0
0 98ms
6ms Other
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-5/html/container.html
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 122276X1583643.skimlinks.js Show response
s.skimresources.com/js/ 36 KB
14 KB 109ms
13ms Script
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/122276X1583643.skimlinks.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 923257274e76e65d81e65879aae56392ded66f7e15d4eeaa4e0523db2969ad5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 09:37:37 GMT
server: AmazonS3
x-amz-request-id: E74YYENMBWVF18PD
etag: "37e20060b450f0a946f0a16f60b4c964"
x-hw: 1639636916.cds147.fr8.hn,1639636916.cds013.fr8.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 13877
x-amz-id-2: yFeQxZiO8I6Qiegx0B9GVVwMEnKkwLJZfEaheQ0kGK+/lMj/lDegW6lxb/k5DRvnDPiFppIkznQ=

GET
H2 200 queryly.v3.js Show response
www.queryly.com/js/ 27 KB
6 KB 75ms
25ms Script
application/x-javascript 2606:4700:20::ac43:497c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.queryly.com/js/queryly.v3.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:497c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f07e74aee534e55d927bede6c3f6abccc67e0df30aac622e8c61ef6abbfcdb71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52889
x-powered-by: ASP.NET
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
last-modified: Fri, 13 Nov 2020 15:55:40 GMT
server: cloudflare
etag: W/"066456fd5b9d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dMsvDKFn5%2FF1Wawkfy6xwM4hKiYtB69M3uznB2K0DPSdV%2BvHy6IilxZdsWfyAwTSaPrqm28KDjVNP8U%2Bk2%2BoKzcsWtP3%2FyMyFXFRq4FQHMLzwsKTxIlZ%2FcwMFV7XBBBM9t2seAR2Gxw%2FwfYMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 6be5edcafef5e8ff-MXP
access-control-allow-headers: *

GET
H2 200 fastcompany-advanced-search.js Show response
www.queryly.com/js/ 14 KB
4 KB 68ms
31ms Script
application/x-javascript 2606:4700:20::ac43:497c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.queryly.com/js/fastcompany-advanced-search.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:497c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 71a06ca90d4fe76a7b92430e6567711b8bb5f3f9e5b27c916b5ceb29ff8e9389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52889
x-powered-by: ASP.NET
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
last-modified: Wed, 22 Apr 2020 02:43:08 GMT
server: cloudflare
etag: W/"04663c14f18d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHMk3208CjqXukWlTc%2BIoLN5TALBSXnXWeQzKHC800CmStjH46hCyv2bv61yOgDFc%2Bl0ejChEv26LtKfUAJe7ONFREgF2FcZ3n9QISbUad0nmQ3HsXc9ulqdBaS2Lys0g8lWbqOoDtOxEhYisw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 6be5edcafef6e8ff-MXP
access-control-allow-headers: *

GET
H2 200 knotch.min.js Show response
www.knotch-cdn.com/unit/latest/ 149 KB
37 KB 74ms
10ms Script
application/javascript 2600:9000:2156:1a00:12:1bcc:1d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.knotch-cdn.com/unit/latest/knotch.min.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1a00:12:1bcc:1d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77f223c2e54ef5c59d84f41a22f6aba61255453b43688d81b7178d1a03ae1a2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 20:55:22 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 20:55:19 GMT
server: AmazonS3
age: 121595
etag: W/"b2de0e71bdd8adffcde57765b915882a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: nY3f5NnABYK4ET-91o9iXO8Qg78U_tXyhdK4cLhv_nKdSqF_rU5eEA==

GET
H2 200 index.js Show response
assets.fastcompany.com/multisite_files/fastcompany/debug/ 298 KB
86 KB 20ms
18ms Script
application/javascript 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.fastcompany.com/multisite_files/fastcompany/debug/index.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9d8ccbf853c0a98db0c4d2f2ba86fd690e0510c7855a26a1fc9d5d10b7f08713

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:56 GMT
content-encoding: gzip
x-cache: HIT, HIT
x-jpa-by: s3-redirect
x-by: 0932149ecf23da196:s3-redirect
x-cache-hits: 1, 23
content-length: 88170
x-served-by: cache-iad-kcgs7200162-IAD, cache-cdg20764-CDG
last-modified: Thu, 16 Dec 2021 02:53:30 GMT
server: nginx
x-timer: S1639636917.922248,VS0,VE0
etag: W/"3ed7678d0026a98944e17c9ebf1d02c9"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=3153600003
accept-ranges: bytes
expires: Sun, 14 Dec 2031 02:53:30 GMT

GET
H2 200 polyfill.js Show response
cdn.polyfill.io/v2/ 6 KB
2 KB 93ms
17ms Script
text/javascript 2a04:4e42::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.js?features=es6

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

144d53d3d034b437de8514a316f211d0a2fa7ee4ac7842394dc270c949215d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1315153
detected-user-agent: Chrome Mobile/96.0.4664
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length: 1384
referrer-policy: origin-when-cross-origin
last-modified: Tue, 30 Nov 2021 20:16:40 GMT
date: Thu, 16 Dec 2021 06:41:56 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/96.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/142603/ Frame C421
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/142603/connatix.playspace.dc.js

1 MB
245 KB

42ms
7ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/142603/connatix.playspace.dc.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4a686d1abaacdaa9e66f978957087d85e258991489779b45044f8f3963d0c850

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: br
last-modified: Wed, 15 Dec 2021 12:18:57 GMT
age: 66128
etag: "107e5ad4caa3589504562f0d1bacb96e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 250439

Redirect headers

location: https://cds.connatix.com/p/142603/connatix.playspace.dc.js
date: Thu, 16 Dec 2021 06:41:57 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
server: Kestrel
accept-ranges: bytes
content-length: 0

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 87ms
9ms Script
application/javascript 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 04:47:05 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 6893
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 7tMIirEkUMN1QQr3qvdO_XD9Kx7jG9qQVw_JQG0otr2r6BsD09Q2Vg==

GET
H2 200 m
secure-us.imrworldwide.com/cgi-bin/ 44 B
369 B 234ms
32ms Image
image/gif 54.72.156.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-805310h&cg=0&cc=1&si=https%3A//www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&rp=&ts=compact&rnd=1639636916947
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.156.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-156-114.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:41:57 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6050
date: Thu, 16 Dec 2021 05:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 16 Dec 2021 07:01:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: zxQJE70XHblisGIKhalRSU/Q8F97V5h1CigUHNb2gocA2Zb39+TQUCZqdVrlXtPG94ejRWAesf4bn+RXE4QbFg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 16 Dec 2021 06:41:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 b-7b120a5-95efb4fa.js Show response
tagan.adlightning.com/mansueto/ 72 KB
28 KB 11ms
10ms Script
application/javascript 13.225.87.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/mansueto/b-7b120a5-95efb4fa.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-127.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb610907af4023a24a8d68558c6b858b3943ad1d9e0fb8df8ba1d3e913fbe64e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 04:31:16 GMT
content-encoding: gzip
age: 2772642
x-cache: Hit from cloudfront
content-length: 27972
x-amz-meta-git_commit: 7b120a5
last-modified: Tue, 03 Aug 2021 18:05:42 GMT
server: AmazonS3
etag: "bb515e77ceac8f96785c444691f0dad1"
x-amz-version-id: K1r.GkyUB7RPVTtMl2I8..s_J0pyl0vb
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: lpjMC52ElNkd9g8mjdSj9JY5nCMN0dl9YKE-zuvX5OcOIA8Ecv1siQ==

GET
H2 200 bl-0af0356-4d043dd5.js Show response
tagan.adlightning.com/mansueto/ 55 KB
24 KB 16ms
16ms Script
application/javascript 13.225.87.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/mansueto/bl-0af0356-4d043dd5.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-127.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33a64b60a92b6ec76f8f209c28b536284978a302b4596eb87ccfe4f1e48e7b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 08:33:05 GMT
content-encoding: gzip
age: 166132
x-cache: Hit from cloudfront
content-length: 23645
x-amz-meta-git_commit: 0af0356
last-modified: Tue, 14 Dec 2021 08:01:33 GMT
server: AmazonS3
etag: "4bfe502b1b41edb4f614e958ba12bd4b"
x-amz-version-id: n4Z8wCa_ffzKayBpFBm71HN1I1haLIYY
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: qgFswhZUWDArI-FOcjjOFQoWOR7oV-MgQ-0KxQ9fQuNXlTpuaqs_KA==

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 22ms
22ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Dec 2021 06:41:57 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 236 B
157 B 32ms
17ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.fastcompany.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

639bbd25ee29fa8b65971327d4f0d97bd57d975998d78053db3a3e8e44307718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132
x-xss-protection: 0
expires: Thu, 16 Dec 2021 06:41:57 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 785 B
960 B 207ms
36ms Script
text/html 18.170.183.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-V4506LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-CyV0nPQ2oUtvHw%3D%3D&sc=1&os=1-pg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&pcode=mansuetoprebidheader15141606144&rx=159220639693&callback=MoatNadoAllJsonpRequest_81590172
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/mansuetoprebidheader15141606144/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.170.183.138 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-170-183-138.eu-west-2.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: c196c5f92d3821aadb1442dc481525f46a2fc03bdd856d097bf5b20f2c563a03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "290d7d4e724a2c4881f74257f4a1f1959010e63e"
content-length: 785
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 111 B
285 B 236ms
29ms Script
text/html 18.169.85.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-V4506LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-CyV0nPQ2oUtvHw%3D%3D&sc=1&os=1-pg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&pcode=mansuetoprebidheader15141606144&rx=159220639693&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=MANSUETODFPCW_PREBID_HEADER1&hp=1&wf=1&pxm=4&sgs=3&zMoatPS=-&zMoatCT=-&zMoatSC=-&zMoatAB=-&zMoatTC=-&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1639636917087&de=665173668605&m=0&ar=b4ef6301e0a-clean&iw=bb51bf5&q=1&cb=0&cu=1639636917087&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=mansuetoprebidheader15141606144&fd=1&ac=1&it=500&pe=1%3A-%3A-%3A0%3A0&jm=-1&fs=196202&na=1709193857&cs=0&ord=1639636917087&jv=1810279269&callback=DOMlessLLDcallback_81590172
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/mansuetoprebidheader15141606144/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.85.185 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-85-185.eu-west-2.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 876afcaae2b9884eea5c0ca8ecd653839557d63be7820f0b48e5f854dc4aa1d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "dcf07ba98baebc27acfaff58d8d0c3a87d412106"
content-length: 111
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 113 B
288 B 230ms
24ms Script
text/html 18.169.85.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-V4506LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-CyV0nPQ2oUtvHw%3D%3D&sc=1&os=1-pg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&pcode=mansuetoprebidheader15141606144&rx=159220639693&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=MANSUETODFPCW_PREBID_HEADER1&hp=1&wf=1&pxm=4&sgs=3&zMoatPS=-&zMoatCT=-&zMoatSC=-&zMoatAB=-&zMoatTC=-&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1639636917087&de=665173668605&m=0&ar=b4ef6301e0a-clean&iw=bb51bf5&q=2&cb=0&cu=1639636917087&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=mansuetoprebidheader15141606144&fd=1&ac=1&it=500&pe=1%3A-%3A-%3A0%3A0&jm=-1&fs=196202&na=666952544&cs=0&callback=MoatDataJsonpRequest_81590172
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/mansuetoprebidheader15141606144/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.85.185 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-85-185.eu-west-2.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: d4129cca4034a52a3eae45fc5517043d9350ff759a0bc6d4756c0ed327bcfbcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "34af0ffaec31e97517ea9f90cc98f2ac930708a4"
content-length: 113
content-type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame 3484 1 KB
2 KB 24ms
24ms Document
text/html 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/mansuetoprebidheader15141606144/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/

Response headers

x-amz-id-2: cMTMm/T5i/x+FajcHkVdFOSmWAZag3PGFBeFtprKDfuotZYacHPbNTZ9It13lKcp9wxjAAroOng=
x-amz-request-id: 3AF06B645285EDE5
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
accept-ranges: bytes
content-type: text/html
content-length: 1374
server: AmazonS3
cache-control: max-age=1826
date: Thu, 16 Dec 2021 06:41:57 GMT

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 41 KB
15 KB 15ms
15ms Script
application/javascript 104.89.31.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.31.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-31-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d7cd09b590143e055a2a0bbfa2b87359e72b419db9f29ecdf3e946fc08c74a56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 22:23:11 GMT
server: Apache
etag: "a253-5b94848b276f1-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 14886
expires: Thu, 16 Dec 2021 06:56:57 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 29 KB
13 KB 174ms
35ms Script
application/javascript 52.208.138.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?16112021
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.138.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-138-90.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8c50937ee5190c53fa7106a2b25714386f2fb1457598ac2b60fd25f7a6a24eea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:41:56 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=86400
transfer-encoding: chunked
Connection: keep-alive

GET
H2 200 load Show response
api.tinypass.com//xbuilder/experience/ 4 KB
2 KB 112ms
32ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tinypass.com//xbuilder/experience/load?aid=UnG6aKcRpu&ccb=z2x

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb5a084db3cf3d8159d8d77657d3b8c235a69f60ab78b3cc0008167e8b870354

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 2278
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: Cm6274r6LAy
pragma
wn: prod-dash-10-0-89-219
last-modified: Thu, 16 Dec 2021 06:03:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=utf-8
server-time: 0.012
cache-control: public, max-age=1800
cf-ray: 6be5edccbf07599b-MXP
expires: Thu, 16 Dec 2021 07:11:57 GMT

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 97ms
24ms Script
application/javascript 2606:4700:3037::6815:3c3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3c3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1694
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: B0NVRVPXYP5PAK8P
x-amz-id-2: c8KPV5HIQMv5Yko4bl1ZUFMe7C94dA0KgtVlblhHzO9cDwlqsrm6txK5tIgaNE6FKM0QicEyFoc=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FUoxXPeuaquqGB61hrKu1WYruHFBTwvozvHHftVxJ5M4Er2B%2FPxdX5xCA5%2FkHcHx630FS2SFn73W5yQs3VzWBqTZyJ%2FEWniwtBQuFBjIXiZM32dHziGEWNXNpdJSPYiMdSujz79BQkDSTWU7mw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray: 6be5edccac110e16-MXP

GET
DATA 200
OK truncated
/ 405 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ef1fe8dcbac5137a6f0805540acc2ad2d3561167bcae4787d8fac78c2f5dd8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 367 B
1 KB 213ms
37ms XHR
application/json 34.252.195.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=283B366E5AFAA4490A495E0C%40AdobeOrg&d_nsid=0&ts=1639636917176

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf6f754d17779412f8d246f49c783f295.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.195.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-195-31.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d137349d6e17a001bc98e160a8114b7eefeb5bf7018082cfb0c15b96339e0503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.fastcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v025-0db22fa20.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: f2qioGfmReY=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.fastcompany.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 307
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/ 33 KB
12 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:fb:59e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 21:37:16 GMT
server: AkamaiNetStorage
etag: "820eb42f3120ddf65e303b24a8285815:1634593036.305122"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fastcompany.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12200
expires: Thu, 16 Dec 2021 07:41:57 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/ 3 KB
2 KB 9ms
9ms Script
application/x-javascript 2a02:26f0:fb:59e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 21:37:16 GMT
server: AkamaiNetStorage
etag: "abbe69e5c8f385f00652c3d0c2bba347:1634593036.557115"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.fastcompany.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Thu, 16 Dec 2021 07:41:57 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 74ms
8ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kcgs7200174-IAD, cache-fra19133-FRA

GET
H2 200 FC_Logo_2018_amgwhf.svg
images.fastcompany.net/image/upload/v1538500532/fcweb/ 4 KB
2 KB 17ms
16ms Image
image/svg+xml 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/v1538500532/fcweb/FC_Logo_2018_amgwhf.svg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7bc5730a55033b849c530009d4190549acbd768efafa83c8c43af83a1519604

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: gzip
x-cache: HIT, HIT
content-disposition: attachment; filename="FC_Logo_2018_amgwhf.svg"
server-timing: akam;dur=1;start=2021-11-04T07:52:58.393Z;total=13;desc=miss,rtt;dur=0
content-length: 1962
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5183-BWI, cache-cdg20764-CDG
last-modified: Tue, 02 Oct 2018 17:15:34 GMT
server: nginx
x-timer: S1639636917.198136,VS0,VE0
etag: W/"c8d64fbc313ea2c039302d30356a0350"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31557103
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 3

GET
H2 200 3_Line_Burger_ffffff2x_tiojxh.svg
images.fastcompany.net/image/upload/v1540915228/fcweb/ 993 B
816 B 17ms
16ms Image
image/svg+xml 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/v1540915228/fcweb/3_Line_Burger_ffffff2x_tiojxh.svg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8fe374513f376ded47b934cc6e453539ad6b1f771e1e123ff11d571e789708b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: gzip
x-cache: HIT, HIT
cache-tag: 225130959147299123394984979684056066080,c6d09d6a2d1428f58e8cf68b8654cb10
content-disposition: attachment; filename="3_Line_Burger_ffffff2x_tiojxh.svg"
server-timing: akam;dur=12;start=2021-12-10T07:09:12.597Z;total=116;desc=miss,rtt;dur=0
content-length: 471
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5180-BWI, cache-cdg20764-CDG
last-modified: Tue, 30 Oct 2018 16:00:31 GMT
server: nginx
x-timer: S1639636917.198383,VS0,VE0
etag: "bdad9a0a117225c811e076f644709c33"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31557550
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 3

GET
H2 200 right-arrow-white.svg
images.fastcompany.com/image/upload/v1572915268/ 265 B
621 B 18ms
16ms Image
image/svg+xml 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.com/image/upload/v1572915268/right-arrow-white.svg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 484826141337d13f2cd7d5c95a33605036d798dec9e68683a8aad795fd0f9639

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: gzip
x-cache: HIT, HIT
cache-tag: 185941220399499483798861097278004868714,c6d09d6a2d1428f58e8cf68b8654cb10
content-disposition: attachment; filename="right-arrow-white.svg"
server-timing: akam;dur=10;start=2021-12-08T06:51:47.399Z;total=130;desc=miss,rtt;dur=0
content-length: 201
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5137-BWI, cache-cdg20764-CDG
last-modified: Tue, 05 Nov 2019 00:54:30 GMT
server: nginx
x-timer: S1639636917.200308,VS0,VE1
etag: "26c77c0afd2c9409bf57627cb1c70220"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31557567
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 icon-fastcoworks-W.svg
images.fastcompany.com/image/upload/v1576116466/ 2 KB
1 KB 17ms
17ms Image
image/svg+xml 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.com/image/upload/v1576116466/icon-fastcoworks-W.svg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 83d12e1cb5a998b420c95a66450358827f359008775541d0800211911727addb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: gzip
x-cache: HIT, HIT
content-disposition: attachment; filename="icon-fastcoworks-W.svg"
server-timing: akam;dur=6;start=2021-11-23T10:52:45.481Z;total=204;desc=miss,rtt;dur=1
content-length: 824
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5150-BWI, cache-cdg20764-CDG
last-modified: Thu, 12 Dec 2019 02:07:49 GMT
server: nginx
x-timer: S1639636917.217613,VS0,VE1
etag: W/"4b3d2bb972b59020c95b2daf221ac923"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 carrot-right-fix.svg
images.fastcompany.net/image/upload/v1491842542/fcweb/ 207 B
456 B 16ms
16ms Image
image/svg+xml 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/v1491842542/fcweb/carrot-right-fix.svg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f97f7aa4ee00194377f6cf4ca87aba18f52027af5bed7b947811ab204b8dcda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: gzip
x-cache: HIT, HIT
content-disposition: attachment; filename="carrot-right-fix.svg"
server-timing: akam;dur=1;start=2021-11-18T05:59:04.330Z;total=1;desc=hit,rtt;dur=0
content-length: 181
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5178-BWI, cache-cdg20764-CDG
last-modified: Mon, 10 Apr 2017 16:42:24 GMT
server: nginx
x-timer: S1639636917.200597,VS0,VE0
etag: "3627951a81e665630c7eee6ce68b078b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31556539
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 3

GET
H2 200 latest-cover.jpg
www.fastcompany.com/magazine/ 34 KB
35 KB 98ms
98ms Image
image/jpeg 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastcompany.com/magazine/latest-cover.jpg

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.54 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

9329412a9f44aea1afa78563546eb3623d5a61b33272b6e43362516a1caa485d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 3431
x-dns-prefetch-control: off
x-cache: MISS, HIT, HIT, HIT, MISS
status: 200 OK
server-timing: akam;dur=5;start=2021-12-01T21:31:36.110Z;total=430;desc=miss,rtt;dur=0
content-length: 34734
x-xss-protection: 1; mode=block
x-request-id: b8aa6bf1a96d4a74d645ea71dd780f03
x-served-by: cache-bwi5167-BWI, cache-iad-kjyo7100058-IAD, cache-lga21971-LGA, cache-iad-kiad7000068-IAD, cache-cdg20764-CDG
last-modified: Wed, 01 Dec 2021 21:31:37 GMT
server: nginx
x-timer: S1639636917.200704,VS0,VE79
x-frame-options: SAMEORIGIN
date: Thu, 16 Dec 2021 06:41:57 GMT
x-download-options: noopen
vary: User-Agent, Cookie, X-abtest
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=0
etag: "6975d98f1a8db7c7026b6203ba1b8241"
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 0, 10124, 855, 1, 0

GET
H2 200 fc-icon11.ttf
images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/fc-app-2017/fc-icons/ 9 KB
9 KB 8ms
8ms Font
binary/octet-stream 151.101.1.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/fc-app-2017/fc-icons/fc-icon11.ttf?pa1lh4
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3aa3d911a5f9781f1d29ca70ab2be76b2b8dccda8a17be68af79b60f1d4f1329

Request headers

Referer: https://www.fastcompany.com/
Origin: https://www.fastcompany.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-jpa-by: s3-redirect
x-by: 0932149ecf23da196:s3-redirect
x-cache-hits: 1, 63
content-length: 9028
x-served-by: cache-bwi5174-BWI, cache-hhn4083-HHN
last-modified: Wed, 19 Apr 2017 19:00:46 GMT
server: nginx
x-timer: S1639636917.198129,VS0,VE0
etag: "5fd91644d9d65b5e0780c2921ba52ab9"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
expires: Sat, 22 Nov 2031 06:56:06 GMT

GET
H2 200 fa-brands-400.woff2
images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/assets/webfonts/ 74 KB
74 KB 8ms
8ms Font
binary/octet-stream 151.101.1.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/assets/webfonts/fa-brands-400.woff2
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843

Request headers

Referer: https://www.fastcompany.com/
Origin: https://www.fastcompany.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-jpa-by: s3-redirect
x-by: 0932149ecf23da196:s3-redirect
x-cache-hits: 1, 29
content-length: 75336
x-served-by: cache-bwi5148-BWI, cache-hhn4083-HHN
last-modified: Mon, 25 Nov 2019 22:55:15 GMT
server: nginx
x-timer: S1639636917.198270,VS0,VE0
etag: "cccc9d29470e879e40eb70249d9a2705"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
expires: Fri, 28 Nov 2031 07:18:35 GMT

GET
H2 200 moatcontent.js Show response
z.moatads.com/mansuetocontent806566985637/ 178 KB
57 KB 13ms
12ms Script
application/x-javascript 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/mansuetocontent806566985637/moatcontent.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: dce3f04c40d165d746da68219b6a756a1783fefe4038567d78cf4b55dae5409f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 16:58:35 GMT
server: AmazonS3
x-amz-request-id: 6DB2B416871774E7
etag: "af301569c32146bc13bc487d20a5e559"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=61122
accept-ranges: bytes
content-length: 58245
x-amz-id-2: 63ZCJtNGVbr/8X4yMhwuarQtTDNqjNmx5F6yDEpNuZ3pff2l+9awmjxTxfDpBKJVr144DwUczxc=

POST
H2 200 / Show response
r.skimresources.com/api/ 164 B
354 B 97ms
17ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/122276X1583643.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

2013bf4a84e0a09119fb94df8a6055b10bb55520bc996bc63519de8c3af1e86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fastcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.fastcompany.com
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame A965 0
102 B 49ms
17ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.7698588618956252
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
via: 1.1 google
server: Python/3.7 aiohttp/3.5.4
alt-svc: clear
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
244 B 88ms
15ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=2.56382870094449
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 88ms
16ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=2.56382870094449
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 92ms
8ms Script
application/javascript 143.204.101.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-156.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 08:31:06 GMT
Via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
Age: 79851
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/javascript
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: dxWz9Kz2b7AHHZofXQs9uYGH7e7mXoWsnOJwLRxJhYtTjy5zk79Dvg==
Expires: Thu, 16 Dec 2021 08:31:06 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 31ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2094130915&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&ul=en-us&de=UTF-8&dt=Kronos%20ransomware%20attack%3A%20The%20nightmare%20that%20could%20hit%20paychecks%20right%20before%20Christmas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEADAAAAAC~&jid=1951799557&gjid=547164752&cid=228701361.1639636917&tid=UA-4300461-2&_gid=9653619.1639636917&_r=1&_slc=1&z=2115647971

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fastcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:41:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fastcompany.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 29ms
15ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2094130915&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&ul=en-us&de=UTF-8&dt=Kronos%20ransomware%20attack%3A%20The%20nightmare%20that%20could%20hit%20paychecks%20right%20before%20Christmas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEADAAAAAC~&jid=82693859&gjid=1901679156&cid=228701361.1639636917&tid=UA-4300461-33&_gid=9653619.1639636917&_r=1&_slc=1&cd1=fastcompany&cd2=news&cd6=2021-12-14&cd7=article&cd8=2&cd9=0&cd4=Connie%20Lin&cd5=Fast%20Company&cd3=notag&z=120614714

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fastcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:41:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fastcompany.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1389601884702365 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 19ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1389601884702365?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

61ec8804e682ece9118faca78152eb762eb7340be4647e291b68a393d969af3f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89314
x-xss-protection: 0
pragma: public
x-fb-debug: CQg7U7EFvWL3uVA172yJmg3Rzzvh+k9h2USYb1ykrv3QO1G9uZ/VdXQpD9xAnkerEI6rcxfutzX9wMBKiVU5Kg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 16 Dec 2021 06:41:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6916907&ns__t=1639636917343&ns_c=UTF-8&cv=3.5&c8=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&c7=https%3A%2F%2Fwww.fastcompany....
https://sb.scorecardresearch.com/b2?c1=2&c2=6916907&ns__t=1639636917343&ns_c=UTF-8&cv=3.5&c8=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&c7=https%3A%2F%2Fwww.fastcompany...

0
223 B

12ms
10ms

Image
text/plain

13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6916907&ns__t=1639636917343&ns_c=UTF-8&cv=3.5&c8=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&c7=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&c9=
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: ttYJt6b5mldKjEZWbVqjgC3LvtwKyjlDbjvDJ-BAa9J-AnjPrY4o7w==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 16 Dec 2021 06:41:57 GMT
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6916907&ns__t=1639636917343&ns_c=UTF-8&cv=3.5&c8=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&c7=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&c9=
content-length: 349
x-amz-cf-id: ubB8blAueJ9V5XlpvYRgOuoYW9yebCBaUoWUa0z5TDpRjEGLhaFaQw==

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
832 B 217ms
110ms Script
application/javascript 2a02:26f0:fb:5ae::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:5ae::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "95580b4fad0d5513b92f05a5be0d5a38"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
x-fallback: 70a44fb-95.100.153.109
accept-ranges: bytes
content-length: 583
access-control-expose-headers: X-CDN

GET
H/1.1 200
OK c=E6RJ_f=mint Show response
ac.realvu.net/flip/2/ 46 B
356 B 467ms
101ms Script
application/javascript 54.174.97.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.realvu.net/flip/2/c=E6RJ_f=mint
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf6f754d17779412f8d246f49c783f295.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.97.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-97-254.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0e96a539eaf05d960e765d377db10a4381a180cb201dc905a3d4f6a7d9c4c661

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:41:57 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3600
Connection: keep-alive
Content-Length: 65
X-Proxy-Cache: BYPASS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 47ms
21ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-4300461-33&l=dataLayer

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ded7bf92e0da0cdd6a12d9d855ef927cc321b27f6d53c904383561335795e0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36228
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Dec 2021 06:41:57 GMT

GET
H2 200 polyfill.js
cdn.polyfill.io/v2/ 6 KB
1 KB 19ms
16ms Other
text/javascript 2a04:4e42::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.js?features=es6

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

144d53d3d034b437de8514a316f211d0a2fa7ee4ac7842394dc270c949215d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1315153
detected-user-agent: Chrome Mobile/96.0.4664
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=0
content-length: 1384
referrer-policy: origin-when-cross-origin
last-modified: Tue, 30 Nov 2021 20:16:40 GMT
date: Thu, 16 Dec 2021 06:41:57 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/96.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 omniture-scode-prod.js Show response
images.fastcompany.net/assets/js/vendor/omniture/ 45 KB
17 KB 20ms
18ms Script
application/javascript 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images.fastcompany.net/assets/js/vendor/omniture/omniture-scode-prod.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 46d178543a800f514259152952beaaecfc96437763783e9bb9c36185ecb90e32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: gzip
x-cache: HIT, HIT
x-jpa-by: s3-redirect
x-by: 0932149ecf23da196:s3-redirect
x-cache-hits: 1, 2
content-length: 16744
x-served-by: cache-bwi5143-BWI, cache-cdg20764-CDG
last-modified: Tue, 06 Mar 2018 16:48:25 GMT
server: nginx
x-timer: S1639636917.400489,VS0,VE0
etag: W/"f3bef6c985fc617c0daa5840259c8d4d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 20 Nov 2031 09:05:44 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 85ms
14ms Script
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/assets.fastcompany.com/assets/js/vendor/prebid/mansueto_tam.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding: gzip
etag: 1e39d25f07f5619925357b752ab10d04
age: 31
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0ZCZ5KQHCK32ZJC0DBHW
date: Thu, 16 Dec 2021 06:41:27 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bafba29f1325f15932567e0ae2d444a5.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: FRAbw7UTp4zMZSL5XhpngutFR4T9NwF83Bk91jpHVy77Yw4HNXmMIA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 66ms
21ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4300461-2&cid=228701361.1639636917&jid=1951799557&gjid=547164752&_gid=9653619.1639636917&_u=YEDAAEACAAAAAC~&z=886528448

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fastcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 16 Dec 2021 06:41:57 GMT
content-type: text/plain
access-control-allow-origin: https://www.fastcompany.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 66ms
21ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4300461-33&cid=228701361.1639636917&jid=82693859&gjid=1901679156&_gid=9653619.1639636917&_u=YEDAAEADAAAAAC~&z=1717397799

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fastcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 16 Dec 2021 06:41:57 GMT
content-type: text/plain
access-control-allow-origin: https://www.fastcompany.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
mansueto.demdex.net/ Frame CD06 7 KB
3 KB 154ms
34ms Document
text/html 46.137.57.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mansueto.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.137.57.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-46-137-57-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Thu, 16 Dec 2021 06:41:57 GMT
DCS: dcs-prod-irl1-1-v025-018e0601d.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 15 Dec 2021 14:54:44 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: SohdlAWER4U=
transfer-encoding: chunked
Connection: keep-alive

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YbrftQAAAFKhbQO1
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=43467505268114911281011497352994340986
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YbrftQAAAFKhbQO1

42 B
945 B

34ms
34ms

Image
image/gif

34.252.195.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YbrftQAAAFKhbQO1

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

HTTP/1.1

Server

34.252.195.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-195-31.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v025-095851f26.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: OR2BfRsJRkc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YbrftQAAAFKhbQO1
Date: Thu, 16 Dec 2021 06:41:57 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2

200

analytics-1.5.12.min.js Show response
cdn.keywee.co/dist/
Redirect Chain

https://cdn.keywee.co/dist/analytics.min.js
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

22 KB
8 KB

12ms
12ms

Script
application/javascript

2600:9000:2315:4200:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Server: 2600:9000:2315:4200:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 10:29:32 GMT
content-encoding: gzip
last-modified: Mon, 28 Dec 2020 09:55:56 GMT
server: AmazonS3
age: 72745
etag: W/"13a05c433850fad0455e2ee1a1707eb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
cache-control: max-age=259200,public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: 4MoeXJluJXAm--xpaE_N2ivNicCMNXRZ2zhV8aUnAt577RLQ4d7W1w==

Redirect headers

date: Thu, 16 Dec 2021 04:01:56 GMT
via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
server: AmazonS3
age: 9602
x-cache: Hit from cloudfront
location: /dist/analytics-1.5.12.min.js
x-amz-cf-pop: DUS51-P2
content-length: 0
x-amz-cf-id: k0ngeqELsOicrpCst8FWkEC5AJOth3o828sRPtCTCp3XNgQMdAOwRA==

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 396 KB
122 KB 51ms
42ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: api.tinypass.com
URL: https://api.tinypass.com//xbuilder/experience/load?aid=UnG6aKcRpu&ccb=z2x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9debc82c2703c79907ee189ca1404abee05651130549d37eae1a5d088e12614

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2309
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wn: prod-dash-10-0-117-174
last-modified: Thu, 16 Dec 2021 05:51:10 GMT
server: cloudflare
etag: W/"405436-1639633870193"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=7200
cf-ray: 6be5edcee9e4599b-MXP
expires: Thu, 16 Dec 2021 08:41:57 GMT

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 406 B
616 B 171ms
14ms XHR
application/json 2a02:fa8:8806:12::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.0.8&lid=344
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: a2d6d6de0c610c85579b1b439c2e85e998969fb733d131c8243a510ca8726abd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.fastcompany.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 406
expires: Thu, 16 Dec 2021 07:11:57 GMT

GET
H/1.1 200
OK hjdebh67699dwnjldw00.js Show response
d2t7a3zbo166a9.cloudfront.net/abp/ 0
640 B 24ms
8ms XHR
application/javascript 18.66.92.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2t7a3zbo166a9.cloudfront.net/abp/hjdebh67699dwnjldw00.js
Requested by: Host: d2qhg50jab93jy.cloudfront.net
URL: https://d2qhg50jab93jy.cloudfront.net/js/fc3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-228.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: yhxwpie090r5WypFBDr8Q7Ddd4DtONvl
Via: 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 12834
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Tue, 17 Nov 2020 00:51:30 GMT
Server: AmazonS3
Date: Thu, 16 Dec 2021 03:08:04 GMT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: FRA56-P2
Accept-Ranges: bytes
X-Amz-Cf-Id: eGI3g1xBk-i3GvmH-vQQ4_-2i9omXGkJL7bDQvDZe0ehOxjuYz6jJQ==
x-amz-meta-s3b-last-modified: 20201117T005102Z

GET
H/1.1 200
OK fc-x-white.png
d2qhg50jab93jy.cloudfront.net/images/ 310 B
867 B 589ms
589ms Image
image/png 108.156.253.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2qhg50jab93jy.cloudfront.net/images/fc-x-white.png
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.253.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc7e94d1223f1505655b924e597b7d93a725fb0de3ae49e851c17379d232c67b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: Y29pMtUO6RMD4.RW_T.38y.szqIT8zuW
Via: 1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
Last-Modified: Tue, 18 May 2021 18:21:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-P2
ETag: "46552b15d61707c2b9f387ce6acef033"
X-Cache: RefreshHit from cloudfront
Content-Type: image/png
Date: Thu, 16 Dec 2021 06:41:59 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 310
X-Amz-Cf-Id: rPnOrKZUUEDLv42qNyKuLlyR1l03msuRrLp-Z-rnsKith4q2So-sjA==
x-amz-meta-s3b-last-modified: 20210518T182049Z

GET
H3 200 container.html
tpc.googlesyndication.com/safeframe/1-0-5/html/ 0
0 26ms
8ms Other
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-5/html/container.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 1432.html Show response
drlimmode9ddd.cloudfront.net/f/3eJyrVspUslJQMjQxNlLSUVAqB3HSEotLkvNzCxLzKvWANEi8BCwOYuXnpcZn5gG5hrUA4rMQYA====/ Frame 4126 568 B
808 B 242ms
166ms Document
text/html 2600:9000:224a:3600:1d:1e33:7c40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://drlimmode9ddd.cloudfront.net/f/3eJyrVspUslJQMjQxNlLSUVAqB3HSEotLkvNzCxLzKvWANEi8BCwOYuXnpcZn5gG5hrUA4rMQYA====/1432.html
Requested by: Host: assets.fastcompany.com
URL: https://assets.fastcompany.com/_/fc/bundle/js/vendor.dc872e360e7420032cd2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:1d:1e33:7c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 2c77d01f048b0e2fbeab1557101343957924bb60bdd9a19004cb9a915145170a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/

Response headers

content-length: 568
server: CloudFront
date: Thu, 16 Dec 2021 06:41:57 GMT
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: OGhfiJE2vgXpl1rhPghqj2Rfijd-aA4c4ohybS5vfmre5_brv417Gw==

GET
H2 200 MyQ2uJQ0.js Show response
content.jwplatform.com/libraries/ 130 KB
42 KB 88ms
14ms Script
text/javascript 2600:9000:2156:0:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.jwplatform.com/libraries/MyQ2uJQ0.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 849ab478cc6251ce0b7def90bd0f6dbe04058cdf6ad7344191eeac29e4aa930f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:40:26 GMT
content-encoding: gzip
server: openresty
age: 91
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=150, max-stale=180
x-amz-cf-pop: FRA50-C1
content-length: 42975
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-amz-cf-id: tM0z5WEnHonJUnBay3TC-Z-rXfqTet1d_v7FW7IROTgJ-oHJK_EKgQ==
expires: Thu, 16 Dec 2021 06:40:23 GMT

GET
H2 200 ads.js Show response
www.inc.com/js/ 34 B
744 B 148ms
102ms Script
text/javascript 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.inc.com/js/ads.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.54 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

18244ab08ac080e428ca151788a08492296b5672d885dd3c4e0f62bb737d5cf1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.incimages.com http://www.inc.com https://www.inc.com http://www.stumbleupon.com https://www.google.com https://cdn.ampproject.org

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://www.incimages.com http://www.inc.com https://www.inc.com http://www.stumbleupon.com https://www.google.com https://cdn.ampproject.org
content-encoding: gzip
etag: "12c0324-22-5d28178e05fdc"
x-cacheable: YES
age: 165161
x-cache: HIT, MISS
x-by: 0932149ecf23da196:apache-proxy-js
geoip-latitude: 50.105
geoip-postalcode: 60326
content-length: 54
x-served-by: cache-iad-kjyo7100078-IAD, cache-cdg20764-CDG
last-modified: Mon, 06 Dec 2021 22:06:44 GMT
server: nginx
cache-control: max-age=604800
x-timer: S1639636918.818768,VS0,VE83
date: Thu, 16 Dec 2021 06:41:57 GMT
vary: Accept-Encoding, Cookie
content-type: text/javascript
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
expires: Tue, 21 Dec 2021 08:49:16 GMT
geoip-countryname: Germany
accept-ranges: bytes
geoip-city: Frankfurt Am Main
x-cache-hits: 762, 0

GET
H2 200 2fyG0pBE.js Show response
content.jwplatform.com/libraries/ 130 KB
43 KB 55ms
20ms Script
text/javascript 2600:9000:2156:0:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.jwplatform.com/libraries/2fyG0pBE.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 0fc3dd4a29a22dfb44f078d97d85e3df9d626105550239f400ee32a1dfa4f7b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:40:56 GMT
content-encoding: gzip
server: openresty
age: 61
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=150, max-stale=180
x-amz-cf-pop: FRA50-C1
content-length: 43147
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-amz-cf-id: vU80nTu2zGBEkfHCV8wM7PBHE7O_R5hnwhxnp6sqD4ayZry5fxbm1A==
expires: Thu, 16 Dec 2021 06:40:38 GMT

POST
H2 200 s82905638604978 Show response
grunerandjahr.112.2o7.net/b/ss/gjincmansuetoprod/1/JS-2.22.3-LBWB/ 43 B
441 B 86ms
17ms XHR
image/gif 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://grunerandjahr.112.2o7.net/b/ss/gjincmansuetoprod/1/JS-2.22.3-LBWB/s82905638604978

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fastcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
x-content-type-options: nosniff
x-c: main-1548.I52ef9e.M0-537
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 17 Dec 2021 06:41:57 GMT
server: jag
xserver: anedge-675dccd488-f88js
etag: 3521093469304258560-4619872841890110922
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.fastcompany.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Wed, 15 Dec 2021 06:41:57 GMT

GET
H2 200 close.png
www.queryly.com/images/ 413 B
800 B 24ms
24ms Image
image/png 2606:4700:20::ac43:497c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.queryly.com/images/close.png
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:497c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5073515759e15bf3d3e3fcfa1883033cfb72dabdfbaaad718809b83c8abf8079

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53089
x-powered-by: ASP.NET
content-length: 413
last-modified: Wed, 22 Apr 2020 02:43:06 GMT
server: cloudflare
etag: "40f0b8c04f18d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTWRy12VeuscvO4%2F6pmJi2zHjIU2zhZ0r0j4eglqNOHMOS4A%2Brwtk704JHno3mGICzKS18%2FMmLshZwhYTANs%2FBkD5%2BxdnE9fXXWiN80HDmohgiy75YeoffPZe8Su%2F7Wzjy90DCh6tPleAvcoWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6be5edd07b1ae8ff-MXP
access-control-allow-headers: *

GET
H/1.1 200
OK / Show response
api.ipify.org/ 14 B
244 B 339ms
99ms XHR
text/plain 3.220.57.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/
Requested by: Host: assets.fastcompany.com
URL: https://assets.fastcompany.com/_/fc/bundle/js/vendor.dc872e360e7420032cd2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.220.57.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-57-224.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: ba9ce492eafa027648fdb3b662aa72b2cb15c7dc3287678a5f0e1b54b807bdd4

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.fastcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:41:58 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.fastcompany.com
Connection: keep-alive
Content-Length: 14

GET
H2 200 posts Show response
api.parsely.com/v2/referrers/social/ 15 KB
4 KB 337ms
104ms XHR
application/json 52.22.141.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.parsely.com/v2/referrers/social/posts?apikey=fastcompany.com&secret=Ldqx1NBhAHGqsuzIEaGqfzdmrnojHLYPoCdw4ISeZxU&domain=twitter.com&period_start=14d&limit=10
Requested by: Host: assets.fastcompany.com
URL: https://assets.fastcompany.com/_/fc/bundle/js/vendor.dc872e360e7420032cd2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.141.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-141-132.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7d1ccc3d49e43ed061df2d38f09b6156238caaefeb61baaf75d7304f633e5f16

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.fastcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
server: nginx
x-cache-status: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=600
expires: Thu, 16 Dec 2021 06:51:58 GMT

GET
H2 200 posts Show response
api.parsely.com/v2/referrers/social/ 49 KB
11 KB 421ms
197ms XHR
application/json 52.22.141.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.parsely.com/v2/referrers/social/posts?apikey=fastcompany.com&secret=Ldqx1NBhAHGqsuzIEaGqfzdmrnojHLYPoCdw4ISeZxU&domain=twitter.com&period_start=7d&limit=38
Requested by: Host: assets.fastcompany.com
URL: https://assets.fastcompany.com/_/fc/bundle/js/vendor.dc872e360e7420032cd2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.141.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-141-132.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f77fc2275db072e63c3b8894fc36002ed4416d40bc0da51b862ccde23aba8970

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.fastcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
server: nginx
x-cache-status: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=600
expires: Thu, 16 Dec 2021 06:51:58 GMT

GET
H2 200 post-finite Show response
fc-api.fastcompany.com/api/v2/fastcompany/ 130 KB
40 KB 166ms
104ms XHR
application/json 151.101.1.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fc-api.fastcompany.com/api/v2/fastcompany/post-finite
Requested by: Host: assets.fastcompany.com
URL: https://assets.fastcompany.com/_/fc/bundle/js/vendor.dc872e360e7420032cd2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f75439b2b51856c6cd66d6d171767fdc7acebf2d96eb6a3ee9be3425c6cc087a

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.fastcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
via: 1.1 varnish, 1.1 varnish
age: 51
x-cache: HIT, MISS
content-encoding: gzip
content-length: 40369
x-served-by: cache-iad-kjyo7100065-IAD, cache-hhn4083-HHN
last-modified: Thu, 16 Dec 2021 06:41:06 GMT
server: nginx
x-timer: S1639636918.901762,VS0,VE96
etag: W/"209d1-CBrJpMS/rP4uipgRznoAHUVYtvQ"
vary: Accept-Encoding, Cookie, X-abtest
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 index.html Show response
units.knotch.it/reporter/ver-fac59b9/ Frame DBC3 18 KB
6 KB 105ms
12ms Document
text/html 2600:9000:2315:5400:c:d8a6:21c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://units.knotch.it/reporter/ver-fac59b9/index.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:5400:c:d8a6:21c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53862e0c3c6ef724c494f14972d4555ea46fe9dfac9ff6e1493c9440e5df945f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/

Response headers

content-type: text/html
last-modified: Mon, 26 Jul 2021 17:13:19 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 16 Dec 2021 06:39:31 GMT
cache-control: max-age=2592000
etag: W/"a517599139def44f8e6c13999dbf62e1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: hmm_le_QDm9x8-KvDGQl_420X-aziIB4gmKQE1poB8lYBl0eiV7HvA==
age: 176

GET
H2 200 Grifito-M-Bold.woff
images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/Grifito-Grifo/Grifito-Web/ 37 KB
37 KB 10ms
10ms Font
application/font-woff 151.101.1.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/Grifito-Grifo/Grifito-Web/Grifito-M-Bold.woff
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f655529a1d53231155a57b23b15cdaf5456ee6edccc27c6c81bac9ce31901faf

Request headers

Referer: https://www.fastcompany.com/
Origin: https://www.fastcompany.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: gzip
x-cache: HIT, HIT
x-jpa-by: s3-redirect
x-by: 0932149ecf23da196:s3-redirect
x-cache-hits: 1, 42
content-length: 37845
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5181-BWI, cache-hhn4083-HHN
last-modified: Tue, 25 Sep 2018 17:49:26 GMT
server: nginx
x-timer: S1639636918.846605,VS0,VE0
etag: "75ae9c53ebb39998a99078c0d3b326bf"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=3153600001
accept-ranges: bytes
expires: Sun, 02 Nov 2031 07:59:14 GMT

GET
H2 200 Meret_SubFC-Book.woff
images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/meret/ 36 KB
36 KB 12ms
12ms Font
application/font-woff 151.101.1.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/meret/Meret_SubFC-Book.woff
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b2084f172586e0a07307967e63615559b34e65b5fa264587166343697552f1a5

Request headers

Referer: https://www.fastcompany.com/
Origin: https://www.fastcompany.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: gzip
x-cache: HIT, HIT
x-jpa-by: s3-redirect
x-by: 003e0b5459976ffa0:s3-redirect
x-cache-hits: 1, 33
content-length: 36845
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5152-BWI, cache-hhn4083-HHN
last-modified: Tue, 10 Apr 2018 15:34:18 GMT
server: nginx
x-timer: S1639636918.846725,VS0,VE0
etag: "6169e0e34c104fb8ac224910dc86473d"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=3153600001
accept-ranges: bytes
expires: Sun, 09 Nov 2031 05:59:46 GMT

GET
H2 200 Meret_SubFC-Book_Italic.woff
images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/meret/ 37 KB
37 KB 15ms
14ms Font
application/font-woff 151.101.1.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/meret/Meret_SubFC-Book_Italic.woff
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a843aa01c914500ec866109398a5c446255838498cfe31d163479335a2442c0

Request headers

Referer: https://www.fastcompany.com/
Origin: https://www.fastcompany.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: gzip
x-cache: HIT, HIT
x-jpa-by: s3-redirect
x-by: 05d644beebe5ec4a1:s3-redirect
x-cache-hits: 1, 29
content-length: 37873
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5128-BWI, cache-hhn4083-HHN
last-modified: Tue, 10 Apr 2018 15:34:17 GMT
server: nginx
x-timer: S1639636918.847519,VS0,VE0
etag: "cb32680ee8c1d764b81ed0ad155bae5b"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=3153600001
accept-ranges: bytes
expires: Sat, 08 Nov 2031 09:35:07 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/fastcompany.com/ 47 KB
18 KB 77ms
10ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/fastcompany.com/p.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: defe772a52ed234ec2b397460c65d7fd148025e90885f0043e588e56f45830ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Dec 2021 20:05:02 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 19:07:47 GMT
server: nginx
age: 38215
etag: W/"60467603-bd30"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: ji56c5lnTGQ3tlZB7R1jFECxnwHrD8DZ1ww2e1zcR5lJ7OH5jwUFMg==
expires: Thu, 16 Dec 2021 20:05:02 GMT

GET
H3 200 908965139191815 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 10ms
10ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/908965139191815?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

af96801b451f5e7078e2f969011795d23ee174f079520501d3d2850fecf5288d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89130
x-xss-protection: 0
pragma: public
x-fb-debug: ptMfKIBZ5sWv5LwCDI9F40W7M35ozYsi6b98dfIjV/yJsjI6aX/jpCk2VapJamKIYMFRyfdjqaxVABuCp0fh+Q==
x-frame-options: DENY
date: Thu, 16 Dec 2021 06:41:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 61ms
20ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1389601884702365&ev=PageView&dl=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&rl=&if=false&ts=1639636917874&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1639636917873.1839813914&it=1639636917342&coo=false&exp=p0&rqm=GET

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 16 Dec 2021 06:41:57 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
675 B 245ms
117ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o2ula&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=5f6973ff-cb62-4e7c-bf93-48168a05faf8&tw_document_href=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Thu, 16 Dec 2021 06:41:58 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: ac7ea942289ff48c489c371ac8f988568ca49ddbf6a2ba8e2bc8f73763d12f43
x-transaction: 0e4adf66c75508b0
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
470 B 144ms
114ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o2ula&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=5f6973ff-cb62-4e7c-bf93-48168a05faf8&tw_document_href=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 106
pragma: no-cache
last-modified: Thu, 16 Dec 2021 06:41:57 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 604b92c8521253dd19e066f4ddea104b35a1400c02920eaa4c735a6bb03a5c48
x-transaction: 28a8725fd147effc
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2

200

s85357617367214
grunerandjahr.112.2o7.net/b/ss/gjincfastcoprod/1/H.24.4/
Redirect Chain

https://grunerandjahr.112.2o7.net/b/ss/gjincfastcoprod/1/H.24.4/s85357617367214?AQB=1&ndh=1&t=16%2F11%2F2021%206%3A41%3A57%204%200&vmt=475EF8B1&ce=UTF-8&pageName=fastcompany%3A90706145%3Akronos-ran...
https://grunerandjahr.112.2o7.net/b/ss/gjincfastcoprod/1/H.24.4/s85357617367214?AQB=1&pccr=true&ndh=1&t=16%2F11%2F2021%206%3A41%3A57%204%200&vmt=475EF8B1&ce=UTF-8&pageName=fastcompany%3A90706145%3A...

43 B
292 B

18ms
18ms

Image
image/gif

15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grunerandjahr.112.2o7.net/b/ss/gjincfastcoprod/1/H.24.4/s85357617367214?AQB=1&pccr=true&ndh=1&t=16%2F11%2F2021%206%3A41%3A57%204%200&vmt=475EF8B1&ce=UTF-8&pageName=fastcompany%3A90706145%3Akronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas&g=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&cc=USD&server=fastcompany&v0=rss&events=event9&c1=news&v1=D%3Dc1&c2=news&v2=D%3Dc2&c3=Kronos%20ransomware%20attack%3A%20The%20nightmare%20that%20could%20hit%20paychecks%20right%20before%20Christmas&v3=D%3Dc3&c4=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas&c5=misc&v5=D%3Dc5&c6=misc&v6=D%3Dc6&c8=Connie%20Lin&v8=D%3Dc8&c9=2021-12-14&v9=D%3Dc9&c10=90706145&v10=D%3Dc10&c11=Connie%20Lin&v11=D%3Dc11&c13=1&v15=D%3Dc17&v16=D%3Dc18&c17=1%3A30AM%3AThursday%3AWeekday&v17=D%3Dc19&c18=New&v18=D%3Dc20&c19=1&v19=rss&c20=First%20Visit&c21=anonymous&c22=anonymous%3Afastcompany%3A90706145%3Akronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas&c23=anonymous&v23=D%3Dc21&c25=H24.4%7C2012.10.01&c26=D%3Ds_vi&v27=D%3Dc4&c28=article&v28=D%3Dc13&v29=D%3Ds_vi&c33=News&v35=D%3Dc28&v44=D%3Dr&v49=13&v55=D%3Dc33&h1=D%3DpageName&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&p=Chrome%20PDF%20Plugin%3BChrome%20PDF%20Viewer%3BNative%20Client%3B&AQE=1

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
x-content-type-options: nosniff
x-c: main-1548.I52ef9e.M0-537
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 17 Dec 2021 06:41:58 GMT
server: jag
xserver: anedge-675dccd488-hzhc7
etag: 3521093472022921216-4619928788671225929
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 15 Dec 2021 06:41:58 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:41:57 GMT
x-content-type-options: nosniff
last-modified: Fri, 17 Dec 2021 06:41:57 GMT
server: jag
access-control-allow-origin: *
xserver: anedge-675dccd488-bhnbl
x-c: main-1548.I52ef9e.M0-537
p3p: CP="This is not a P3P policy"
location: https://grunerandjahr.112.2o7.net/b/ss/gjincfastcoprod/1/H.24.4/s85357617367214?AQB=1&pccr=true&ndh=1&t=16%2F11%2F2021%206%3A41%3A57%204%200&vmt=475EF8B1&ce=UTF-8&pageName=fastcompany%3A90706145%3Akronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas&g=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&cc=USD&server=fastcompany&v0=rss&events=event9&c1=news&v1=D%3Dc1&c2=news&v2=D%3Dc2&c3=Kronos%20ransomware%20attack%3A%20The%20nightmare%20that%20could%20hit%20paychecks%20right%20before%20Christmas&v3=D%3Dc3&c4=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas&c5=misc&v5=D%3Dc5&c6=misc&v6=D%3Dc6&c8=Connie%20Lin&v8=D%3Dc8&c9=2021-12-14&v9=D%3Dc9&c10=90706145&v10=D%3Dc10&c11=Connie%20Lin&v11=D%3Dc11&c13=1&v15=D%3Dc17&v16=D%3Dc18&c17=1%3A30AM%3AThursday%3AWeekday&v17=D%3Dc19&c18=New&v18=D%3Dc20&c19=1&v19=rss&c20=First%20Visit&c21=anonymous&c22=anonymous%3Afastcompany%3A90706145%3Akronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas&c23=anonymous&v23=D%3Dc21&c25=H24.4%7C2012.10.01&c26=D%3Ds_vi&v27=D%3Dc4&c28=article&v28=D%3Dc13&v29=D%3Ds_vi&c33=News&v35=D%3Dc28&v44=D%3Dr&v49=13&v55=D%3Dc33&h1=D%3DpageName&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&p=Chrome%20PDF%20Plugin%3BChrome%20PDF%20Viewer%3BNative%20Client%3B&AQE=1
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-type: text/plain;charset=utf-8
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 15 Dec 2021 06:41:57 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 45ms
19ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4300461-2&cid=228701361.1639636917&jid=1951799557&_u=YEDAAEACAAAAAC~&z=1865325121

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:41:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 44ms
18ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4300461-2&cid=228701361.1639636917&jid=1951799557&_u=YEDAAEACAAAAAC~&z=1865325121

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:41:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 37ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4300461-33&cid=228701361.1639636917&jid=82693859&_u=YEDAAEADAAAAAC~&z=1284080567

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:41:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 26ms
19ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4300461-33&cid=228701361.1639636917&jid=82693859&_u=YEDAAEADAAAAAC~&z=1284080567

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:41:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lightbox_inline.js Show response
www.lightboxcdn.com/vendor/252af0a6-c9ae-4612-9dbe-5d1552fad623/ 2 KB
1 KB 124ms
23ms Script
application/javascript 2606:4700::6810:4fa5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/252af0a6-c9ae-4612-9dbe-5d1552fad623/lightbox_inline.js?mb=1639636917920
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6dec834c1c03ff6f6cbb720d09a412c3211ad759e39576477eaca9b066ff851

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: N2LFOKijBrTbCzrirMJjoQ==
age: 184
cf-polished: origSize=2379
x-ms-lease-status: unlocked
last-modified: Tue, 09 Nov 2021 17:29:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: fc3f2391-901e-0061-798f-d55cef000000
x-ms-version: 2009-09-19
cf-ray: 6be5edd1cb5483b8-MXP
cf-bgj: minify

GET
H2 200 moatplugin.js Show response
z.moatads.com/jwplayerplugin0938452/ 4 KB
2 KB 12ms
11ms Script
application/x-javascript 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/jwplayerplugin0938452/moatplugin.js
Requested by: Host: assets.fastcompany.com
URL: https://assets.fastcompany.com/_/fc/bundle/js/vendor.dc872e360e7420032cd2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0d910cc1aa24413aaeef9f2cb52c3ed8bc4a06e823fc1d2d26f75667a0233764

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:57 GMT
content-encoding: gzip
last-modified: Tue, 10 Apr 2018 14:31:58 GMT
server: AmazonS3
x-amz-request-id: 39FE5AFF19BAB50C
etag: "30b375ad7de497af4a70858611be5346"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=59066
accept-ranges: bytes
content-length: 1908
x-amz-id-2: nWNNbz6RMHf1xmMHETV9oooBwkElerFvgpv8GGTnzBoQFC8tH43EqiFa1jVIYBMBd5ktFM4MbNg=

GET
H3

200

ab12745d93c5.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

15 KB
5 KB

44ms
18ms

Script
text/javascript

2a03:2880:f207:e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H3
Server: 2a03:2880:f207:e5:face:b00c:0:4420 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:46:18 GMT
content-encoding: br
etag: "ab12745d93c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 4843
priority: u=3,i

Redirect headers

date: Thu, 16 Dec 2021 06:41:58 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: ldc
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 161ms
38ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: assets.fastcompany.com
URL: https://assets.fastcompany.com/_/fc/bundle/js/vendor.dc872e360e7420032cd2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE5) /
Resource Hash: 97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:41:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:35:27 GMT
Server: ECS (mil/6CE5)
Age: 41
Etag: "50ec7e701ed018305368886c39cac301+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29126

GET
H2 200 scroll-proxy.min.js Show response
view.ceros.com/ 8 KB
4 KB 40ms
8ms Script
text/javascript 151.101.2.51
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://view.ceros.com/scroll-proxy.min.js

Requested by

Host: assets.fastcompany.com
URL: https://assets.fastcompany.com/_/fc/bundle/js/vendor.dc872e360e7420032cd2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.51 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

82e4f86a43576249efada40f31531090ffcaec7bcacfb8fbf5dde25af5574163

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: kMxbE0qlzfl9udWwi1Sxq7Vl35egUYTu
content-encoding: gzip
x-content-type-options: nosniff
age: 803353
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=315360000
x-amz-meta-surrogate-key: 06238662fc71fa41d4511b11d56653b0
content-length: 3041
x-amz-id-2: GOOKpOw0LcsT6tZEb7xOE6bYb5MXf+N5S7QS3be0avM6Y/gEUt1TO19Puc79As91Y2HhipO8zTo=
x-served-by: cache-bwi5147-BWI, cache-hhn4061-HHN
last-modified: Thu, 18 Nov 2021 22:45:08 GMT
x-timer: S1639636918.982983,VS0,VE0
etag: "2e5e99dfc7d206bad0fa6d3a02b6d593"
vary: , X-USE-CHINA-ASSETS, X-REQUEST-TYPE, Accept-Encoding
x-amz-request-id: YDWV8JR7A5A769P0
via: 1.1 varnish, 1.1 varnish
x-xss-protection: 0
cache-control: max-age=0
accept-ranges: bytes
content-type: text/javascript
date: Thu, 16 Dec 2021 06:41:57 GMT
x-cache-hits: 1, 11822

GET
H2 200 embedded-variant-switcher-v3.min.js Show response
creative-services.ceros.com/customer-success/varying-embed-tag-generator/ 1 KB
972 B 99ms
7ms Script
application/javascript 151.101.64.233
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://creative-services.ceros.com/customer-success/varying-embed-tag-generator/embedded-variant-switcher-v3.min.js
Requested by: Host: assets.fastcompany.com
URL: https://assets.fastcompany.com/_/fc/bundle/js/vendor.dc872e360e7420032cd2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.233 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 450878a2db3b385251b0b7e436ac7d2898ef05fc8dc27cfbdac0e41f392b330c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: z1dG9eIoFrny4P10j..sQX4Ixazn3Kr.
content-encoding: gzip
etag: "8fe62199cb1c3a5ad69705276359a4e4"
age: 16900
via: 1.1 varnish
x-cache: HIT
content-length: 584
x-amz-id-2: M/FDWJB7orLhMobARNOTQv48h6Gver22X06O0d7illEDKgF+3CfZrGKrSLc4zUB1GZ4UQ9vl26w=
x-served-by: cache-hhn4046-HHN
last-modified: Thu, 26 Apr 2018 13:50:35 GMT
server: AmazonS3
x-timer: S1639636918.044499,VS0,VE0
date: Thu, 16 Dec 2021 06:41:58 GMT
vary: Accept-Encoding
x-amz-request-id: YXPVR5V2WY23292Q
access-control-allow-origin: *
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 27

GET
H2 200 autotrack.js Show response
cdnjs.cloudflare.com/ajax/libs/autotrack/2.2.0/ 22 KB
7 KB 65ms
26ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/autotrack/2.2.0/autotrack.js

Requested by

Host: assets.fastcompany.com
URL: https://assets.fastcompany.com/_/fc/bundle/js/vendor.dc872e360e7420032cd2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32accb55c11f5745dba3ad33994c2febbe97be7d55e491d9b6b91e71e00b1b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3666132
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6655
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:05:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d61-58fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdS3MKvMKXVUTdTRJEbsa0exNDfE86xeC3ie8ffZUbBYgbwmSEF72tM3y0JmqzlPRHJwranlSxTXYatC8iaPJg6Lz%2BwFnT5vxbs5wVf%2BFDClFRWsDXEXHeL857DnsaDUft5xDTS8e%2BAN3NYzzItjs6ZY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6be5edd178820e1a-MXP
expires: Tue, 06 Dec 2022 06:41:58 GMT

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
343 B 18ms
17ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/122276X1583643.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fastcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:41:57 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://www.fastcompany.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 22

POST
H2 200 link Show response
t.skimresources.com/api/v2/ 22 B
114 B 26ms
24ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/link

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/122276X1583643.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fastcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:41:57 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://www.fastcompany.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
warning: 299 - "Deprecated API"
alt-svc: clear
content-length: 22

GET
H2 200 p-1-Kronos-ransomware-attack-could-hit-your-wallet-right-before-the-holidays.jpg
images.fastcompany.net/image/upload/w_937,ar_16:9,c_fill,g_auto,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/ 212 KB
213 KB 20ms
20ms Image
image/jpeg 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_937,ar_16:9,c_fill,g_auto,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/p-1-Kronos-ransomware-attack-could-hit-your-wallet-right-before-the-holidays.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e8c8ffd8af3bb33a7579885bee66e7a4c0549e9d87883c362694518ca072c31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
cache-tag: 28536121771938034072745823114538755935,317967140503508205329202667896704841608,c6d09d6a2d1428f58e8cf68b8654cb10
server-timing: akam;dur=753;start=2021-12-14T18:53:48.085Z;total=965;desc=miss,rtt;dur=1
content-length: 217041
x-served-by: cache-iad-kcgs7200158-IAD, cache-cdg20764-CDG
last-modified: Tue, 14 Dec 2021 18:53:49 GMT
server: nginx
x-timer: S1639636918.999201,VS0,VE2
etag: "add466669971677a7df327d6936037b6"
vary: User-Agent
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 1, 1

GET
H2 200 s85781833082541
grunerandjahr.112.2o7.net/b/ss/gjincmansuetoprod/1/JS-2.22.3-LBWB/ 43 B
337 B 18ms
18ms Image
image/gif 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grunerandjahr.112.2o7.net/b/ss/gjincmansuetoprod/1/JS-2.22.3-LBWB/s85781833082541?AQB=1&ndh=1&pf=1&t=16%2F11%2F2021%206%3A41%3A57%204%200&mid=43773153765825536941073005484851624732&aamlh=6&ce=UTF-8&pageName=Kronos%20ransomware%20attack%3A%20The%20nightmare%20that%20could%20hit%20paychecks%20right%20before%20Christmas&g=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas&cc=USD&ch=News&server=fc-node&events=event7&c1=D%3Dv1&v1=News&c2=D%3Dv2&v2=News&c3=D%3Dv19&c4=D%3Dv4&v4=Kronos%20ransomware%20attack%3A%20The%20nightmare%20that%20could%20hit%20paychecks%20right%20before%20Christmas&c5=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas&v5=misc&v6=fast%20company&c7=D%3Dv5&v7=Subscribe%7Cheader%20bar&v8=Connie%20Lin&c10=D%3Dv8&v10=fc90706145&c11=D%3Dv11&v11=FC%20Editor&c13=D%3Dv28&v16=true&c17=D%3Dv43&v17=1&c18=D%3Dv43&c24=D%3Dv10&c25=D%3Dv6&v25=topOfPage&v26=click%7Cnav%20Subscribe&v27=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas&c28=D%3Dv66&v28=undefined&v29=NoProfileID&c30=D%3Dv72&c32=unknown&v33=staff&v34=2&c36=D%3Dv34&v43=none&v44=D%3Dv43&c45=D%3Dv79&v49=unspecified&c62=D%3Dv62&c63=D%3Dv94&v65=article&c68=D%3Dv61&c69=D%3Dv62&c70=D%3Dv63&v72=kronos%2Cransomware%20attacks&v79=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&v82=Subscribe&v83=header%20bar&v94=1&v101=2021-12-14&pe=lnk_o&pev2=Subscribe&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=283B366E5AFAA4490A495E0C%40AdobeOrg&AQE=1

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
x-content-type-options: nosniff
x-c: main-1548.I52ef9e.M0-537
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 17 Dec 2021 06:41:58 GMT
server: jag
xserver: anedge-675dccd488-hhfdp
etag: 3521093470646075392-4619806712815549371
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 15 Dec 2021 06:41:58 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 42ms
25ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-98096820-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4300461-33&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e922b797126b6140522c86033ac028e99d27dbaacaf573904e0b2b3baae2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36234
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Dec 2021 06:41:58 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 32ms
17ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-975200100&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4300461-33&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04ee592de36575143670e03824879ef74a55720cf92171df134c5aaa6dcaced9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39618
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Dec 2021 06:41:58 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 37ms
21ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-972240864&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4300461-33&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0b2aeea3b76afb2d3ef70a7968e7876aeffbbb81f2ac7888547ab4e2074cde0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39623
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Dec 2021 06:41:58 GMT

GET
H2 200 gdpr-cmp-bootstrap.js Show response
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/ 307 KB
68 KB 98ms
97ms Script
application/javascript 104.92.84.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.84.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-84-47.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 267d1daed09d9ecec5f1e21bb6fe93e6eb9b65a051b7c07e966dfcda10f9e812

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 18:20:57 GMT
server: Apache
etag: "4ccb2-5cc99935cd436-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 69040

GET
H2 200 main.6ae4a9fc.js Show response
s.pinimg.com/ct/lib/ 54 KB
19 KB 118ms
118ms Script
application/javascript 2a02:26f0:fb:5ae::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:5ae::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "9850391ff02e4a98b00efa3acfbbbb10"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
x-fallback: 70a49a3-95.100.153.109
accept-ranges: bytes
content-length: 18814
access-control-expose-headers: X-CDN

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 57 B
407 B 8ms
7ms XHR
application/json 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3316&u=https%3A%2F%2Fwww.fastcompany.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 00:54:43 GMT
via: 1.1 bafba29f1325f15932567e0ae2d444a5.cloudfront.net (CloudFront)
server: Server
age: 20835
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fastcompany.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
content-length: 57
x-amz-cf-id: jLSuffIVL0hruAwgk7QZKqiPep6DHev3RABpdUwuo5pCuDh2so1K0w==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 24ms
7ms XHR
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 11113
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
date: Thu, 16 Dec 2021 03:36:46 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724d.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: eb7eM6Vh6_d9rz_dbD-TkFlT_TMfv8qOItrh_pCeIpRQ8wv6ytdzNA==

GET
H2 200 dm.js Show response
tag.durationmedia.net/sites/10444/ 109 KB
30 KB 147ms
17ms Script
application/javascript 2600:9000:2156:e200:10:ce97:9fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.durationmedia.net/sites/10444/dm.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENf6f754d17779412f8d246f49c783f295.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e200:10:ce97:9fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7f2ca5ad362d47c3237c7337f3daac30acb6b900d070351bfdf1ff42deac1c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: UGBAMr1mvghIhiNBYLTUVQleMZplUIgk
content-encoding: gzip
last-modified: Wed, 10 Nov 2021 09:00:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "cc464fbcc06e7be7b1c9b665a9a821b4"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
cache-control: public,max-age=900
date: Thu, 16 Dec 2021 06:41:58 GMT
accept-ranges: bytes
content-length: 30302
x-amz-cf-id: DyfW217x2Lnzr1tMH8Azgeot7O_sNW9epGta1Lqa1MgubgvH565jVQ==

GET
H2 200 1084.js Show response
cdn.keywee.co/config/ 231 B
563 B 11ms
10ms Script
application/javascript 2600:9000:2315:4200:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/config/1084.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:4200:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4645c485d2785dfdbb86aaaf6efcdb9970cc1568950d8dd2cae26b0fd37ec737

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 07:37:45 GMT
via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jun 2020 11:42:22 GMT
server: AmazonS3
age: 83687
etag: "be7a197cf07590b509f2d1aba9b2a345"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-pop: DUS51-P2
content-length: 231
x-amz-cf-id: 7m7XkyxbNKFrZLVMOF5OY_dAWi7eOOptyBk8P_JbWXhdAEYyC0z69g==

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 445ms
99ms Image
image/gif 54.144.144.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1639636918078&plid=28367483&idsite=fastcompany.com&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22ab%22%3A%22a%22%7D&sid=1&surl=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&sref=&sts=1639636918075&slts=0&title=Kronos+ransomware+attack%3A+Will+it+affect+my+paycheck%3F&date=Thu+Dec+16+2021+06%3A41%3A58+GMT%2B0000+(GMT)&action=pageview&pvid=54149694&u=pid%3D55008e63bd27abfeccc0596c68c8f029
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-144-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:41:58 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 16-Dec-2021 06:41:58 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 googima.js Show response
ssl.p.jwpcdn.com/player/plugins/googima/v/8.9.1/ 73 KB
22 KB 116ms
17ms Script
text/plain 2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/plugins/googima/v/8.9.1/googima.js
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/MyQ2uJQ0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f39f5a2b61aea2db3244384a3f02be6830fb34b924538452856aa6c53b7ae5bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
age: 4854843
x-cache: HIT
content-length: 21956
via: 1.1 varnish
x-served-by: cache-mxp6922-MXP
last-modified: Mon, 20 Sep 2021 22:12:43 GMT
server: AmazonS3
x-timer: S1639636918.204123,VS0,VE0
etag: "0aaf301da263af13475737da5a07d610"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 924543

GET
H2 200 jwpsrv.js Show response
ssl.p.jwpcdn.com/player/v/8.24.0-beta.2/ 58 KB
17 KB 138ms
39ms Script
application/javascript 2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.24.0-beta.2/jwpsrv.js
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/MyQ2uJQ0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82e587ecca54057eabad78bed2d89c2fb8f4118c3504e6f096215cb72868913e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
age: 111
x-cache: HIT
content-length: 17499
via: 1.1 varnish
x-served-by: cache-mxp6922-MXP
last-modified: Mon, 06 Dec 2021 20:07:23 GMT
server: AmazonS3
x-timer: S1639636918.204308,VS0,VE0
etag: "fd28c0166cd7029ddfb10e5953b3f7f2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, immutable
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 jwplayer.core.controls.js Show response
ssl.p.jwpcdn.com/player/v/8.24.0-beta.2/ 307 KB
79 KB 122ms
24ms Script
application/javascript 2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.24.0-beta.2/jwplayer.core.controls.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4083e9808132911da3e13c3b41e7d6647c7998b0af19d90550f64addf41a491b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
age: 649047
x-cache: HIT
content-length: 80439
via: 1.1 varnish
x-served-by: cache-mxp6922-MXP
last-modified: Mon, 06 Dec 2021 20:07:15 GMT
server: AmazonS3
x-timer: S1639636918.204237,VS0,VE0
etag: "49c2723505944ba5bc4df25b10b15a05"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1334

GET
H2 200 R6of2m4z.json Show response
content.jwplatform.com/feeds/ 1 MB
145 KB 34ms
15ms XHR
application/json 2600:9000:2156:0:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.jwplatform.com/feeds/R6of2m4z.json
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/MyQ2uJQ0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 772cbabbc7654aca3db915e20446d13962391d785bc78c7d1aa50fc2a0a0d59c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:39:11 GMT
content-encoding: gzip
server: openresty
age: 167
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-amz-cf-pop: FRA50-C1
content-length: 148371
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
x-amz-cf-id: rziBnN7qjmeq6LaGv4VqL8y7sRyBtT3ag-LPhvxsqyCuBjFgV4-1Ig==
expires: Thu, 16 Dec 2021 06:42:11

GET
H2 200 dOytm2y2.json Show response
content.jwplatform.com/feeds/ 24 KB
4 KB 29ms
16ms XHR
application/json 2600:9000:2156:0:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.jwplatform.com/feeds/dOytm2y2.json?page_limit=10
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/MyQ2uJQ0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 5ba0f2022f490b82e8846c382d8baea3f102cbddbb7506bb079600866f6d56d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:29 GMT
content-encoding: gzip
server: openresty
age: 28
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-amz-cf-pop: FRA50-C1
content-length: 3682
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
x-amz-cf-id: qWtTy245svt5cIJpPinUEmPeABqcZUsAB2TtEnNusj_X6JKQFfpWSQ==
expires: Thu, 16 Dec 2021 06:44:29

GET
H2 200 hjdebh67699dwnjldw00.js Show response
drlimmode9ddd.cloudfront.net/abp/ Frame 4126 10 B
252 B 138ms
137ms Script
text/plain 2600:9000:224a:3600:1d:1e33:7c40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://drlimmode9ddd.cloudfront.net/abp/hjdebh67699dwnjldw00.js?q=/f/3eJyrVspUslJQMjQxNlLSUVAqB3HSEotLkvNzCxLzKvWANEg8Py81PjMPKGlYCwBUnQ5Y
Requested by: Host: drlimmode9ddd.cloudfront.net
URL: https://drlimmode9ddd.cloudfront.net/f/3eJyrVspUslJQMjQxNlLSUVAqB3HSEotLkvNzCxLzKvWANEi8BCwOYuXnpcZn5gG5hrUA4rMQYA====/1432.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3600:1d:1e33:7c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: f677d6b770cd4f5e28fad6423f762295f2f04eb84b23df1ea9b37af3d07b6a36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://drlimmode9ddd.cloudfront.net/f/3eJyrVspUslJQMjQxNlLSUVAqB3HSEotLkvNzCxLzKvWANEi8BCwOYuXnpcZn5gG5hrUA4rMQYA====/1432.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P1
content-length: 10
x-amz-cf-id: FYLLlENimsgk-z2U9TFGmNB_G8S_mtFAfep_FKZBfjfUVQQzJ5tV4w==
x-cache: LambdaGeneratedResponse from cloudfront

GET
H2 200 bpix.bmp
d3aiy6aqoa3ykz.cloudfront.net/f/3eJyrVspUslJQMjQxNlLSUVAqB3HSEotLkvNzCxLzKvWANEg8Py81PjMPKGlYCwBUnQ5Y/ Frame 4126 58 B
309 B 94ms
26ms Image
image/bmp 2600:9000:2315:6400:6:21a6:f4c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3aiy6aqoa3ykz.cloudfront.net/f/3eJyrVspUslJQMjQxNlLSUVAqB3HSEotLkvNzCxLzKvWANEg8Py81PjMPKGlYCwBUnQ5Y/bpix.bmp?b=0.29207867572989943&adsize=
Requested by: Host: drlimmode9ddd.cloudfront.net
URL: https://drlimmode9ddd.cloudfront.net/f/3eJyrVspUslJQMjQxNlLSUVAqB3HSEotLkvNzCxLzKvWANEi8BCwOYuXnpcZn5gG5hrUA4rMQYA====/1432.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:6400:6:21a6:f4c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 119c17d1fc971f9250f4867fe2eb6c2da602f2dab1d3557bc78be3efa0adb2d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://drlimmode9ddd.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/bmp
content-length: 58
x-amz-cf-id: ZsUnkLvNGG_Ovm_8ivsVKbr2vNA--gq_EUCyRCKShxM43EGjw8S4lA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
536 B 44ms
43ms XHR
text/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3316&u=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&pid=B52LyvJAM4wmw&cb=0&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%22bling-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22970x415%22%2C%22970x600%22%2C%226x6%22%2C%223x1%22%5D%2C%22sn%22%3A%22%2F4160%2Fmv.fc%2Fnews%2Fmisc%2Fflexiblepushdown%22%7D%5D&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.210.175 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-210-175.fra56.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 bafba29f1325f15932567e0ae2d444a5.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: NW9232RDAWYT0841WGPZ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.fastcompany.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: CBm5XPK_0595yZOQxDjopDGHPMoELW3IKB4NrOVH10ewqod8YBBy1A==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
537 B 44ms
43ms XHR
text/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3316&u=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&pid=B52LyvJAM4wmw&cb=1&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%22bling-6%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F4160%2Fmv.fc%2Fnews%2Fmisc%2Fflexibleportrait%22%7D%5D&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.210.175 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-210-175.fra56.r.cloudfront.net

Software

Server /

Resource Hash

8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 bafba29f1325f15932567e0ae2d444a5.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: 4QQR760VCYVP15A4672J
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.fastcompany.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: SwJOHVNGfB-yoUR9K_8gLSSsRAZz_jjB5UM8jKHLf93I6IKA8HGuKQ==

GET
H3 200 /
www.facebook.com/tr/ 44 B
90 B 40ms
19ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=908965139191815&ev=PageView&dl=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&rl=&if=false&ts=1639636918145&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1639636917873.1839813914&it=1639636917342&coo=false&exp=p0&rqm=GET

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 16 Dec 2021 06:41:58 GMT

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 22 KB
6 KB 67ms
18ms Script
application/x-javascript 2a02:26f0:fb:59f::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59f::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:41:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jul 2021 14:49:19 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5864
Expires: Thu, 16 Dec 2021 07:41:58 GMT

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
313 B 78ms
28ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=UnG6aKcRpu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1b40b4b083694a7d1680ca1f0a8b0445b6dc2776b4c48dc714c6e72aacbb0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 86
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: Ckv374riR53
pragma
wn: prod-dash-10-0-116-59
last-modified: Thu, 16 Dec 2021 06:40:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=1200
cf-ray: 6be5edd31887599b-MXP
expires: Thu, 16 Dec 2021 07:01:58 GMT

GET
H2 200 provider.hlsjs.js Show response
ssl.p.jwpcdn.com/player/v/8.24.0-beta.2/ 410 KB
113 KB 19ms
19ms Script
application/javascript 2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.24.0-beta.2/provider.hlsjs.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3d58e30ccc8549f75e0cc5fcd1f35248f459d73359b56f53cc0095c5e00730f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
age: 648960
x-cache: HIT
content-length: 115808
via: 1.1 varnish
x-served-by: cache-mxp6922-MXP
last-modified: Mon, 06 Dec 2021 20:07:18 GMT
server: AmazonS3
x-timer: S1639636918.225651,VS0,VE0
etag: "344336207aa9393e1f8861c43dadfbff"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 7569

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/252af0a6-c9ae-4612-9dbe-5d1552fad623/ Frame C022 326 B
310 B 24ms
23ms Script
application/javascript 2606:4700::6810:4fa5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/252af0a6-c9ae-4612-9dbe-5d1552fad623/lightbox.js?mb=1639636918230&lv=1
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 761d1eaef904bebf25aadd2a9a26971cca7e0595f10f31a3d330a513228f82d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Dec 2021 06:23:47 GMT
server: cloudflare
age: 1091
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 6be5edd30d0283b8-MXP
cf-bgj: minify

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-98096820-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6052
date: Thu, 16 Dec 2021 05:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 16 Dec 2021 07:01:06 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 86ms
31ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-975200100&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Dec 2021 06:41:58 GMT

GET
H2 200 Path_33_zlkv0h.svg
images.fastcompany.net/image/upload/v1595605760/fcweb/ 274 B
535 B 17ms
17ms Image
image/svg+xml 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/v1595605760/fcweb/Path_33_zlkv0h.svg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a1ddbfd88621418b7eead664309c12b9ca05607f2f6bec0cebda9b316b3d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
x-cache: HIT, HIT
cache-tag: 89764007865396569233944591077909494786,c6d09d6a2d1428f58e8cf68b8654cb10
content-disposition: attachment; filename="Path_33_zlkv0h.svg"
server-timing: akam;dur=9;start=2021-12-08T06:51:49.100Z;total=104;desc=miss,rtt;dur=13
content-length: 201
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5139-BWI, cache-cdg20764-CDG
last-modified: Fri, 24 Jul 2020 15:49:23 GMT
server: nginx
x-timer: S1639636918.290480,VS0,VE1
etag: "7c6336ed4d8c36028fd02c26d3b1e10c"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31557544
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H/1.1 429
Too Many Requests 185.232.23.181 Show response
free-geo-ip.p.rapidapi.com/json/ 41 B
2 KB 82ms
80ms XHR
application/json 52.59.69.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-geo-ip.p.rapidapi.com/json/185.232.23.181
Requested by: Host: assets.fastcompany.com
URL: https://assets.fastcompany.com/_/fc/bundle/js/vendor.dc872e360e7420032cd2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.69.103 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-69-103.eu-central-1.compute.amazonaws.com
Software: RapidAPI-1.2.8 /
Resource Hash: 51c466ccb2b6365a202b44703a989141e71251908b9a20ae63db11deba0a98fb

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.fastcompany.com/
x-rapidapi-key: 3939c0a8aamsh79f79f0093e0538p147fe1jsn3248b020b32b
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
x-rapidapi-host: free-geo-ip.p.rapidapi.com

Response headers

X-RapidAPI-Region: AWS - eu-central-1
Date: Thu, 16 Dec 2021 06:41:58 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-reset: 1082
x-kong-response-latency: 1
x-ratelimit-limit-hour: 1200
ratelimit-limit: 1200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 41
X-RapidAPI-Version: 1.2.8
Server: RapidAPI-1.2.8
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbjGjmxxEJUPkDZOj1zYcmiJCLuQ%2Bz%2ByKMKRg%2FcPLFFJnLu9UlUyoqCx7HXzNLQDQSsJmKVXjh3Z9uf7Cx%2FuL8IgJlJn5bhuWTjLFO3BRlfFOyGrNcEMR2U6X7Vh6LdN"}],"group":"cf-nel","max_age":604800}
Content-Type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, access-control-allow-origin, accept-ranges, age, allow, cache-control, connection, content-encoding, content-language, content-length, content-location, content-md5, content-disposition, content-range, content-type, date, etag, expires, last-modified, link, location, p3p, pragma, proxy-authenticate, refresh, retry-after, server, set-cookie, status, strict-transport-security, trailer, transfer-encoding, upgrade, vary, via, warning, www-authenticate, x-frame-options, public-key-pins, x-xss-protection, content-security-policy, x-content-security-policy, x-webkit-csp, x-content-type-options, x-powered-by, x-ua-compatible, x-ratelimit-limit-hour, cf-ray, expect-ct, report-to, x-rapidapi-region, x-rapidapi-version, access-control-allow-credentials, ratelimit-remaining, x-kong-response-latency, ratelimit-limit, nel, cf-cache-status, ratelimit-reset, alt-svc, x-ratelimit-remaining-hour
Connection: keep-alive
access-control-allow-credentials: true
x-ratelimit-remaining-hour: 0
CF-RAY: 6be5edd45a466b4e-AMS
ratelimit-remaining: 0
retry-after: 1082

OPTIONS
H/1.1 200
OK 185.232.23.181
free-geo-ip.p.rapidapi.com/json/ Frame 0
0 134ms
15ms Preflight
text/plain 52.59.69.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://free-geo-ip.p.rapidapi.com/json/185.232.23.181
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.69.103 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-69-103.eu-central-1.compute.amazonaws.com
Software: RapidAPI-1.2.8 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-rapidapi-host,x-rapidapi-key
Origin: https://www.fastcompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-rapidapi-host, x-rapidapi-key, x-mashape-host, x-mashape-key, x-mashape-authorization, x-rapidapi-authorization, x-requested-with
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, HEAD, OPTIONS
access-control-allow-origin: https://www.fastcompany.com
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, access-control-allow-origin, accept-ranges, age, allow, cache-control, connection, content-encoding, content-language, content-length, content-location, content-md5, content-disposition, content-range, content-type, date, etag, expires, last-modified, link, location, p3p, pragma, proxy-authenticate, refresh, retry-after, server, set-cookie, status, strict-transport-security, trailer, transfer-encoding, upgrade, vary, via, warning, www-authenticate, x-frame-options, public-key-pins, x-xss-protection, content-security-policy, x-content-security-policy, x-webkit-csp, x-content-type-options, x-powered-by, x-ua-compatible, x-rapidapi-region, x-rapidapi-version, access-control-allow-credentials, access-control-allow-headers, access-control-allow-methods
Content-Type: text/plain; charset=UTF-8
Date: Thu, 16 Dec 2021 06:41:58 GMT
Server: RapidAPI-1.2.8
X-RapidAPI-Region: AWS - eu-central-1
X-RapidAPI-Version: 1.2.8
Content-Length: 0
Connection: keep-alive

GET
H2 200 verify Show response
social.fastcompany.com/id/api/v1/identity/token/ 204 B
1 KB 255ms
150ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://social.fastcompany.com/id/api/v1/identity/token/verify?callback=jQuery1124006563504746326254_1639636918114&client_id=UnG6aKcRpu&site=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&_=1639636918115

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cf06aecbdd2c3a947b2dcd72fb12c481a92866dfe713da21c873d558ab39d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: Cyx374rFim9
pragma: no-cache
wn: prod-id-10-0-128-89
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials: true
server-time: 0.004
cf-ray: 6be5edd4095a83a2-MXP
access-control-allow-headers: origin, content-type, accept, authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 contextfeed.js Show response
www.dianomi.com/js/ 14 KB
5 KB 99ms
32ms Script
application/javascript 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/contextfeed.js?id=76

Requested by

Host: assets.fastcompany.com
URL: https://assets.fastcompany.com/_/fc/bundle/js/app.dc872e360e7420032cd2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99282042d21ad8f22797fd37b4fa6a9d8b0adc6365a06a188baa01fcd175de3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3533
vary: X-FORWARDED-PROTO, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Dec 2021 10:34:14 GMT
server: cloudflare
etag: W/"3837-5d32cd8ecabc2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 16 Dec 2021 10:41:58 GMT
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6be5edd3c93c4303-FRA
cf-bgj: minify

GET
H2 200 13-90704865-climate-techs-newest-unicorn.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/ 139 KB
140 KB 25ms
24ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/13-90704865-climate-techs-newest-unicorn.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: efca4fc416b47b9a37a89f2214b3e54c1834f2d8da355a9085b7a66617005c36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
cache-tag: 136868132885226118221167143322454293869,293137601249774324023011007318028844290,c6d09d6a2d1428f58e8cf68b8654cb10
status: 200 OK
content-disposition: inline; filename="13-90704865-climate-techs-newest-unicorn.webp"
server-timing: akam;dur=11;start=2021-12-10T12:19:15.035Z;total=672;desc=miss,rtt;dur=0
content-length: 142742
x-request-id: bf2668afbaab39760188ed268f313723
x-served-by: cache-bwi5132-BWI, cache-cdg20764-CDG
last-modified: Fri, 10 Dec 2021 12:19:16 GMT
server: nginx
x-timer: S1639636918.308897,VS0,VE1
etag: "111b933fa0fe16b2b4e3c0dcd52c1942"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 1, 1

GET
H2 200 248-MPP-ItBed.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/11/ 26 KB
26 KB 20ms
19ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/11/248-MPP-ItBed.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: debaef3c6a8ac393b781f40ea63a1ab0007f7fe4473256eb74d8ba63c38b2e15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
cache-tag: 102013077959565932784244681997494743313,293137601249774324023011007318028844290,c6d09d6a2d1428f58e8cf68b8654cb10
status: 200 OK
content-disposition: inline; filename="248-MPP-ItBed.webp"
server-timing: akam;dur=11;start=2021-12-07T12:25:08.706Z;total=715;desc=miss,rtt;dur=1
content-length: 26506
x-request-id: c1844ecf788626ce7c5b870168026984
x-served-by: cache-bwi5137-BWI, cache-cdg20764-CDG
last-modified: Tue, 07 Dec 2021 12:25:10 GMT
server: nginx
x-timer: S1639636918.309086,VS0,VE0
etag: "06048489e832f347a4161014a5171236"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 1, 3

GET
H2 200 p-1-cancer-killed-one-of-its-biggest-adversaries-his-company-is-fighting-to-live-on.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/ 45 KB
46 KB 19ms
18ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/p-1-cancer-killed-one-of-its-biggest-adversaries-his-company-is-fighting-to-live-on.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fd04a2d27eb8170902ec7da50b59db514132d90f9089743c72cf9352300bfb1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT
cache-tag: 66396004683053057804634193115044315501,293137601249774324023011007318028844290,c6d09d6a2d1428f58e8cf68b8654cb10
status: 200 OK
content-disposition: inline; filename="p-1-cancer-killed-one-of-its-biggest-adversaries-his-company-is-fighting-to-live-on.webp"
server-timing: akam;dur=7;start=2021-12-13T12:24:46.476Z;total=594;desc=miss,rtt;dur=1
content-length: 46538
x-request-id: 6e1d1b897b971d7d1e580e88a1477e5b
x-served-by: cache-bwi5149-BWI, cache-cdg20764-CDG
last-modified: Mon, 13 Dec 2021 12:24:48 GMT
server: nginx
x-timer: S1639636918.309263,VS0,VE0
etag: "ae7eae2111b9440a22d4f550432e3812"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 0, 3

GET
H2 200 p-2-%E2%80%98Bad-Blood%E2%80%99-and-%E2%80%98TrueAnon%E2%80%99-usher-in-the-courtroom-podcasting-era.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/ 226 KB
226 KB 38ms
37ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/p-2-%E2%80%98Bad-Blood%E2%80%99-and-%E2%80%98TrueAnon%E2%80%99-usher-in-the-courtroom-podcasting-era.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bfc47e7561c0c274ea616bcb3582cd40fa5484dfe09fed5255e4a6bee2f6bc07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
cache-tag: 32247633177532283713515844940333353624,293137601249774324023011007318028844290,c6d09d6a2d1428f58e8cf68b8654cb10
status: 200 OK
content-disposition: inline; filename="p-2-âBad-Bloodâ-and-âTrueAnonâ-usher-in-the-courtroom-podcasting-era.webp"
server-timing: akam;dur=7;start=2021-12-09T12:27:14.631Z;total=587;desc=miss,rtt;dur=1
content-length: 231040
x-request-id: ff30eb3292c9008634da5c22fbd83725
x-served-by: cache-bwi5156-BWI, cache-cdg20764-CDG
last-modified: Thu, 09 Dec 2021 12:27:16 GMT
server: nginx
x-timer: S1639636918.309379,VS0,VE1
etag: "bb6ffad28edb81571ba59173645bb23c"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557578
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 1, 1

GET
H2 200 p-1-analogue-pocket-review.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/ 40 KB
40 KB 25ms
24ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/p-1-analogue-pocket-review.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 945671d4dc34e18afb114fdc5387ec23addcb6d92a6ca15c74479f99c9f3dd94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
cache-tag: 178664717123089391925487537239131143941,293137601249774324023011007318028844290,c6d09d6a2d1428f58e8cf68b8654cb10
status: 200 OK
content-disposition: inline; filename="p-1-analogue-pocket-review.webp"
server-timing: akam;dur=7;start=2021-12-13T16:27:27.800Z;total=533;desc=miss,rtt;dur=0
content-length: 40908
x-request-id: 98299a1f8b8785b6b45afdf4c8930ade
x-served-by: cache-bwi5178-BWI, cache-cdg20764-CDG
last-modified: Mon, 13 Dec 2021 16:27:29 GMT
server: nginx
x-timer: S1639636918.309507,VS0,VE0
etag: "c50204f6cc5e884751cfb75649539ba4"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557545
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 2, 2

GET
H2 200 grifo-s-regular.woff2
images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/grifos/ 30 KB
30 KB 9ms
9ms Font
binary/octet-stream 151.101.1.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/grifos/grifo-s-regular.woff2
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e22558a838b33908a6db45eeeb1ed53ba63149f786312b4bacc60a4a49447a64

Request headers

Referer: https://www.fastcompany.com/
Origin: https://www.fastcompany.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-jpa-by: s3-redirect
x-by: 05d644beebe5ec4a1:s3-redirect
x-cache-hits: 1, 21
content-length: 30644
x-served-by: cache-bwi5171-BWI, cache-hhn4083-HHN
last-modified: Fri, 29 Oct 2021 21:19:55 GMT
server: nginx
x-timer: S1639636918.306010,VS0,VE0
etag: "aa5ea6a3cb1426e9ecf2fddf0f291f3e"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
expires: Mon, 10 Nov 2031 02:06:46 GMT

GET
H2 200 CentraNo2-Bold.woff2
images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/CentraNo2/ 28 KB
29 KB 10ms
10ms Font
binary/octet-stream 151.101.1.54
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/CentraNo2/CentraNo2-Bold.woff2
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: faf61edbc219208b68122c7c9ca8c3c6ebd70e80e3df10d5b3bd6bba3e685a16

Request headers

Referer: https://www.fastcompany.com/
Origin: https://www.fastcompany.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-jpa-by: s3-redirect
x-by: 0932149ecf23da196:s3-redirect
x-cache-hits: 1122, 21
content-length: 29024
x-served-by: cache-bwi5182-BWI, cache-hhn4083-HHN
last-modified: Tue, 27 Apr 2021 22:24:23 GMT
server: nginx
x-timer: S1639636918.306139,VS0,VE0
etag: "1cb0f86905e26d03b19da95e7b6b1ada"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
expires: Sun, 26 Oct 2031 06:24:51 GMT

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/142603/ 96 KB
13 KB 19ms
18ms Stylesheet
text/css 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/142603/connatix.playspace.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4788aa41e5c2baf4838e97c2be52a34ff91e535da3d352847ae0d3c1ec9cdcb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: br
last-modified: Wed, 15 Dec 2021 12:18:57 GMT
age: 66128
etag: "9c60cef97473b19be4f331527d232d62"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 13487

GET
H2 200 p-1-5-things-emotionally-intelligent-managers-do-differently.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/ 41 KB
41 KB 20ms
18ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/p-1-5-things-emotionally-intelligent-managers-do-differently.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 74635c9214796b900969a5efa786955bfff2b899d53c12da3a8c4e088f97bd5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
cache-tag: 100440637909959971578746004610126564809,293137601249774324023011007318028844290,c6d09d6a2d1428f58e8cf68b8654cb10
status: 200 OK
content-disposition: inline; filename="p-1-5-things-emotionally-intelligent-managers-do-differently.webp"
server-timing: akam;dur=10;start=2021-12-14T14:17:47.595Z;total=503;desc=miss,rtt;dur=0
content-length: 41704
x-request-id: 51c0a11ef2b712f4811cc180947d4586
x-served-by: cache-iad-kjyo7100168-IAD, cache-cdg20764-CDG
last-modified: Tue, 14 Dec 2021 14:17:49 GMT
server: nginx
x-timer: S1639636918.338384,VS0,VE0
etag: "365c317c8eddee3873715e2331bebd16"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 1, 3

GET
H2 200 p-1-anthony-fauci-hasnt-taken-a-day-off-in-20-months-heres-how-he-stays-so-productive.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/11/ 218 KB
218 KB 21ms
17ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/11/p-1-anthony-fauci-hasnt-taken-a-day-off-in-20-months-heres-how-he-stays-so-productive.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 19bff1a7a5abfbd9127f95b602b1e1caeb6782a77597b17463a4ffea812eb403

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
status: 200 OK
content-disposition: inline; filename="p-1-anthony-fauci-hasnt-taken-a-day-off-in-20-months-heres-how-he-stays-so-productive.webp"
server-timing: akam;dur=8;start=2021-11-30T12:21:56.710Z;total=695;desc=miss,rtt;dur=0
content-length: 223120
x-request-id: f296bc73ad191a9cd7c3b50948a48d0c
x-served-by: cache-bwi5131-BWI, cache-cdg20764-CDG
last-modified: Tue, 30 Nov 2021 12:21:58 GMT
server: nginx
x-timer: S1639636918.339459,VS0,VE1
etag: "0444074da96d1c2837d0df25848286d5"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 2, 1

GET
H2 200 p-1-New-Michael-Jordan-backed-social-platform-brings-blockchain-and-exclusive-membership-to-sports-fans.gif
images.fastcompany.net/image/upload/w_1280,f_jpg,q_auto,fl_lossy/wp-cms/uploads/2021/12/ 20 KB
20 KB 21ms
17ms Image
image/jpeg 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_jpg,q_auto,fl_lossy/wp-cms/uploads/2021/12/p-1-New-Michael-Jordan-backed-social-platform-brings-blockchain-and-exclusive-membership-to-sports-fans.gif
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9111f9606fe5e014690ea24dea49de57bbd16dbd8ce99cfcd465f0d7321fb808

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
cache-tag: 250675846900314947245648265963243987810,146070798085749018927587531033994609395,c6d09d6a2d1428f58e8cf68b8654cb10
status: 200 OK
server-timing: akam;dur=9;start=2021-12-15T15:45:26.550Z;total=1067;desc=miss,rtt;dur=0
content-length: 19986
x-request-id: e1a9c573e8e8be80ca8b27476ef149d9
x-served-by: cache-iad-kjyo7100136-IAD, cache-cdg20764-CDG
last-modified: Wed, 15 Dec 2021 15:45:28 GMT
server: nginx
x-timer: S1639636918.339592,VS0,VE0
etag: "163a3e38b6c93afcaab0bf9952ace9c1"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557591
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 3

GET
H2 200 p-1-90549066-new-whole-foods-and8216dark-storeand8217-reveals-the-future-of-retail-logistics.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2020/09/ 292 KB
293 KB 30ms
25ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2020/09/p-1-90549066-new-whole-foods-and8216dark-storeand8217-reveals-the-future-of-retail-logistics.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a5fa53c31459756c4d73ba15abedd5d78ef3022b0732452ea9dc78dc92d6bd3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
cache-tag: 87097033978086555957308067207281177567,293137601249774324023011007318028844290,c6d09d6a2d1428f58e8cf68b8654cb10
content-disposition: inline; filename="p-1-90549066-new-whole-foods-and8216dark-storeand8217-reveals-the-future-of-retail-logistics.webp"
server-timing: akam;dur=14;start=2021-12-10T13:11:01.983Z;total=134;desc=miss,rtt;dur=0
content-length: 299132
x-served-by: cache-bwi5173-BWI, cache-cdg20764-CDG
last-modified: Fri, 11 Sep 2020 10:10:33 GMT
server: nginx
x-timer: S1639636918.341364,VS0,VE1
etag: "267d681425794ae115bbf10b97612ab6"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557581
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 2, 1

GET
H2 200 p-1-10-ceos-share-the-books-theyre-giving-this-holiday-season.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/ 234 KB
235 KB 30ms
25ms Image
image/jpeg 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/p-1-10-ceos-share-the-books-theyre-giving-this-holiday-season.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a33c39403b15863c22c619d7c8ba08dd686f5dc3214bec6cf9ae4b103b840682

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
cache-tag: 74424445267111450339812364747836735061,293137601249774324023011007318028844290,c6d09d6a2d1428f58e8cf68b8654cb10
status: 200 OK
server-timing: akam;dur=13;start=2021-12-11T07:21:17.590Z;total=545;desc=miss,rtt;dur=0
content-length: 239626
x-request-id: 7693f08883b3697f64a76e32c9c87975
x-served-by: cache-bwi5145-BWI, cache-cdg20764-CDG
last-modified: Sat, 11 Dec 2021 07:21:19 GMT
server: nginx
x-timer: S1639636918.341486,VS0,VE1
etag: "48d6eee2f314a43bf52c182ab0624022"
vary: User-Agent
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 1, 1

GET
H2 200 p-1-90704698-these-ev-chargers-can-plug-in-anywhereand-help-back-up-the-electric-grid.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/ 113 KB
113 KB 26ms
21ms Image
image/jpeg 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/p-1-90704698-these-ev-chargers-can-plug-in-anywhereand-help-back-up-the-electric-grid.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f3618e20a8fd48c0843bf88807795b94e28be687e76234ef87e9a340ad92a6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
cache-tag: 68941254287764999197843892641555366583,293137601249774324023011007318028844290,c6d09d6a2d1428f58e8cf68b8654cb10
status: 200 OK
server-timing: akam;dur=10;start=2021-12-10T11:09:40.564Z;total=988;desc=miss,rtt;dur=0
content-length: 115511
x-request-id: 7e5c865aff61b0981ee6a5313421663d
x-served-by: cache-bwi5183-BWI, cache-cdg20764-CDG
last-modified: Fri, 10 Dec 2021 11:09:42 GMT
server: nginx
x-timer: S1639636918.341614,VS0,VE0
etag: "a569c39bf24facc3d6c3633691a83f99"
vary: User-Agent
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 2, 3

GET
H2 200 p-1-best-time-to-brainstorm.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2019/09/ 396 KB
397 KB 28ms
23ms Image
image/jpeg 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2019/09/p-1-best-time-to-brainstorm.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6351ed96f1727d7984f6b2389720effdce8e2a78b185929f580fa154e3b2e85d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
cache-tag: 48059073470691470310569433618391897537,293137601249774324023011007318028844290,c6d09d6a2d1428f58e8cf68b8654cb10
server-timing: akam;dur=9;start=2021-12-10T04:22:56.783Z;total=214;desc=miss,rtt;dur=0
content-length: 405976
x-served-by: cache-bwi5146-BWI, cache-cdg20764-CDG
last-modified: Thu, 12 Sep 2019 14:29:54 GMT
server: nginx
x-timer: S1639636918.341725,VS0,VE0
etag: "60ade2dea6a08fc7a4b8d2aec20fd7e4"
vary: User-Agent
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 1, 5155

GET
H2 200 p-1-90560948-this-116-year-old-restaurant-offers-lessons-to-ceos-about-balancing-efficiency-with-resilience.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2020/10/ 169 KB
169 KB 30ms
25ms Image
image/jpeg 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2020/10/p-1-90560948-this-116-year-old-restaurant-offers-lessons-to-ceos-about-balancing-efficiency-with-resilience.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 09112ca1f79cebdb30fd298aeb0f6affbff3c2d2e548b830c6fb4755921a8f76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
server-timing: akam;dur=5;start=2021-11-18T13:32:50.494Z;total=19;desc=miss,rtt;dur=0
content-length: 172562
x-served-by: cache-bwi5166-BWI, cache-cdg20764-CDG
last-modified: Wed, 07 Oct 2020 10:19:07 GMT
server: nginx
x-timer: S1639636918.343493,VS0,VE1
etag: "2f34f282cecec4afb0068a1c3ce2ccee"
vary: User-Agent
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31127910
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 1, 1

GET
H2 200 p-1-always-ask-these-8-questions-in-a-job-interview.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2018/09/ 29 KB
29 KB 30ms
25ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2018/09/p-1-always-ask-these-8-questions-in-a-job-interview.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 919428179d9276eb014bf47ab8bff6d5e43fd362b0abc88b85a76ade5eac99e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
content-disposition: inline; filename="p-1-always-ask-these-8-questions-in-a-job-interview.webp"
server-timing: akam;dur=35;start=2021-12-03T08:18:09.292Z;total=239;desc=miss,rtt;dur=15
content-length: 29766
x-served-by: cache-bwi5137-BWI, cache-cdg20764-CDG
last-modified: Fri, 21 Sep 2018 15:12:23 GMT
server: nginx
x-timer: S1639636918.343646,VS0,VE0
etag: "0d7c5c8762054f1cdd15ae763301c924"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 1, 3

GET
H2 200 p-1-This-is-what-makes-people-happy-at-work-according-to-science.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/ 26 KB
26 KB 30ms
25ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/p-1-This-is-what-makes-people-happy-at-work-according-to-science.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 370ab412490c9d807dc8641572963b1047194a4bc9b073adf56fbc14cae11b19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
cache-tag: 330446498696251413391557931109089359797,293137601249774324023011007318028844290,c6d09d6a2d1428f58e8cf68b8654cb10
status: 200 OK
content-disposition: inline; filename="p-1-This-is-what-makes-people-happy-at-work-according-to-science.webp"
server-timing: akam;dur=12;start=2021-12-10T07:19:22.260Z;total=539;desc=miss,rtt;dur=0
content-length: 26218
x-request-id: 008751a2936e5505fae3cb2cc577fb31
x-served-by: cache-bwi5168-BWI, cache-cdg20764-CDG
last-modified: Fri, 10 Dec 2021 07:19:23 GMT
server: nginx
x-timer: S1639636918.343743,VS0,VE0
etag: "041b2e3863b2b3b50d9bd1c4fdb5b3d1"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557589
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 2, 3

GET
H2 200 p-1-5-books-to-help-you-build-a-more-productive-and-profoundly-meaningful-life.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/ 109 KB
109 KB 48ms
43ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/p-1-5-books-to-help-you-build-a-more-productive-and-profoundly-meaningful-life.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b07d3bc08d7ec6e2f2580be298a0574b6e5ac937e68a9331e889aae9b10421b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
cache-tag: 25858829358124356908348779283149746410,293137601249774324023011007318028844290,c6d09d6a2d1428f58e8cf68b8654cb10
status: 200 OK
content-disposition: inline; filename="p-1-5-books-to-help-you-build-a-more-productive-and-profoundly-meaningful-life.webp"
server-timing: akam;dur=18;start=2021-12-12T10:48:25.545Z;total=605;desc=miss,rtt;dur=0
content-length: 111230
x-request-id: 1a4651220183ebc6e8548011204cde0c
x-served-by: cache-bwi5120-BWI, cache-cdg20764-CDG
last-modified: Sun, 12 Dec 2021 10:48:27 GMT
server: nginx
x-timer: S1639636918.355682,VS0,VE0
etag: "835955c59f6792d5afa15843119b050f"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 1, 4

GET
H2 200 p-1-sleep-hacks.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2019/09/ 262 KB
262 KB 52ms
48ms Image
image/jpeg 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2019/09/p-1-sleep-hacks.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 45c832f7484b64738dc321cf9c20955e64d67628c54b7e4fe6c11e106ea77757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
cache-tag: 197774853670186810494918819767358183300,293137601249774324023011007318028844290,c6d09d6a2d1428f58e8cf68b8654cb10
server-timing: akam;dur=5;start=2021-12-08T11:42:51.641Z;total=126;desc=miss,rtt;dur=0
content-length: 267846
x-served-by: cache-bwi5162-BWI, cache-cdg20764-CDG
last-modified: Tue, 03 Sep 2019 14:10:38 GMT
server: nginx
x-timer: S1639636918.355859,VS0,VE1
etag: "1ea7b5e2e1bb4a840fd5e1a935a0ed16"
vary: User-Agent
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 2, 1

GET
H2 200 p-1-adobe-creative-cloud-express-free-image-editing.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/ 160 KB
161 KB 53ms
48ms Image
image/jpeg 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/p-1-adobe-creative-cloud-express-free-image-editing.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3fc71af1dc8855d8ac82c0ab0ab91b162b3ffbdee5cb8aa2c678fe331405357

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
cache-tag: 213608836953974565466878917442172813152,293137601249774324023011007318028844290,c6d09d6a2d1428f58e8cf68b8654cb10
status: 200 OK
server-timing: akam;dur=635;start=2021-12-13T16:24:55.176Z;total=896;desc=miss,rtt;dur=0
content-length: 164228
x-request-id: 33df7226d4dea55dcdc7791ccd6db039
x-served-by: cache-bwi5152-BWI, cache-cdg20764-CDG
last-modified: Mon, 13 Dec 2021 16:24:56 GMT
server: nginx
x-timer: S1639636918.355954,VS0,VE1
etag: "a6d5c5fe0c5ce0e847b66d769b06203c"
vary: User-Agent
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 2, 1

GET
H2 200 MIC_2021_WEB_TopArt_Static-scaled.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/03/ 98 KB
98 KB 47ms
43ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/03/MIC_2021_WEB_TopArt_Static-scaled.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f1936f887184f37f43aec0e2e6277b4c999aebde238ae93b4e1bb1b1dfea707

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT, HIT
content-disposition: inline; filename="MIC_2021_WEB_TopArt_Static-scaled.webp"
server-timing: akam;dur=4;start=2021-11-23T11:27:18.496Z;total=101;desc=miss,rtt;dur=0
content-length: 100386
x-served-by: cache-bwi5121-BWI, cache-iad-kiad7000073-IAD, cache-cdg20764-CDG
last-modified: Tue, 09 Mar 2021 12:01:00 GMT
server: nginx
x-timer: S1639636918.356083,VS0,VE0
etag: "2105d1499f11fc1dff51ff32e0a7c996"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 1, 1, 3

GET
H2 200 p-01-90706115-razer-mask.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/ 232 KB
233 KB 52ms
48ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/p-01-90706115-razer-mask.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cd868fcc6e653b89958a2e3d372f5139b22e7721fcffa0a4e3ad60176cc68580

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
cache-tag: 136459126017652398576078933189713362990,293137601249774324023011007318028844290,c6d09d6a2d1428f58e8cf68b8654cb10
status: 200 OK
content-disposition: inline; filename="p-01-90706115-razer-mask.webp"
server-timing: akam;dur=11;start=2021-12-15T11:15:37.334Z;total=691;desc=miss,rtt;dur=0
content-length: 237726
x-request-id: 586ea84e247dd682e77c72c0c1ff7946
x-served-by: cache-iad-kjyo7100179-IAD, cache-cdg20764-CDG
last-modified: Wed, 15 Dec 2021 11:15:39 GMT
server: nginx
x-timer: S1639636918.356171,VS0,VE1
etag: "5649e6fe968ef3bca62ac5870723fb0a"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 1, 1

GET
H2 200 p-1-anxiety.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2019/09/ 34 KB
35 KB 47ms
43ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2019/09/p-1-anxiety.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 878f9629253a810cfdecd0871d3894dbedb835c417db3d0fc5ed8436965c8540

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT, HIT
cache-tag: 282552079836789497004405069122431189335,293137601249774324023011007318028844290,c6d09d6a2d1428f58e8cf68b8654cb10
content-disposition: inline; filename="p-1-anxiety.webp"
server-timing: akam;dur=6;start=2021-12-07T18:15:46.216Z;total=52;desc=miss,rtt;dur=1
content-length: 34946
x-served-by: cache-bwi5131-BWI, cache-iad-kcgs7200153-IAD, cache-cdg20764-CDG
last-modified: Fri, 06 Sep 2019 17:33:34 GMT
server: nginx
x-timer: S1639636918.356343,VS0,VE0
etag: "c57c30f3644d2e4cd76f2173f4dec32a"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 1, 1, 3

GET
H2 200 p-1-science-says-its-essential-to-make-time-to-do-nothing-heres-why.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/ 66 KB
67 KB 52ms
48ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/p-1-science-says-its-essential-to-make-time-to-do-nothing-heres-why.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9dfcafa083485c01a903ced1e72b267a508cbd7da22dc06a5c091ae36f2e1418

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
status: 200 OK
content-disposition: inline; filename="p-1-science-says-its-essential-to-make-time-to-do-nothing-heres-why.webp"
server-timing: akam;dur=16;start=2021-12-04T07:18:11.460Z;total=519;desc=miss,rtt;dur=0
content-length: 67932
x-request-id: 58741777db822274d86989cfe59cfd78
x-served-by: cache-bwi5153-BWI, cache-cdg20764-CDG
last-modified: Sat, 04 Dec 2021 07:18:12 GMT
server: nginx
x-timer: S1639636918.356514,VS0,VE0
etag: "1ce6cb34eb1915efa1f54fc697428bad"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 1, 3

GET
H2 200 p-1-How-Patagonia-CEO-Ryan-Gellert-is-evolving-the-companys-mission.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/ 200 KB
200 KB 51ms
47ms Image
image/jpeg 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/p-1-How-Patagonia-CEO-Ryan-Gellert-is-evolving-the-companys-mission.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 707f8a3c7623661747582ec16c56b95c7d9e4f0f77a62627e5114a16fcb00827

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
status: 200 OK
server-timing: akam;dur=5;start=2021-12-06T11:15:07.135Z;total=476;desc=miss,rtt;dur=16
content-length: 204418
x-request-id: 641e3633c518cad2c4b94455b77efb2e
x-served-by: cache-bwi5144-BWI, cache-cdg20764-CDG
last-modified: Mon, 06 Dec 2021 11:15:08 GMT
server: nginx
x-timer: S1639636918.356523,VS0,VE1
etag: "37b9e4c33480e886d79bbefea361fe6a"
vary: User-Agent
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 1, 1

GET
H2 200 p-1-holiday-shopping-on-a-budget-we-found-50-great-gifts-under-50-dollars-holiday-gift-guide-2021-90695453-otherland-alpine-crystal.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/ 163 KB
163 KB 51ms
47ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/p-1-holiday-shopping-on-a-budget-we-found-50-great-gifts-under-50-dollars-holiday-gift-guide-2021-90695453-otherland-alpine-crystal.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2e33c28371543f0fcdb299d4c23e5a1ec87bc8f2a198944c4e02a08dd10a4231

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
status: 200 OK
content-disposition: inline; filename="p-1-holiday-shopping-on-a-budget-we-found-50-great-gifts-under-50-dollars-holiday-gift-guide-2021-90695453-otherland-alpine-crystal.webp"
server-timing: akam;dur=9;start=2021-12-04T01:00:27.570Z;total=693;desc=miss,rtt;dur=0
content-length: 166600
x-request-id: 775794c61e9720589484bffdc9400769
x-served-by: cache-bwi5126-BWI, cache-cdg20764-CDG
last-modified: Sat, 04 Dec 2021 01:00:29 GMT
server: nginx
x-timer: S1639636918.356639,VS0,VE1
etag: "bb7d30b38e1faaeb0825122560cb777a"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557544
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 1, 1

GET
H2 200 p-2-what-to-do-when-youre-stuck-in-your-senior-level-job.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2018/01/ 73 KB
74 KB 50ms
47ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2018/01/p-2-what-to-do-when-youre-stuck-in-your-senior-level-job.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b96913ee642ed37a800d85bf41ea8a92b4d5934360603b1dc302a867451697cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
content-disposition: inline; filename="p-2-what-to-do-when-youre-stuck-in-your-senior-level-job.webp"
server-timing: akam;dur=8;start=2021-12-04T17:51:33.792Z;total=135;desc=miss,rtt;dur=4
content-length: 75066
x-served-by: cache-bwi5159-BWI, cache-cdg20764-CDG
last-modified: Tue, 30 Jan 2018 13:17:40 GMT
server: nginx
x-timer: S1639636918.357059,VS0,VE0
etag: "0759bbba93eaa1a2866175be1bec6d02"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 1, 3

GET
H2 200 p-1-we-surveyed-6000-employees-about-the-future-of-work-heres-what-they-.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/ 126 KB
126 KB 50ms
47ms Image
image/jpeg 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/p-1-we-surveyed-6000-employees-about-the-future-of-work-heres-what-they-.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0b34ab9037ad0d7d67f507acf2156d95f911382bcfde0e59175a704eab1add5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
cache-tag: 22572372983934657355240345402443427539,293137601249774324023011007318028844290,c6d09d6a2d1428f58e8cf68b8654cb10
status: 200 OK
server-timing: akam;dur=5;start=2021-12-11T09:12:45.403Z;total=393;desc=miss,rtt;dur=7
content-length: 128832
x-request-id: 73e75da986d6292178fbaa677a52a1ec
x-served-by: cache-bwi5138-BWI, cache-cdg20764-CDG
last-modified: Sat, 11 Dec 2021 09:12:46 GMT
server: nginx
x-timer: S1639636918.357196,VS0,VE1
etag: "7a66872b6f5c5fc6512e8d1add5cae76"
vary: User-Agent
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 1, 1

GET
H2 200 3055931-poster-p-1-what-are-some-of-the-biggest-mistakes-that-great-employees-make.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/fc/ 53 KB
53 KB 50ms
47ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/fc/3055931-poster-p-1-what-are-some-of-the-biggest-mistakes-that-great-employees-make.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2504606d5870ebefbe9361b2ba7ef265cf1ce3ad28965c91435493c73f7c3dc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
cache-tag: 93350352044992297804510057706634641823,293137601249774324023011007318028844290,c6d09d6a2d1428f58e8cf68b8654cb10
content-disposition: inline; filename="3055931-poster-p-1-what-are-some-of-the-biggest-mistakes-that-great-employees-make.webp"
server-timing: akam;dur=109;start=2021-12-11T14:13:58.079Z;total=179;desc=miss,rtt;dur=7
content-length: 53996
x-served-by: cache-bwi5152-BWI, cache-cdg20764-CDG
last-modified: Fri, 30 Jun 2017 22:07:29 GMT
server: nginx
x-timer: S1639636918.357313,VS0,VE0
etag: "dcde4fdddab2f940bcc6e88bd1809286"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 2, 3

GET
H2 200 p-2-projector.gif
images.fastcompany.net/image/upload/w_1280,f_jpg,q_auto,fl_lossy/wp-cms/uploads/2018/08/ 109 KB
109 KB 49ms
47ms Image
image/jpeg 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_jpg,q_auto,fl_lossy/wp-cms/uploads/2018/08/p-2-projector.gif
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 477f8ef505240318ae75eaa55725cb9bb805d8ea636fb1b3152f0a40bfcaccce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
cache-tag: 22557450964137928341853818644156942050,146070798085749018927587531033994609395,c6d09d6a2d1428f58e8cf68b8654cb10
server-timing: akam;dur=8;start=2021-12-11T11:56:48.080Z;total=145;desc=miss,rtt;dur=0
content-length: 111486
x-served-by: cache-bwi5177-BWI, cache-cdg20764-CDG
last-modified: Tue, 21 Aug 2018 15:02:53 GMT
server: nginx
x-timer: S1639636918.357433,VS0,VE0
etag: "6a5059c4bb52c40a4fa447d89601d283"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557543
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 3

GET
H2 200 p-1-ageism.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2019/09/ 50 KB
51 KB 49ms
46ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2019/09/p-1-ageism.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ebf673755129d06ecaef7ada40d2b4209f3ae4bf0a24985ef65f0a98335d698a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
content-disposition: inline; filename="p-1-ageism.webp"
server-timing: akam;dur=12;start=2021-11-25T22:47:15.816Z;total=76;desc=miss,rtt;dur=0
content-length: 51456
x-served-by: cache-bwi5137-BWI, cache-cdg20764-CDG
last-modified: Tue, 10 Sep 2019 14:05:34 GMT
server: nginx
x-timer: S1639636918.357536,VS0,VE0
etag: "3e6e97a09a5512a8f31c5537d3b6f1b5"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 2, 3

GET
H2 200 p-1-your-quitting-employees-are-waking-up-to-this-one-missing-part-of-work.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/10/ 214 KB
214 KB 54ms
51ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/10/p-1-your-quitting-employees-are-waking-up-to-this-one-missing-part-of-work.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 50dd3d6104eaa4aa6bc655ff90274b508692f271a5fdc954b3ac7019df82eaed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
content-disposition: inline; filename="p-1-your-quitting-employees-are-waking-up-to-this-one-missing-part-of-work.webp"
server-timing: akam;dur=6;start=2021-12-03T17:56:45.533Z;total=188;desc=miss,rtt;dur=16
content-length: 219174
x-served-by: cache-bwi5152-BWI, cache-cdg20764-CDG
last-modified: Tue, 19 Oct 2021 15:26:00 GMT
server: nginx
x-timer: S1639636918.357644,VS0,VE1
etag: "fe71f7ce7898302ad0996607c1ed7708"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557543
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 1, 1

GET
H2 200 p-1-best-zoom-apps-warmly-circle-krisp.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/08/ 354 KB
355 KB 53ms
51ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/08/p-1-best-zoom-apps-warmly-circle-krisp.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4de104a1863c3e4e945714f8180f45c1bd0c383042789fc4cdf8a005f35f04c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
cache-tag: 33492939515519002424790799262749266274,293137601249774324023011007318028844290,c6d09d6a2d1428f58e8cf68b8654cb10
content-disposition: inline; filename="p-1-best-zoom-apps-warmly-circle-krisp.webp"
server-timing: akam;dur=11;start=2021-12-07T14:08:30.767Z;total=161;desc=miss,rtt;dur=0
content-length: 362544
x-served-by: cache-bwi5125-BWI, cache-cdg20764-CDG
last-modified: Wed, 18 Aug 2021 10:26:54 GMT
server: nginx
x-timer: S1639636918.357763,VS0,VE1
etag: "b63a0c6c1d85756cd0b9c49baf474d17"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 1, 1

GET
H2 200 p-1-procrastinators.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2019/08/ 49 KB
49 KB 48ms
46ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2019/08/p-1-procrastinators.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e8e948b01f4bd12d7a0097908e78e786a0b8c33c00c8bdedd13bc9c4d18f006d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
content-disposition: inline; filename="p-1-procrastinators.webp"
server-timing: akam;dur=3;start=2021-11-23T08:54:21.907Z;total=106;desc=miss,rtt;dur=0
content-length: 49674
x-served-by: cache-bwi5182-BWI, cache-cdg20764-CDG
last-modified: Wed, 28 Aug 2019 11:08:53 GMT
server: nginx
x-timer: S1639636918.357853,VS0,VE0
etag: "33531ab57a462bd2e6768160e5121d08"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557586
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 3, 2

GET
H2 200 p-1-this-type-of-unspoken-workplace-bias-can-drive-your-employees-to-quit.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/11/ 204 KB
204 KB 53ms
51ms Image
image/jpeg 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/11/p-1-this-type-of-unspoken-workplace-bias-can-drive-your-employees-to-quit.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fb954c0d1e6aa7e64cee452d5e6489704c907ef80ae59743d3a5fc8a5f038ecb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
server-timing: akam;dur=10;start=2021-11-23T17:21:06.495Z;total=132;desc=miss,rtt;dur=1
content-length: 208544
x-served-by: cache-bwi5166-BWI, cache-cdg20764-CDG
last-modified: Fri, 05 Nov 2021 13:19:29 GMT
server: nginx
x-timer: S1639636918.357992,VS0,VE1
etag: "328f929f7abac8021d8058146374013f"
vary: User-Agent
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557543
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 1, 1

GET
H2 200 p-1-90705673-this-mask-glows-if-you-have-covid.jpg
images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/ 109 KB
109 KB 48ms
46ms Image
image/webp 151.101.129.54
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.fastcompany.net/image/upload/w_1280,f_auto,q_auto,fl_lossy/wp-cms/uploads/2021/12/p-1-90705673-this-mask-glows-if-you-have-covid.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.54 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e060eb764ea2f0e7faef729610d369184becf17a12c1b0bb0cf6a9d2920a323

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
cache-tag: 254583768011426305038473122870365643371,293137601249774324023011007318028844290,c6d09d6a2d1428f58e8cf68b8654cb10
status: 200 OK
content-disposition: inline; filename="p-1-90705673-this-mask-glows-if-you-have-covid.webp"
server-timing: akam;dur=14;start=2021-12-13T16:48:30.336Z;total=919;desc=miss,rtt;dur=0
content-length: 111356
x-request-id: 60bb8dd0de5f776cdb782ad041d45c92
x-served-by: cache-bwi5125-BWI, cache-cdg20764-CDG
last-modified: Mon, 13 Dec 2021 16:48:32 GMT
server: nginx
x-timer: S1639636918.358067,VS0,VE0
etag: "df5b14db206cbdec8399f735c95e02b4"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cld-vary: User-Agent
x-cache-hits: 2, 2

GET
H/1.1 200
OK widget_iframe.21f942bb866c2823339b839747a0c50c.html Show response
platform.twitter.com/widgets/ Frame 6CA9 319 KB
103 KB 45ms
45ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.fastcompany.com
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF2) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 555336
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 16 Dec 2021 06:41:58 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Dec 2021 21:34:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CF2)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 sp-2.9.1.js Show response
cdn.keywee.co/dist/ 75 KB
26 KB 25ms
24ms Script
application/x-javascript 2600:9000:2315:4200:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/dist/sp-2.9.1.js
Requested by: Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:4200:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 02:25:59 GMT
content-encoding: gzip
last-modified: Sun, 14 Oct 2018 12:37:03 GMT
server: AmazonS3
age: 27317759
etag: W/"e0e6c30dc2f18c8cee12448a4cbb07eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: eQx58O9kmCWnnG03qAAu88arRofVkDW6_4i9bMpNOTB6p7FMk_z5dg==

GET
H3 200 1132775723789114 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 16ms
16ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1132775723789114?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d331ded8cd529e1c897ac702577f7d6b75cf2ce508627013c34f8d86da42c082

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88919
x-xss-protection: 0
pragma: public
x-fb-debug: aLeSCYrVBnYcCy+ieUGHsH87Qw0Vig9mA1+puo7LHYOMVrhjM5Ob+qCo/ly5so8IPu3okJ0pCDhpfP93hJCDcA==
x-frame-options: DENY
date: Thu, 16 Dec 2021 06:41:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 euconsent Show response
api.conversant.mgr.consensu.org/ 105 B
296 B 177ms
61ms XHR
application/json 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.conversant.mgr.consensu.org/euconsent?configId=10172&cmpVersion=3.5.0&c=73226209050
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: d2d79864ba5afbbf1316cff0cb537f5443e5ef26dee365c4c12f04c6e02c454f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.fastcompany.com
date: Thu, 16 Dec 2021 06:41:58 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: nginx
vary: Origin
content-type: application/json

GET
H2 200 / Show response
ct.pinterest.com/user/ 520 B
859 B 66ms
36ms XHR
application/json 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613508785281&cb=1639636918402

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

cd80ae8e3e2bda63c74d0584cc96aa28d5a54b7a7384ff046ed4082c3d642f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.8499645f.1639636918.ca637e7
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1687812768793718
pin-unauth: dWlkPVptRTBaREJrTUdRdE9XWXlOQzAwWmpOakxUZ3hNR1l0Wm1WaU5UTTRNRFpoWmpoaQ
access-control-allow-origin: https://www.fastcompany.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 375
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
332 B 68ms
40ms Image
image/gif 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613508785281&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%226ae4a9fc%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1639636918403

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:41:58 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.8499645f.1639636918.ca637f1
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1812871592372124
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 69ms
40ms Image
image/gif 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:41:58 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.8499645f.1639636918.ca637f7
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1831592066021130
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
496 B 42ms
42ms XHR
text/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3316&u=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&pid=B52LyvJAM4wmw&cb=2&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%22bling-8%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F4160%2Fmv.fc%2Fnews%2Fmisc%2Fflexibleportrait%22%7D%5D&cfgv=1&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.210.175 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-210-175.fra56.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 bafba29f1325f15932567e0ae2d444a5.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: 92CB1M8BZX3CFSHXV72T
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.fastcompany.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 9fPYqZRM1k0_uRusiiHdPKZXTPCJxTbaLzQn1fHPVrW9ZKPIk1h54g==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
495 B 43ms
42ms XHR
text/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3316&u=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&pid=B52LyvJAM4wmw&cb=3&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%22bling-9%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F4160%2Fmv.fc%2Fnews%2Fmisc%2Fflexibleportrait%22%7D%5D&cfgv=1&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.210.175 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-210-175.fra56.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 bafba29f1325f15932567e0ae2d444a5.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: 3N78G1Q68PZA6K52PXZS
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.fastcompany.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: cKWZtaaOPlIRuvZoQdBdQs9ozt2H14BDLSQMsjDD0I9XSwPnGGyJ3A==

GET
H2 200 wI8noHXzEeaNTwpVuA4vVw.json Show response
entitlements.jwplayer.com/ 69 B
245 B 101ms
8ms XHR
application/json 152.199.22.243
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://entitlements.jwplayer.com/wI8noHXzEeaNTwpVuA4vVw.json
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/MyQ2uJQ0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2EF) /
Resource Hash: 5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
last-modified: Thu, 16 Dec 2021 06:07:30 GMT
server: ECAcc (frd/E2EF)
age: 2068
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800, s-maxage=13920
accept-ranges: bytes
content-length: 75

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 375 KB
124 KB 47ms
22ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/MyQ2uJQ0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126523
x-xss-protection: 0
expires: Thu, 16 Dec 2021 06:41:58 GMT

GET
H2 200 wI8noHXzEeaNTwpVuA4vVw.json Show response
entitlements.jwplayer.com/ 69 B
115 B 103ms
10ms XHR
application/json 152.199.22.243
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://entitlements.jwplayer.com/wI8noHXzEeaNTwpVuA4vVw.json
Requested by: Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/MyQ2uJQ0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2EF) /
Resource Hash: 5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
last-modified: Thu, 16 Dec 2021 06:07:30 GMT
server: ECAcc (frd/E2EF)
age: 2068
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800, s-maxage=13920
accept-ranges: bytes
content-length: 75

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 72 KB
23 KB 12ms
12ms Script
application/x-javascript 2a02:26f0:fb:59f::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59f::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0e8bf134f3868616881452cad899021e5aae5a5d9e728324eb4506c7dc424828

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:41:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Dec 2021 07:11:25 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22988
Expires: Thu, 16 Dec 2021 07:41:58 GMT

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/252af0a6-c9ae-4612-9dbe-5d1552fad623/ Frame C022 750 KB
157 KB 38ms
38ms Script
application/javascript 2606:4700::6810:4fa5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/252af0a6-c9ae-4612-9dbe-5d1552fad623/user.js?cb=637752144136614579
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/252af0a6-c9ae-4612-9dbe-5d1552fad623/lightbox.js?mb=1639636918230&lv=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42f1ae0c5a003efd71612bc59cabb0bfdf32d8ff1b24383d9f28a11207971343

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: /8kVlfst2ftqx+RGA3UKDg==
age: 18412
cf-polished: origSize=1266814
last-modified: Tue, 09 Nov 2021 17:29:52 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 827c3cd2-901e-002e-641d-f298f7000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 6be5edd46ed483b8-MXP
expires: Fri, 16 Dec 2022 06:41:58 GMT

GET
H/1.1 200 scriptloaded Show response
be.durationmedia.net/ 61 B
671 B 2959ms
105ms Fetch
application/json 3.215.137.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://be.durationmedia.net/scriptloaded?siteId=10444

Requested by

Host: tag.durationmedia.net
URL: https://tag.durationmedia.net/sites/10444/dm.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.215.137.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-137-103.compute-1.amazonaws.com

Software

Resource Hash

9903035e5b61b366e5709819a66349add4a4d132af460c00dc37babc30774ebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 06:42:01 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Content-Type: application/json
Access-Control-Allow-Origin: https://www.fastcompany.com
Access-Control-Expose-Headers: Authorization
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Length: 61
X-XSS-Protection: 1; mode=block
Expires: 0

POST
H/1.1 200
OK story Show response
capi.connatix.com/core/ Frame C421 13 KB
6 KB 545ms
137ms XHR
application/x-protobuf 3.13.126.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=142603
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.126.66 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-126-66.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 7f43afa4e70ae8c2ebf2e05c8a93418a2be21c03d7d6a4d07c3449af23c04db7

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fastcompany.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 5766

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/972240864/ 2 KB
1 KB 35ms
18ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/972240864/?random=1639636918496&cv=9&fst=1639636918496&num=1&label=bcfgCMbv9bYBEODvzM8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3DMV%20Landing%20Page%20View%3Bevent_category%3DPage%20view&frm=0&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&tiba=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&auid=209208355.1639636918&capi=1&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

2ffef22f04fdd1d2f7380e3f54a10f0b74de79f7dc9595ada8181632fd0e40ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
972240864.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/972240864/ 0
0 111ms
18ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://972240864.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/972240864/?random=1639636918496&cv=9&fst=1639636918496&num=1&fmt=3&label=bcfgCMbv9bYBEODvzM8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3DMV%20Landing%20Page%20View%3Bevent_category%3DPage%20view&frm=0&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&tiba=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&auid=209208355.1639636918&capi=1&hn=www.googleadservices.com&async=1
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975200100/ 3 KB
2 KB 45ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975200100/?random=1639636918508&cv=9&fst=1639636918508&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3DMV%20Landing%20Page%20View%3Bevent_category%3DPage%20view&frm=0&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&tiba=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d08193db830aa9971dba641bea506d3ca9f8f8dde6ca83ccbe88e18806020812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1156
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

0wANTenf-120.vtt Show response
assets-jpcust.jwpsrv.com/strips/
Redirect Chain

https://content.jwplatform.com/strips/0wANTenf-120.vtt
https://assets-jpcust.jwpsrv.com/strips/0wANTenf-120.vtt

5 KB
1 KB

173ms
116ms

XHR
text/vtt

2a04:4e42:400::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-jpcust.jwpsrv.com/strips/0wANTenf-120.vtt
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Server: 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c3b201a34cad7b7b9f6afc76ab11e7ca5a9aae4e136c7445b99e93458d94265e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
age: 331
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 889
x-served-by: cache-iad-kiad7000090-IAD, cache-mxp6958-MXP
access-control-allow-origin: *
last-modified: Tue, 14 Dec 2021 16:44:30 GMT
server: nginx
x-timer: S1639636919.769214,VS0,VE99
etag: "5c8434124a492d990f1655da4ec1d27e"
vary: Accept-Encoding
content-type: text/vtt
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 1, 1

Redirect headers

date: Thu, 16 Dec 2021 06:41:30 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
server: openresty
age: 28
location: https://assets-jpcust.jwpsrv.com/strips/0wANTenf-120.vtt
x-cache: Hit from cloudfront
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
content-length: 166
x-amz-cf-id: ku25Yj7QTy2OB5xoKOMgx9gaXHi-DKcZ3CmmFklLBi9c8uCrAeP0Zg==

GET
H2 200 related.js Show response
ssl.p.jwpcdn.com/player/v/8.24.0-beta.2/ 110 KB
25 KB 18ms
18ms Script
application/javascript 2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.24.0-beta.2/related.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 084e20df6f5b1d9852ae7794dab6db7a1bc2633287d820e90cfc282a72dc31ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
age: 649048
x-cache: HIT
content-length: 25344
via: 1.1 varnish
x-served-by: cache-mxp6922-MXP
last-modified: Mon, 06 Dec 2021 20:07:20 GMT
server: AmazonS3
x-timer: S1639636919.588091,VS0,VE0
etag: "18687e67d32da5030080087b2a05370f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1108

GET
H2 200 0wANTenf.m3u8 Show response
content.jwplatform.com/manifests/ 1 KB
800 B 12ms
12ms XHR
application/vnd.apple.mpegurl 2600:9000:2156:0:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.jwplatform.com/manifests/0wANTenf.m3u8
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.24.0-beta.2/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 87bb06da8eea788a075fc009fbbaa37c1ea444bb52b5bb542da45f5bce976731

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:30 GMT
content-encoding: gzip
server: openresty
age: 28
x-cache: Hit from cloudfront
content-type: application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, max-stale=180
x-amz-cf-pop: FRA50-C1
content-length: 432
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
x-amz-cf-id: PXfon6OFVAIFdjS0Wt1biRPzdL_2pgoPRt7kqZTNDjlFsV0B2eZk1A==
expires: Thu, 16 Dec 2021 06:51:30 GMT

GET
H2

200

lfh2epyx-480.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://cdn.jwplayer.com/v2/media/0wANTenf/poster.jpg?width=480
https://assets-jpcust.jwpsrv.com/thumbnails/lfh2epyx-480.jpg

39 KB
39 KB

19ms
19ms

Image
image/jpeg

2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/lfh2epyx-480.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 77226f2ff650ca5ca2b5a8c78758e5ae4114dee7b11731cd8b92af0d6b63dc1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
age: 778
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 39512
x-served-by: cache-iad-kiad7000102-IAD, cache-mxp6922-MXP
access-control-allow-origin: *
last-modified: Tue, 14 Dec 2021 19:26:56 GMT
server: nginx
x-timer: S1639636919.848504,VS0,VE1
etag: "29cc32ee0bc5de01db5854ab9046335e"
vary: Accept-Encoding
content-type: image/jpeg
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 1, 1

Redirect headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA53-C1
location: https://assets-jpcust.jwpsrv.com/thumbnails/lfh2epyx-480.jpg
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-cache: Miss from cloudfront
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
content-length: 0
x-amz-cf-id: vThdaEXcYTxQIZgTd3TPiYATLHzOpQFnC7jVOmcdqNYAm9zN3Av2Sw==

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
274 B 58ms
36ms XHR
text/plain 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/md/

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.fastcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:41:58 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.8499645f.1639636918.ca639fc
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1921520173199335
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 context.pl Show response
www.dianomi.com/cgi-bin/ 363 B
373 B 39ms
39ms XHR
application/json 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/context.pl?id=76&h=www.fastcompany.com&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js?id=76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e326899a53e5d0f9a15201377e21f413a843b691f6c0004a8a06915efacda4b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: https://www.fastcompany.com
cache-control: no-store
access-control-allow-credentials: true
cf-ray: 6be5edd55c2d4303-FRA
vary: X-FORWARDED-PROTO
x-xss-protection: 1; mode=block

GET
H2 200 vendor-list.json Show response
cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/ 297 KB
38 KB 29ms
9ms XHR
application/json 104.92.84.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/vendor-list.json
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.84.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-84-47.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a24849a385cc8c2e75bcd6a6cd2530d7d867ee28ae27aa89cd5b48f7403e8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 16:15:01 GMT
server: Apache
etag: "4a411-5d2b8e8973cc6-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 38256

GET
H2 200 i
pixel.keywee.co/ 43 B
294 B 386ms
101ms Image
image/gif 54.167.42.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.keywee.co/i?stm=1639636918660&e=pv&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&page=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&tv=js-2.9.1&tna=cf&aid=1084&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&f_passive=1&f_wheel=wheel&eid=101ee1ee-c58d-437c-8720-5564d7b44222&dtm=1639636918659&vp=1600x1200&ds=1600x8110&vid=1&sid=d97cd89f-fc54-4097-b877-289600e7ff2d&duid=579f1021-5105-4f59-8e3c-82604c1fcc2b&fp=401617179

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.167.42.48 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-167-42-48.compute-1.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

status: 200 OK
date: Thu, 16 Dec 2021 06:41:58 GMT
x-content-type-options: nosniff
server: nginx/1.21.3
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 19ms
19ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1132775723789114&ev=KWCEPV&dl=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&rl=&if=false&ts=1639636918663&cd[noad30]=1&cd[noadcm]=1&cd[nokart]=0&cd[pvps]=1&cd[slensec]=0&cd[ar30d]=1&cd[arcm]=1&cd[kar30d]=0&cd[karcm]=0&cd[ts30d]=0&cd[tscm]=0&cd[kru]=0&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1639636917873.1839813914&it=1639636917342&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=2&exp=p0&rqm=GET

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 16 Dec 2021 06:41:58 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 20ms
20ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1132775723789114&ev=PageView&dl=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&rl=&if=false&ts=1639636918664&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1639636917873.1839813914&it=1639636917342&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&exp=p0&rqm=GET

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 16 Dec 2021 06:41:58 GMT

GET
H2 200 dianomi-context.css
www.dianomi.com/partner/dianomi/css/ 169 B
254 B 46ms
45ms Stylesheet
text/css 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/partner/dianomi/css/dianomi-context.css?v=1.1

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5307
cf-polished: origSize=199
last-modified: Mon, 21 Jan 2019 12:43:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"c7-57ff735ded940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6be5edd5edd34303-FRA
expires: Thu, 16 Dec 2021 10:41:58 GMT

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame D0B3 7 KB
2 KB 116ms
115ms Document
text/html 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=5350&num_ads=4&cf=1061.76.FC&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&unitId=dianomi-5350-YbrftozT8yT5XFAegmU7rgAAABc0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c91c8973b457262e8de72498e2c1b39d2b4d904368e7717fcec1310ab0693326

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
vary: X-FORWARDED-PROTO
expires: now
pragma: no-cache
cache-control: no-cache,no-store,private
link: </img/a/pss/2896/62.css>;rel=preload;as=style
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6be5edd5eddf4303-FRA
content-encoding: br
cf-h2-pushed: </img/a/pss/2896/62.css>

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ 1 KB
1 KB 29ms
28ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24250
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 15 Jan 2022 16:41:58 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6be5edd5ede34303-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 pixeltrack.pl
www.dianomi.com/cgi-bin/ 77 B
260 B 46ms
45ms Image
image/gif 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=1061.76.FC&geo_ccod=de

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 77
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 6be5edd5ede74303-FRA
expires: Wed, 15 Dec 2021 06:41:58 GMT

GET
H2 200 0wANTenf-27530285.mp4.m3u8 Show response
videos-cloudflare.jwpsrv.com/61bb885a_eded6e769850fd75da5d0ec3f57a46a7571844d4/content/conversions/i8Y1n2VZ/videos/ 2 KB
3 KB 130ms
32ms XHR
application/x-mpegurl 2606:4700::6812:da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-cloudflare.jwpsrv.com/61bb885a_eded6e769850fd75da5d0ec3f57a46a7571844d4/content/conversions/i8Y1n2VZ/videos/0wANTenf-27530285.mp4.m3u8
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.24.0-beta.2/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3fb6ccf49f718973e0c4d43d947358d59d6b34f828318798021c7037491502d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
x-backend: https://s3-external-1.amazonaws.com
age: 39259
x-cache: HIT, HIT
fastly-stats: otfp=1
x-served-by: cache-iad-kcgs7200065-IAD, cache-mxp6956-MXP
server: cloudflare
x-timer: S1639597659.305771,VS0,VE1
etag: W/"l3ucXCDYhkIkQyhXt0-1Ei2YEGXuxtib88h6VlE_B4ycWEy6K2xaDI0B8kRJvvi-xUqr_APs18WGlwfJAD0w0vA3uA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-mpegurl
access-control-allow-origin: *
cf-ray: 6be5edd69e1d59b9-MXP
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

POST
H3 200 / Show response
www.facebook.com/tr/ Frame A8C8 0
15 B 19ms
19ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.fastcompany.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.fastcompany.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Thu, 16 Dec 2021 06:41:58 GMT

GET
H3 200 bridge3.493.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C6B4 598 KB
194 KB 24ms
8ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198942
date: Wed, 15 Dec 2021 00:48:04 GMT
expires: Thu, 15 Dec 2022 00:48:04 GMT
last-modified: Wed, 15 Dec 2021 00:41:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 107634
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 43ms
16ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 16 Dec 2021 06:41:58 GMT

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 28ms
28ms Stylesheet
text/css 2606:4700::6810:4fa5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637720757925369767
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 533791
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: 4b0f4b3b-e01e-004c-4feb-e7df2f000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 6be5edd659cd83b8-MXP
expires: Fri, 16 Dec 2022 06:41:58 GMT

GET
H/1.1 200
OK z Show response
lightboxapi.azurewebsites.net/z9gd/41907/www.fastcompany.com/jsonp/ 377 B
635 B 1424ms
128ms Script
application/javascript 20.40.202.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi.azurewebsites.net/z9gd/41907/www.fastcompany.com/jsonp/z?cb=1639636918776&callback=jQuery17107403021627836044_1639636918756&_=1639636918777
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/252af0a6-c9ae-4612-9dbe-5d1552fad623/user.js?cb=637752144136614579
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1ba0a6c58a2b1914e0bc588b8cfe1fcfee3b51ea11c4bf7ac5dc4f66ad48d75a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:41:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
260 B 25ms
25ms Image
image/gif 2606:4700::6810:4fa5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1639636918761&h=www.fastcompany.com&e=p&u=41907
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 Dec 2021 06:41:58 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1132586
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: a6738c5e-201e-00df-52f5-370495000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6be5edd679f683b8-MXP
cf-bgj: imgq:85,h2pri

GET
H3

200

/
www.google.de/pagead/1p-conversion/972240864/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972240864/?random=1439347571&cv=9&fst=1639636918496&num=1&label=bcfgCMbv9bYBEODvzM8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
https://www.google.com/pagead/1p-conversion/972240864/?random=1439347571&cv=9&fst=1639636918496&num=1&label=bcfgCMbv9bYBEODvzM8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
https://www.google.de/pagead/1p-conversion/972240864/?random=1439347571&cv=9&fst=1639636918496&num=1&label=bcfgCMbv9bYBEODvzM8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
64 B

24ms
23ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/972240864/?random=1439347571&cv=9&fst=1639636918496&num=1&label=bcfgCMbv9bYBEODvzM8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3DMV%20Landing%20Page%20View%3Bevent_category%3DPage%20view&frm=0&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&tiba=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&auid=209208355.1639636918&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=tt-6YbC7IPCYx_AP4Y6M4Ao&cid=CAQSKQCNIrLMVU3ljENXhAAlc6ZhG0Nx9IXGRs5k0Jd38DYclJJuZv0-uRA-&random=2013698536&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:41:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:41:58 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/972240864/?random=1439347571&cv=9&fst=1639636918496&num=1&label=bcfgCMbv9bYBEODvzM8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3DMV%20Landing%20Page%20View%3Bevent_category%3DPage%20view&frm=0&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&tiba=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&auid=209208355.1639636918&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=tt-6YbC7IPCYx_AP4Y6M4Ao&cid=CAQSKQCNIrLMVU3ljENXhAAlc6ZhG0Nx9IXGRs5k0Jd38DYclJJuZv0-uRA-&random=2013698536&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 13 KB
3 KB 210ms
145ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=UnG6aKcRpu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f447d8667e1a68ac5a90e45cf37489c3879ac1b4b1e0dc2e81b8762fd0b711f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Referer: https://www.fastcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: p51mbe7wrz
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.fastcompany.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6be5edd6ec490f86-MXP

GET
H3 200 /
www.google.com/pagead/1p-user-list/975200100/ 42 B
64 B 40ms
21ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975200100/?random=1639636918508&cv=9&fst=1639634400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3DMV%20Landing%20Page%20View%3Bevent_category%3DPage%20view&frm=0&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&tiba=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&async=1&fmt=3&is_vtc=1&random=2972975268&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:41:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/975200100/ 42 B
64 B 38ms
20ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/975200100/?random=1639636918508&cv=9&fst=1639634400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3DMV%20Landing%20Page%20View%3Bevent_category%3DPage%20view&frm=0&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&tiba=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&async=1&fmt=3&is_vtc=1&random=2972975268&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:41:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame A3D6 0
15 B 20ms
19ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.fastcompany.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.fastcompany.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Thu, 16 Dec 2021 06:41:58 GMT

POST
H2 204 event Show response
api.conversant.mgr.consensu.org/gdpr/cmp/ 0
123 B 92ms
63ms XHR
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fastcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.fastcompany.com
date: Thu, 16 Dec 2021 06:41:58 GMT
access-control-allow-credentials: true
server: nginx
vary: Origin

GET
H2 200 gdpr-cmp-ui.js Show response
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/ 326 KB
82 KB 9ms
9ms Script
application/javascript 104.92.84.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.84.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-84-47.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6dbfba471ede6d5d286947ae471abb02656ff5cc5f69374dd133ed2ba11e86c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 18:20:57 GMT
server: Apache
etag: "5169b-5cc99935ce3d4-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 83207

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1275 37 KB
13 KB 35ms
9ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 05:48:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 16 Dec 2021 06:48:50 GMT

GET
H2 200 62.css
www.dianomi.com/img/a/pss/2896/ Frame D0B3 5 KB
1 KB 0ms
0ms Stylesheet
text/css 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/2896/62.css

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d99dbafa328518f87ca52cd9fd06b7a444acd2315dfaa402ce0e1c63ce428a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5350&num_ads=4&cf=1061.76.FC&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&unitId=dianomi-5350-YbrftozT8yT5XFAegmU7rgAAABc0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33803
cf-polished: origSize=6641
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Oct 2021 08:23:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css; charset=ISO-8859-1
access-control-allow-origin: *
expires: Sat, 15 Jan 2022 16:41:58 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 6be5edd69f224303-FRA
cf-bgj: minify

GET
H2 200 0wANTenf-27530285.mp4-1.ts Show response
videos-cloudflare.jwpsrv.com/61bb885a_eded6e769850fd75da5d0ec3f57a46a7571844d4/content/conversions/i8Y1n2VZ/videos/ 156 KB
156 KB 31ms
31ms XHR
video/mp2t 2606:4700::6812:da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-cloudflare.jwpsrv.com/61bb885a_eded6e769850fd75da5d0ec3f57a46a7571844d4/content/conversions/i8Y1n2VZ/videos/0wANTenf-27530285.mp4-1.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.24.0-beta.2/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb5d2dd8a63792c1cd2925f4c8131f3e1826e36d07a48b45f67113f3caf68b9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
x-backend: https://s3-external-1.amazonaws.com
age: 39259
x-cache: HIT, HIT
fastly-stats: otfp=1
content-length: 159800
x-served-by: cache-iad-kiad7000175-IAD, cache-mxp6952-MXP
access-control-allow-origin: *
server: cloudflare
x-timer: S1639597660.578964,VS0,VE1
etag: "X0ZHAN-dFjMF0S6KXg48l69kEqvYDKJEkQAYEyuH0NwfYwCMo6fwlmvjtAIfaQYlyzXjFVctYF5AOhWprPvjo3NFZw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: video/mp2t
x-fastly-otfp-info: ss=0.000 sl=4.000 vl=217.600 rs=320x180
accept-ranges: bytes
cf-ray: 6be5edd71f4859b9-MXP
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 6CA9 232 B
448 B 6428ms
6406ms Fetch
application/json 104.244.42.136

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=cdb4ec8ca5d8a539569529d0ec249b77e9d1eb06

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.fastcompany.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 -, , ASN (),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-response-time: 6398
date: Thu, 16 Dec 2021 06:42:04 GMT
content-encoding: gzip
last-modified: Thu, 16 Dec 2021 06:42:05 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 2912c1f6b9f982459631b1e5afbbc9c33b2dc61f578de12a988f303c2e711b6f
content-length: 166

GET
H2 200 viewability8.js Show response
www.dianomi.com/js/ Frame D0B3 7 KB
2 KB 24ms
23ms Script
application/javascript 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability8.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=5350&num_ads=4&cf=1061.76.FC&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&unitId=dianomi-5350-YbrftozT8yT5XFAegmU7rgAAABc0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3187faa5db2e775c2e66b02056783833e2b5378efd3f396f7595dba1065010

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5350&num_ads=4&cf=1061.76.FC&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&unitId=dianomi-5350-YbrftozT8yT5XFAegmU7rgAAABc0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5297
cf-polished: origSize=9963
last-modified: Tue, 31 Aug 2021 16:55:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"26eb-5caddd1f2481d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6be5edd7487d4303-FRA
expires: Thu, 16 Dec 2021 10:41:58 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame D0B3 1 KB
1 KB 26ms
26ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5350&num_ads=4&cf=1061.76.FC&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&unitId=dianomi-5350-YbrftozT8yT5XFAegmU7rgAAABc0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24250
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 15 Jan 2022 16:41:58 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6be5edd7487e4303-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 324x180.jpg
www.dianomi.com/img/a/sav2/190407/3/ Frame D0B3 8 KB
8 KB 31ms
31ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/190407/3/324x180.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34ad786096dc693e86a852d74e29a4ba7b796ec21a49bb589187cb0f2c0ab16c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5350&num_ads=4&cf=1061.76.FC&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&unitId=dianomi-5350-YbrftozT8yT5XFAegmU7rgAAABc0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2031333
cf-polished: qual=85, origFmt=jpeg, origSize=18638
content-disposition: inline; filename="324x180.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 8296
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Nov 2021 09:03:16 GMT
server: cloudflare
etag: "48ce-5d0e4322e0e46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 15 Jan 2022 16:41:58 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6be5edd758b74303-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 324x180.jpg
www.dianomi.com/img/a/sav2/208065/6/ Frame D0B3 9 KB
9 KB 21ms
20ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/208065/6/324x180.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f38a7449aba5c1605ffb3f562f1dd4716bb30db1c756a6935b04eaa7a760ed79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5350&num_ads=4&cf=1061.76.FC&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&unitId=dianomi-5350-YbrftozT8yT5XFAegmU7rgAAABc0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20264
cf-polished: qual=85, origFmt=jpeg, origSize=21601
content-disposition: inline; filename="324x180.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 9352
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Dec 2021 11:50:20 GMT
server: cloudflare
etag: "5461-5d278dc7e1fe4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 15 Jan 2022 16:41:58 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6be5edd758bb4303-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 324x180.jpg
www.dianomi.com/img/a/sav2/225503/4/ Frame D0B3 11 KB
11 KB 25ms
25ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/225503/4/324x180.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a868a5c4db6f206094ece9d0f9b3bb8908920ce909d73278279f3843e4c27a2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5350&num_ads=4&cf=1061.76.FC&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&unitId=dianomi-5350-YbrftozT8yT5XFAegmU7rgAAABc0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2292294
cf-polished: qual=85, origFmt=jpeg, origSize=44084
content-disposition: inline; filename="324x180.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 10848
x-xss-protection: 1; mode=block
last-modified: Tue, 21 Sep 2021 02:38:49 GMT
server: cloudflare
etag: "ac34-5cc784c305619"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 15 Jan 2022 16:41:58 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6be5edd758bc4303-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 324x180.jpg
www.dianomi.com/img/a/sav2/234499/4/ Frame D0B3 26 KB
26 KB 35ms
35ms Image
image/jpeg 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/234499/4/324x180.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4a37fbc523c7b181e6e9a1afadb954ee3ad520e0538f89680e72e039206ee16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=5350&num_ads=4&cf=1061.76.FC&url=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&unitId=dianomi-5350-YbrftozT8yT5XFAegmU7rgAAABc0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2398961
cf-polished: degrade=85, origSize=41946, status=webp_bigger
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 26791
x-xss-protection: 1; mode=block
last-modified: Tue, 09 Nov 2021 00:29:25 GMT
server: cloudflare
etag: "a3da-5d0503398ccf0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 15 Jan 2022 16:41:58 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6be5edd758bf4303-FRA
cf-bgj: imgq:85,h2pri

GET
H3

200

B26132838.311090651;dc_pre=CP2j98Db5_QCFQDjuwgdOnoBfQ;dc_trk_aid=503752313;dc_trk_cid=155962322;ord=1639636918;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/ Frame D0B3
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B26132838.311090651;dc_trk_aid=503752313;dc_trk_cid=155962322;ord=1639636918;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;t...
https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B26132838.311090651;dc_pre=CP2j98Db5_QCFQDjuwgdOnoBfQ;dc_trk_aid=503752313;dc_trk_cid=155962322;ord=1639636918;dc_lat=;dc_rdid=;t...

42 B
63 B

49ms
33ms

Image
image/gif

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B26132838.311090651;dc_pre=CP2j98Db5_QCFQDjuwgdOnoBfQ;dc_trk_aid=503752313;dc_trk_cid=155962322;ord=1639636918;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Protocol

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:41:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:41:58 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B26132838.311090651;dc_pre=CP2j98Db5_QCFQDjuwgdOnoBfQ;dc_trk_aid=503752313;dc_trk_cid=155962322;ord=1639636918;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

JnYw1RQo-120.vtt Show response
assets-jpcust.jwpsrv.com/strips/
Redirect Chain

https://content.jwplatform.com/strips/JnYw1RQo-120.vtt
https://assets-jpcust.jwpsrv.com/strips/JnYw1RQo-120.vtt

5 KB
1 KB

18ms
17ms

XHR
text/vtt

2a04:4e42:400::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-jpcust.jwpsrv.com/strips/JnYw1RQo-120.vtt
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Server: 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6f62f7762294908df4b510b0cc7e823640409c84d23aa8b798e12d8e8197be9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
content-encoding: gzip
age: 574
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 978
x-served-by: cache-iad-kjyo7100118-IAD, cache-mxp6958-MXP
access-control-allow-origin: *
last-modified: Tue, 14 Dec 2021 19:09:36 GMT
server: nginx
x-timer: S1639636919.226286,VS0,VE1
etag: "f89659bbb97d2b0782cafecf3040ef5c"
vary: Accept-Encoding
content-type: text/vtt
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 1, 1

Redirect headers

date: Thu, 16 Dec 2021 06:39:39 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
server: openresty
age: 139
location: https://assets-jpcust.jwpsrv.com/strips/JnYw1RQo-120.vtt
x-cache: Hit from cloudfront
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
content-length: 166
x-amz-cf-id: yCVkNpPGCzK2_1JTpxRW9przLVRfNVZ2Dm6M3dWo6IBM-psqFlpFBg==

GET
H2 200 JnYw1RQo.m3u8 Show response
content.jwplatform.com/manifests/ 1 KB
808 B 17ms
16ms XHR
application/vnd.apple.mpegurl 2600:9000:2156:0:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.jwplatform.com/manifests/JnYw1RQo.m3u8
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.24.0-beta.2/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 05fff02bcfa80ee305d36c3556f20e6eca76141e9390dfb61d3246400568ba33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:40:16 GMT
content-encoding: gzip
server: openresty
age: 103
x-cache: Hit from cloudfront
content-type: application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, max-stale=180
x-amz-cf-pop: FRA50-C1
content-length: 439
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
x-amz-cf-id: fOF_eKFVPhOsfyvotEovxybCEKR4WB3qtBu8VwQ3ZDRxuTFdFUL_9A==
expires: Thu, 16 Dec 2021 06:50:16 GMT

GET
H2

200

adr3egp7-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://content.jwplatform.com/v2/media/JnYw1RQo/poster.jpg?width=720
https://assets-jpcust.jwpsrv.com/thumbnails/adr3egp7-720.jpg

71 KB
71 KB

19ms
19ms

Image
image/jpeg

2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/adr3egp7-720.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 04ce69066b1426bdb1a9c79f25e86870342306a2352d05ee86a8cd658fb99f51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
content-encoding: gzip
age: 612
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 72276
x-served-by: cache-iad-kcgs7200128-IAD, cache-mxp6922-MXP
access-control-allow-origin: *
last-modified: Tue, 14 Dec 2021 20:47:09 GMT
server: nginx
x-timer: S1639636919.235495,VS0,VE1
etag: "5cfe55e342196a537de6f8b39e50ce15"
vary: Accept-Encoding
content-type: image/jpeg
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 1, 1

Redirect headers

date: Thu, 16 Dec 2021 06:40:24 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
server: openresty
age: 95
location: https://assets-jpcust.jwpsrv.com/thumbnails/adr3egp7-720.jpg
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
content-length: 0
x-amz-cf-id: rTJQi8Ct5xuPszBoFdowM4ka2er37drlSdEoqH8wknyjtOlrNmTSeg==

GET
H3 200 bridge3.493.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6786 598 KB
194 KB 8ms
8ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198942
date: Wed, 15 Dec 2021 00:48:04 GMT
expires: Thu, 15 Dec 2022 00:48:04 GMT
last-modified: Wed, 15 Dec 2021 00:41:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 107635
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame C421 0
320 B 111ms
110ms XHR
application/x-protobuf 3.13.126.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=142603
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.126.66 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-126-66.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fastcompany.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
26 KB 25ms
24ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1072 / 200 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Dec 2021 06:41:59 GMT

GET
H2 200 b7ecf337-39ea-4b53-928b-a597c3ae5359.bin Show response
vid.connatix.com/0de4ece3-57d4-4c8c-9f67-9f67cc9de327/ Frame C421 3 KB
1 KB 100ms
8ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/0de4ece3-57d4-4c8c-9f67-9f67cc9de327/b7ecf337-39ea-4b53-928b-a597c3ae5359.bin?playerId=86fd0e84-5f99-4f4b-8281-4147bb00e49a
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dd17bd5ed9ad3ebbfae67464ab692a79b0f507dc7b52fa40e0975f2f9e30472d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
content-encoding: gzip
last-modified: Thu, 16 Dec 2021 06:35:33 GMT
age: 275
etag: "fed38b4b2c6f1f1d3e5e3a29497d78e7"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 987

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C421 375 KB
124 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126523
x-xss-protection: 0
expires: Thu, 16 Dec 2021 06:41:59 GMT

GET fastcomplA.svg
demo.connatix.com/ps/gary/assets/ 0
0

GET
H2 200 en.json Show response
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/ 4 KB
1 KB 9ms
8ms XHR
application/json 104.92.84.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/en.json
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.84.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-84-47.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 18:20:57 GMT
server: Apache
etag: "f30-5cc99935cff3c-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1178

POST
H2 204 event Show response
api.conversant.mgr.consensu.org/gdpr/cmp/ 0
122 B 60ms
59ms XHR
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fastcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.fastcompany.com
date: Thu, 16 Dec 2021 06:41:59 GMT
access-control-allow-credentials: true
server: nginx
vary: Origin

GET
H2 200 CentraNo1-Bold.woff2
www.dianomi.com/partner/fastco/fonts/CentraNo1/ Frame D0B3 29 KB
29 KB 36ms
35ms Font
text/plain 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/partner/fastco/fonts/CentraNo1/CentraNo1-Bold.woff2

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2896/62.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8066e30e9e07f313993a4abb31e0734e5ff9a585bbd999e8ea6c403c91027181

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/img/a/pss/2896/62.css
Origin: https://www.dianomi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 974834
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 29340
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Jan 2020 14:16:41 GMT
server: cloudflare
etag: "729c-59ccf4a398440"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: https://www.dianomi.com
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6be5edda2e844303-FRA
expires: Sat, 15 Jan 2022 16:41:59 GMT

GET
H2 200 A2Beckett-BookWEB.woff2
www.dianomi.com/partner/fastco/fonts/Beckett/ Frame D0B3 46 KB
46 KB 24ms
24ms Font
text/plain 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/partner/fastco/fonts/Beckett/A2Beckett-BookWEB.woff2

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2896/62.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db87e6a84cc7c7ee2ffff2e15d5012b2d3328ea3ca8fd27e3f2d351af21c0ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/img/a/pss/2896/62.css
Origin: https://www.dianomi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1738344
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 46984
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Jan 2020 14:16:42 GMT
server: cloudflare
etag: "b788-59ccf4a48c680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: https://www.dianomi.com
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6be5edda2e8a4303-FRA
expires: Sat, 15 Jan 2022 16:41:59 GMT

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame A9E2 720 B
755 B 12ms
11ms Document
text/html 2a02:26f0:fb:59f::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59f::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: fb8b0b368f77ad52f888b50575c415e1807efeae70f4ee1f38e5606319bc5b02

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/

Response headers

Accept-Ranges: bytes
Last-Modified: Tue, 14 Dec 2021 07:11:25 GMT
Server: AkamaiNetStorage
Content-Length: 385
Cache-Control: max-age=864000
Expires: Sun, 26 Dec 2021 06:41:59 GMT
Date: Thu, 16 Dec 2021 06:41:59 GMT
Connection: keep-alive
Content-Type: text/html
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Vary: Accept-Encoding

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 70AA 37 KB
13 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 05:48:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 16 Dec 2021 06:48:50 GMT

GET
BLOB 200
OK f49be8f2-33ba-4f90-bcda-2a5860fba031
https://www.fastcompany.com/ 88 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.fastcompany.com/f49be8f2-33ba-4f90-bcda-2a5860fba031
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7fb034e3a989e7668e46fe1c8850622a25934eee36976c0bc4a83c64d0a8289a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 90231
Content-Type: text/javascript

POST
H3 200 / Show response
www.facebook.com/tr/ Frame F688 0
15 B 20ms
19ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.fastcompany.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.fastcompany.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Thu, 16 Dec 2021 06:41:59 GMT

GET
H2

200

obx921zd-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://cdn.jwplayer.com/v2/media/yFpv1hU8/poster.jpg?width=120
https://assets-jpcust.jwpsrv.com/thumbnails/obx921zd-120.jpg

6 KB
6 KB

130ms
130ms

Image
image/jpeg

2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/obx921zd-120.jpg
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 62dd62394456b7f3050a27311761abd491106c02a2bfaaeb561ec6c82c4520af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
content-encoding: gzip
age: 323
x-amz-server-side-encryption: AES256
x-cache: MISS, HIT, HIT
content-length: 6408
x-served-by: cache-bwi5132-BWI, cache-iad-kiad7000083-IAD, cache-mxp6922-MXP
access-control-allow-origin: *
last-modified: Fri, 10 Dec 2021 21:19:58 GMT
server: nginx
x-timer: S1639636919.497992,VS0,VE94
etag: "d7591fa4cd3725512d5e85fac4644374"
vary: Accept-Encoding
content-type: image/jpeg
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 0, 2, 1

Redirect headers

date: Thu, 16 Dec 2021 06:39:41 GMT
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
server: openresty
age: 138
location: https://assets-jpcust.jwpsrv.com/thumbnails/obx921zd-120.jpg
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA53-C1
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
content-length: 0
x-amz-cf-id: bCX2UY-IXrL2wL6Y7IXQsLryAxfL0_9GU2PBtbhsinybVTS4kyVXAQ==

GET
H2 200 JnYw1RQo-27530285.mp4.m3u8 Show response
videos-cloudflare.jwpsrv.com/61bb8810_3723299bda845796b723463905c3218fefdda0f8/content/conversions/i8Y1n2VZ/videos/ 25 KB
25 KB 29ms
29ms XHR
application/x-mpegurl 2606:4700::6812:da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-cloudflare.jwpsrv.com/61bb8810_3723299bda845796b723463905c3218fefdda0f8/content/conversions/i8Y1n2VZ/videos/JnYw1RQo-27530285.mp4.m3u8
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.24.0-beta.2/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9c2eaac0a12a5a54dc7459ff078654c60656a5a45a7154d3a62294a4c0667d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
x-backend: https://s3-external-1.amazonaws.com
age: 40453
x-cache: HIT, HIT
fastly-stats: otfp=1
x-served-by: cache-iad-kjyo7100105-IAD, cache-mxp6929-MXP
server: cloudflare
x-timer: S1639596466.030905,VS0,VE1
etag: W/"Wz9ihlt3L0nyzoMEp8lcDNoCqV2bsOWm8_UYaZgfzCMcRp8ncCfbVXOnWG_X6gPjQavoqPLkB4Pcg5RPnmF16AEEHWbtyw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-mpegurl
access-control-allow-origin: *
cf-ray: 6be5edda6ca259b9-MXP
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame C421 0
320 B 111ms
111ms XHR
application/x-protobuf 3.13.126.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=142603
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.126.66 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-126-66.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 06:41:58 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fastcompany.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame C421 372 B
554 B 663ms
324ms XHR
application/x-protobuf 3.13.126.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=142603
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.126.66 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-126-66.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: fa4cad0b6e7e499ae3d6bf4d255c8a7fc1845b25a4ac3380f5c595ae1f07861e

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fastcompany.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 253

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame C421 0
320 B 217ms
110ms XHR
application/x-protobuf 3.13.126.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=142603
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.126.66 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-126-66.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fastcompany.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 d6dd8dc9-3dea-40e0-b353-3ab267c1568d.jpg
img.connatix.com/0de4ece3-57d4-4c8c-9f67-9f67cc9de327/ 34 KB
34 KB 87ms
29ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/0de4ece3-57d4-4c8c-9f67-9f67cc9de327/d6dd8dc9-3dea-40e0-b353-3ab267c1568d.jpg?crop=600:473,smart&width=600&height=473&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f5963533d46b4f1202b00bdcb2bb29270b1b55b4b9184d4552c290eb1c30c713

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
content-encoding: br
age: 300
etag: "lVUtOg/cyR/0Q+IDMQ7jFmS6YChgDPjEAiXy0uCw7hk"
access-control-max-age: 86400
fastly-io-info: ifsz=147750 idim=1280x720 ifmt=jpeg ofsz=35114 odim=600x473 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 34474

GET
H2 200 JnYw1RQo-27530285.mp4-1.ts Show response
videos-cloudflare.jwpsrv.com/61bb8810_3723299bda845796b723463905c3218fefdda0f8/content/conversions/i8Y1n2VZ/videos/ 147 KB
148 KB 30ms
29ms XHR
video/mp2t 2606:4700::6812:da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-cloudflare.jwpsrv.com/61bb8810_3723299bda845796b723463905c3218fefdda0f8/content/conversions/i8Y1n2VZ/videos/JnYw1RQo-27530285.mp4-1.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.24.0-beta.2/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b65e2c361992e64267b997f2aa7776c6dc4b0fd427c7150f3cd04d2f46221c67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
x-backend: https://s3-external-1.amazonaws.com
age: 40453
x-cache: HIT, HIT
fastly-stats: otfp=1
content-length: 150776
x-served-by: cache-iad-kjyo7100051-IAD, cache-mxp6967-MXP
access-control-allow-origin: *
server: cloudflare
x-timer: S1639596467.699733,VS0,VE1
etag: "5d1cQ1809MgXNIIWXoFO44hEzojN1zQodqfGBn7UPkrqXGG3IsKjm3VebVOAz84WUpk-i5exlD-q5n5N4mnMOKG7BZLeVA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: video/mp2t
x-fastly-otfp-info: ss=0.000 sl=4.000 vl=2300.080 rs=320x180
accept-ranges: bytes
cf-ray: 6be5eddafd9d59b9-MXP
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H2 200 d6dd8dc9-3dea-40e0-b353-3ab267c1568d.jpg
img.connatix.com/0de4ece3-57d4-4c8c-9f67-9f67cc9de327/ 27 KB
26 KB 55ms
20ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/0de4ece3-57d4-4c8c-9f67-9f67cc9de327/d6dd8dc9-3dea-40e0-b353-3ab267c1568d.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1985f7727c8c14d80cad31fe03f8e115c2e980040a595c894f8fbbf69658a064

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
content-encoding: br
age: 300
etag: "MOWPZZk7u4GFx4ZEPGMVuvf+6kZhDyorMUWOJmU+JG4"
access-control-max-age: 86400
fastly-io-info: ifsz=147750 idim=1280x720 ifmt=jpeg ofsz=27508 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 26921

GET
H2 200 82a12b8d-98a9-4631-b123-3652cd54d369.jpg
img.connatix.com/0de4ece3-57d4-4c8c-9f67-9f67cc9de327/ 26 KB
26 KB 54ms
19ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/0de4ece3-57d4-4c8c-9f67-9f67cc9de327/82a12b8d-98a9-4631-b123-3652cd54d369.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 902392e95509fee85fa0995b14e3683621a471bec2e7554daaa3e8ab4626d43f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
content-encoding: br
age: 299
etag: "iLJeVvumxoHQCF086dz4/KwQoNFsV/SiHG4VXHbP+vI"
access-control-max-age: 86400
fastly-io-info: ifsz=504479 idim=1280x720 ifmt=gif ofsz=26742 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 25971

GET
H2 200 67815284-b804-4d8d-85ea-d5765ab1cae1.jpg
img.connatix.com/0de4ece3-57d4-4c8c-9f67-9f67cc9de327/ 7 KB
6 KB 62ms
28ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/0de4ece3-57d4-4c8c-9f67-9f67cc9de327/67815284-b804-4d8d-85ea-d5765ab1cae1.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2150d0e1dc93b352796ad2a03a1cbd48e258e0efc44a3a43e0e57506e785fd2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
content-encoding: br
age: 299
etag: "IeZW0XlTmoSxtzCTtJRcstxdWlZYp7DNKvOKe0FTxaU"
access-control-max-age: 86400
fastly-io-info: ifsz=113224 idim=1280x672 ifmt=png ofsz=6807 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 6279

GET
H2 200 d167423f-3716-4347-8066-b45cb78cb09c.jpg
img.connatix.com/0de4ece3-57d4-4c8c-9f67-9f67cc9de327/ 33 KB
33 KB 61ms
27ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/0de4ece3-57d4-4c8c-9f67-9f67cc9de327/d167423f-3716-4347-8066-b45cb78cb09c.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 39cc3f53df6e273de753410b354b790e9a6ede61a639e8b714869d211508f902

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
content-encoding: br
age: 299
etag: "rkuDgCG0FcdZama2latwOyZgIU94sypkXaPT+G94dYg"
access-control-max-age: 86400
fastly-io-info: ifsz=258304 idim=1280x720 ifmt=jpeg ofsz=34084 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 33704

GET
H2 200 caca64c9-70f2-4400-a373-d33a6bcbbea8.jpg
img.connatix.com/0de4ece3-57d4-4c8c-9f67-9f67cc9de327/ 41 KB
40 KB 65ms
31ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/0de4ece3-57d4-4c8c-9f67-9f67cc9de327/caca64c9-70f2-4400-a373-d33a6bcbbea8.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 02b352824377739a1ae6fdc69c19774054cc572448dca3a06c2497c1b028180c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
content-encoding: br
age: 299
etag: "fk6dvA+vUCgB4cEtthiL8abUGyyPjxdbkNYwzsy6i7M"
access-control-max-age: 86400
fastly-io-info: ifsz=253617 idim=1280x720 ifmt=jpeg ofsz=41587 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 41184

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame A9E2 72 KB
23 KB 18ms
18ms Script
application/x-javascript 2a02:26f0:fb:59f::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59f::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0e8bf134f3868616881452cad899021e5aae5a5d9e728324eb4506c7dc424828

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:41:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Dec 2021 07:11:25 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22988
Expires: Thu, 16 Dec 2021 07:41:59 GMT

GET
H3 200 bridge3.493.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame B30D 598 KB
194 KB 17ms
17ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198942
date: Wed, 15 Dec 2021 00:48:04 GMT
expires: Thu, 15 Dec 2022 00:48:04 GMT
last-modified: Wed, 15 Dec 2021 00:41:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 107635
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame C421 44 KB
16 KB 44ms
24ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 16 Dec 2021 06:41:59 GMT

GET
H3 200 bridge3.493.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D60E 598 KB
194 KB 9ms
7ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198942
date: Wed, 15 Dec 2021 00:48:04 GMT
expires: Thu, 15 Dec 2022 00:48:04 GMT
last-modified: Wed, 15 Dec 2021 00:41:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 107635
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.493.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E6EA 598 KB
194 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198942
date: Wed, 15 Dec 2021 00:48:04 GMT
expires: Thu, 15 Dec 2022 00:48:04 GMT
last-modified: Wed, 15 Dec 2021 00:41:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 107635
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame A9E2 47 B
638 B 74ms
14ms Script
text/javascript 178.63.12.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.63.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: de716.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 5881f3e5b36e8abadf24c4fc74377c4fb03f4c278fa4f0e66671a621d92f5169

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:41:59 GMT
Last-Modified: Wed, 16 Jun 2021 06:41:59 GMT
Server: Jetty(9.4.28.v20200408)
ETag: 2d778la266wkh3ashpxwyizqy0
P3P: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: private, proxy-revalidate
Content-Type: text/javascript;charset=utf-8
Content-Length: 47
Expires: Fri, 16 Dec 2022 06:41:59 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 37F7 37 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 05:48:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 16 Dec 2021 06:48:50 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F91E 37 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 05:48:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 16 Dec 2021 06:48:50 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3047 37 KB
13 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 05:48:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 16 Dec 2021 06:48:50 GMT

GET
BLOB 200
OK 7bbbfdc3-034e-4cab-9d97-9c4b539705c2
https://www.fastcompany.com/ 88 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.fastcompany.com/7bbbfdc3-034e-4cab-9d97-9c4b539705c2
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7fb034e3a989e7668e46fe1c8850622a25934eee36976c0bc4a83c64d0a8289a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 90231
Content-Type: text/javascript

GET
H2 200 0wANTenf-27530286.mp4.m3u8 Show response
videos-cloudflare.jwpsrv.com/61bb885a_762ef832ac639131f9510b083c0bfc659ed36075/content/conversions/i8Y1n2VZ/videos/ 2 KB
3 KB 38ms
37ms XHR
application/x-mpegurl 2606:4700::6812:da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-cloudflare.jwpsrv.com/61bb885a_762ef832ac639131f9510b083c0bfc659ed36075/content/conversions/i8Y1n2VZ/videos/0wANTenf-27530286.mp4.m3u8
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.24.0-beta.2/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce737bc0ae08bd805e99ad0fb794c078ed678826636e6f20daa613c386bcfc04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-backend: https://s3-external-1.amazonaws.com
x-cache: HIT, HIT
fastly-stats: otfp=1
x-served-by: cache-iad-kiad7000121-IAD, cache-mxp6920-MXP
server: cloudflare
x-timer: S1639636920.735798,VS0,VE1
etag: W/"Pm8Dlz1Wln9Z0H90SPhGst1vbOkbauhNWqT8t5FQ-F54CfQdHEha3FTajngNPz-1-Fu-tm-M9tQvWwDQ5b4oSBLCazrV"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-mpegurl
access-control-allow-origin: *
cf-ray: 6be5eddc4fe859b9-MXP
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame A9E2 43 B
469 B 63ms
19ms Image
image/gif 178.63.12.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.1.0&typ=pgv&rnd=kx8lhj10ppom973s&sid=1140847774616229827&loc=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&new=0&arf=0&ltm=1639636918711&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=kx8lhjz0b3t4l0wh&ckp=kx8lhj12msycxfaj&glb=&amo=1639491551&cp_userState=anon&cst=2d778la266wkh3ashpxwyizqy0
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.63.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: de716.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 06:41:59 GMT
Server: Jetty(9.4.28.v20200408)
P3P: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 118 B
691 B 61ms
18ms Script
text/javascript 178.63.12.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22kx8lhj12msycxfaj%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%222d778la266wkh3ashpxwyizqy0%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%222d778la266wkh3ashpxwyizqy0%22%7D%5D%2C%22siteId%22%3A%221140847774616229827%22%2C%22location%22%3A%22https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp%22%7D&callback=cXJsonpCBkx8lhkatjmammfpr

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.63.12.208 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

de716.cxense.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

be5f07f0b4c829715935e54834fe1e5ee4413f7c171d489f2456cec18d71e489

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 06:41:59 GMT
X-Content-Type-Options: nosniff
Server: Jetty(9.4.28.v20200408)
P3P: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/javascript;charset=utf-8
Content-Length: 118
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 JnYw1RQo-27530288.mp4.m3u8 Show response
videos-cloudflare.jwpsrv.com/61bb8810_694a9ff8eff6f46dc67a32931111ca46aded1070/content/conversions/i8Y1n2VZ/videos/ 25 KB
25 KB 30ms
30ms XHR
application/x-mpegurl 2606:4700::6812:da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-cloudflare.jwpsrv.com/61bb8810_694a9ff8eff6f46dc67a32931111ca46aded1070/content/conversions/i8Y1n2VZ/videos/JnYw1RQo-27530288.mp4.m3u8
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.24.0-beta.2/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10aa7853732b18c8a5e1c46509e4ffc6b752a18c367757c044b538eded6044ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:41:59 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
x-backend: https://s3-external-1.amazonaws.com
age: 40310
x-cache: HIT, HIT
fastly-stats: otfp=1
x-served-by: cache-iad-kcgs7200037-IAD, cache-mxp6949-MXP
server: cloudflare
x-timer: S1639596610.746388,VS0,VE3
etag: W/"D-z4BZNDwjCCxHKWqX_lCwS1uflneB5tbkNd3iRlsaxXXkTHX3SNrl-8tkgwfILkm1ecjlw5lDclMf0BfLd73HNw9NbeTw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-mpegurl
access-control-allow-origin: *
cf-ray: 6be5eddd093359b9-MXP
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1, 1

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame C421 168 B
359 B 456ms
200ms XHR
application/xml 146.20.132.75
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081146&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=600&height=337&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=185.232.23.181&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=2848ea52-09e0-4d03-94e2-cf6cce2cd0e4
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.75 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.fastcompany.com
date: Thu, 16 Dec 2021 06:42:00 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 168
content-type: application/xml; charset=UTF-8

GET
H2 200 DoubleEmbed Show response
jsapi.lightboxcdn.com/custom8dfehgj6mpfz5h2/v1/customer/ 112 B
248 B 401ms
362ms Script
application/javascript 2606:4700::6810:4fa5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsapi.lightboxcdn.com/custom8dfehgj6mpfz5h2/v1/customer/DoubleEmbed?uid=41907&platform=d&format=jsonp&dom=www.fastcompany.com&href=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&top=&dev=&ip=185.232.23.181&cb=1639636920216&callback=jQuery17107403021627836044_1639636918757&_=1639636920216
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/252af0a6-c9ae-4612-9dbe-5d1552fad623/user.js?cb=637752144136614579
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e768d870a80aed948c7337e11b69d0271632d86c921eed81e033e23daa9de3a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:42:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 16 Dec 2021 06:42:00 GMT
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=30
cf-ray: 6be5eddfaff183b8-MXP
expires: Thu, 16 Dec 2021 06:42:30 GMT

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame C421 168 B
358 B 96ms
96ms XHR
application/xml 146.20.132.75
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081148&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=600&height=337&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=185.232.23.181&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=2878c501-ee8f-4a92-a741-6703e60445eb
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.75 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.fastcompany.com
date: Thu, 16 Dec 2021 06:42:00 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 168
content-type: application/xml; charset=UTF-8

GET
H2 200 / Show response
zn2t6mdnujruus8jh-inc.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 7 KB
4 KB 124ms
26ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn2t6mdnujruus8jh-inc.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_2t6mDnUjRUuS8jH&t=1639636920620

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

173aa697b5696d2d58c26114ef58ea6180a33b1d444b5fca5bb0c19a82decf2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17065
cf-polished: origSize=8435
cf-ray: 6be5ede27e724dbe-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 8
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"20f3-7DyGZx2gL7nT4tUCC6cXAU68PuY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 / Show response
zn2t6mdnujruus8jh-inc.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 7 KB
3 KB 128ms
31ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn2t6mdnujruus8jh-inc.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_2t6mDnUjRUuS8jH

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

173aa697b5696d2d58c26114ef58ea6180a33b1d444b5fca5bb0c19a82decf2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17065
cf-polished: origSize=8435
cf-ray: 6be5ede28e744dbe-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 8
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"20f3-7DyGZx2gL7nT4tUCC6cXAU68PuY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 99ms
13ms Script
application/x-javascript 2600:9000:2315:5800:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:5800:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 05:08:15 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:27:20 GMT
server: nginx
age: 5625
etag: W/"6179ee68-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: cGazjYzIxtvytsHDwWUJd-Z9dv2-D8JVqj4wQUDRFw163N1CeHiYXg==
expires: Thu, 16 Dec 2021 07:08:15 GMT

GET
H2 204 ping.gif
ping-meta-prd.jwpltx.com/v1/jwplayer6/ 0
82 B 134ms
114ms Image
text/plain 2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping-meta-prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-824206779&e=xapi&n=8095041324215695&aid=wI8noHXzEeaNTwpVuA4vVw&emi=1x8g58a1e646&id=JnYw1RQo&pli=16gc0p65cf59&pv=8.24.0-beta.2&tv=3.36.1&ed=6&prs=idle&pid=MyQ2uJQ0&ph=1&sdk=0&xam=on&xfmp=autoStart&sa=1639636918996
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:42:00 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-mxp6922-MXP
x-cache: MISS
x-cache-hits: 0

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
26 B 177ms
124ms Image
text/plain 2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1117219371&e=e&n=4218464777511288&abc=0&aid=wI8noHXzEeaNTwpVuA4vVw&amp=0&at=1&c=1&ccp=0&cp=0&d=0&eb=1&ed=6&emi=1x8g58a1e646&i=0&id=JnYw1RQo&lid=198ecxneuk2f&lsa=set&mt=1&pbd=1&pbr=1&pgi=3o7ssg1mkfwf&ph=1&pid=MyQ2uJQ0&pii=0&pl=0&plc=405&pli=16gc0p65cf59&pp=hlsjs&ppm=VOD&prc=2&ps=4&pss=1&pt=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&pu=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&pv=8.24.0-beta.2&pyc=0&s=1&sdk=0&stc=1&stpe=1&t=How%20a%20near-death%20experience%20gave%20Peloton%20instructor%20Ally%20Love%20determination%20to%20succeed&tv=3.36.1&vb=0&vi=0&vl=90&wd=0&ab=1&cae=0&cb=0&cdid=MyQ2uJQ0&cme=0&dd=1&flc=0&fv=&ga=0&lng=en-US&mk=hls&mu=https%3A%2F%2Fcontent.jwplatform.com%2Fmanifests%2FJnYw1RQo.m3u8&pbc=0&pd=2&pdr=&plng=en-US&plt=2600&pni=0&po=0&pogt=Kronos%20ransomware%20attack%3A%20The%20nightmare%20that%20could%20hit%20paychecks%20right%20before%20Christmas&sn=%5Bobject%20Object%5D&sp=0&st=900&sa=1639636918996
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:42:00 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-mxp6922-MXP
x-cache: MISS
x-cache-hits: 0

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
26 B 177ms
124ms Image
text/plain 2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-198548573&e=cpt&n=8531572162817052&abc=0&aid=wI8noHXzEeaNTwpVuA4vVw&amp=0&at=1&c=1&ccp=0&cp=0&d=0&eb=1&ed=6&emi=1x8g58a1e646&i=0&id=JnYw1RQo&lid=198ecxneuk2f&lsa=set&mt=1&pbd=1&pbr=1&pgi=3o7ssg1mkfwf&ph=1&pid=MyQ2uJQ0&pii=0&pl=0&plc=405&pli=16gc0p65cf59&pp=hlsjs&ppm=VOD&prc=2&ps=4&pss=1&pt=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&pu=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&pv=8.24.0-beta.2&pyc=0&s=1&sdk=0&stc=1&stpe=1&t=How%20a%20near-death%20experience%20gave%20Peloton%20instructor%20Ally%20Love%20determination%20to%20succeed&tv=3.36.1&vb=0&vi=0&vl=90&wd=0&sa=1639636918997
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:42:00 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-mxp6922-MXP
x-cache: MISS
x-cache-hits: 0

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
26 B 169ms
116ms Image
text/plain 2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1339767848&e=e&n=4817024488963397&abc=0&aid=wI8noHXzEeaNTwpVuA4vVw&amp=0&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=b1ui1r1sk3tl&i=0&id=0wANTenf&lid=198ecxneuk2f&lsa=read&mt=1&pbd=1&pbr=1&pgi=3o7ssg1mkfwf&ph=1&pid=2fyG0pBE&pii=0&pl=218&plc=10&pli=qznw32g0naaa&pp=hlsjs&ppm=VOD&prc=2&ps=4&pss=1&pt=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&pu=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&pv=8.24.0-beta.2&pyc=0&s=1&sdk=0&stc=2&stpe=1&t=How%20a%20near-death%20experience%20gave%20Peloton%20instructor%20Ally%20Love%20determination%20to%20succeed&tv=3.36.1&vb=1&vi=1&vl=90&wd=387&ab=1&cae=0&cb=0&cdid=2fyG0pBE&cme=0&dd=1&flc=0&fv=&ga=0&lng=en-US&mk=hls&mu=https%3A%2F%2Fcontent.jwplatform.com%2Fmanifests%2F0wANTenf.m3u8&pbc=0&pd=2&pdr=&plng=en-US&plt=2200&pni=0&po=0&pogt=Kronos%20ransomware%20attack%3A%20The%20nightmare%20that%20could%20hit%20paychecks%20right%20before%20Christmas&sn=%5Bobject%20Object%5D&sp=0&st=470&sa=1639636918580
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:42:00 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-mxp6922-MXP
x-cache: MISS
x-cache-hits: 0

GET
H2 204 ping.gif
prd.jwpltx.com/v1/jwplayer6/ 0
26 B 165ms
112ms Image
text/plain 2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-272454089&e=cpt&n=6622884522244890&abc=0&aid=wI8noHXzEeaNTwpVuA4vVw&amp=0&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=b1ui1r1sk3tl&i=0&id=0wANTenf&lid=198ecxneuk2f&lsa=read&mt=1&pbd=1&pbr=1&pgi=3o7ssg1mkfwf&ph=1&pid=2fyG0pBE&pii=0&pl=218&plc=10&pli=qznw32g0naaa&pp=hlsjs&ppm=VOD&prc=2&ps=4&pss=1&pt=Kronos%20ransomware%20attack%3A%20Will%20it%20affect%20my%20paycheck%3F&pu=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&pv=8.24.0-beta.2&pyc=0&s=1&sdk=0&stc=2&stpe=1&t=How%20a%20near-death%20experience%20gave%20Peloton%20instructor%20Ally%20Love%20determination%20to%20succeed&tv=3.36.1&vb=1&vi=1&vl=90&wd=387&sa=1639636918589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:42:00 GMT
via: 1.1 varnish
server: nginx
accept-ranges: bytes
x-served-by: cache-mxp6922-MXP
x-cache: MISS
x-cache-hits: 0

GET
H2

200

ct.html Show response
www.pinterest.de/ Frame F70B
Redirect Chain

https://www.pinterest.com/ct.html
https://www.pinterest.de/ct.html

413 B
4 KB

184ms
184ms

Document
text/html

2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/ct.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

ff72c6d1568d54f75bfba54d4279603d4d930489aa83f6e494a6c9e5ff4a2280

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-a1b88377469e799454bea18950bb4e7e' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=5572878666512913; frame-ancestors *
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/

Response headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p: CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-a1b88377469e799454bea18950bb4e7e' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=5572878666512913; frame-ancestors *
content-security-policy-report-only: script-src 'nonce-a1b88377469e799454bea18950bb4e7e' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
link: <https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 82
pinterest-generated-by: coreapp-webapp-prod-0a011930
content-encoding: gzip
pinterest-version: 0688ae5
referrer-policy: origin
x-pinterest-rid: 5572878666512913
date: Thu, 16 Dec 2021 06:42:00 GMT
content-length: 279
akamai-grn: 0.8499645f.1639636920.ca654f2
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location: https://www.pinterest.de/ct.html
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 81
pinterest-generated-by: coreapp-webapp-prod-0a0116ba
content-encoding: gzip
pinterest-version: 0688ae5
referrer-policy: origin
x-pinterest-rid: 2065812995702960
date: Thu, 16 Dec 2021 06:42:00 GMT
akamai-grn: 0.8499645f.1639636920.ca652b0
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame C421 168 B
358 B 97ms
96ms XHR
application/xml 146.20.132.75
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081150&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=600&height=337&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=185.232.23.181&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=27e9abfe-d954-4870-92a0-3eb5d41a1c1e
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.75 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.fastcompany.com
date: Thu, 16 Dec 2021 06:42:00 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 168
content-type: application/xml; charset=UTF-8

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 334ms
99ms Image
image/gif 54.163.236.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=fastcompany.com&p=%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&u=DL83nXTgMFuwSFY9&d=fastcompany.com&g=2768&g0=News&g1=Connie%20Lin&n=1&f=00001&c=0&x=0&m=0&y=8595&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=4236&t=Cn1ymJB3-8o5Csp7wwCe2Nt6DRK3FR&V=129&i=Kronos%20ransomware%20attack%3A%20The%20nightmare%20that%20could%20hit%20paychecks%20right%20before%20Christmas&tz=0&sn=1&sv=DuOGOhD7guKxCt3RyXCv4cNtDG4LFL&sd=1&im=0e430c4f&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.236.63 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-236-63.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 06:42:01 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 12.8327016048e927965e51.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 55 KB
17 KB 24ms
23ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.8327016048e927965e51.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web&Q_BRANDID=www.fastcompany.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/mansueto/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

878227787bfdfdc233209277b711325be189981949e62797f2b8413f1931c261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fastcompany.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 06:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20832
cf-polished: origSize=57365
cf-ray: 6be5ede2beab4dbe-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 14 Dec 2021 22:49:08 GMT
server: cloudflare
etag: W/"e015-17dbb229ea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
1 KB 126ms
126ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_2t6mDnUjRUuS8jH&Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=webAdobeLaunch

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.8327016048e927965e51.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web&Q_BRANDID=www.fastcompany.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d7c1a27f7feeb7edb36a42a4fa496fdcebb30bf5d6868be17c07e821f19ac9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fastcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 06:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 9
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.fastcompany.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
trace-id: 6fd28db683d36e9b
cf-ray: 6be5ede2eee24dbe-FRA

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
905 B 128ms
127ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_2t6mDnUjRUuS8jH&Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=webAdobeLaunch

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.8327016048e927965e51.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web&Q_BRANDID=www.fastcompany.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d7c1a27f7feeb7edb36a42a4fa496fdcebb30bf5d6868be17c07e821f19ac9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fastcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 06:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 8
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.fastcompany.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
trace-id: 3adf5de2fae67019
cf-ray: 6be5ede2eee34dbe-FRA

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
942 B 130ms
130ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_2t6mDnUjRUuS8jH&Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=webAdobeLaunch

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.8327016048e927965e51.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=web&Q_BRANDID=www.fastcompany.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d7c1a27f7feeb7edb36a42a4fa496fdcebb30bf5d6868be17c07e821f19ac9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fastcompany.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 06:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 6
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.fastcompany.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
trace-id: fb9146d7b9d895d7
cf-ray: 6be5ede2eee44dbe-FRA

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame F70B 0
4 KB 152ms
151ms Other
text/plain 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?rid=5572878666512913

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-3ed98898edf1b0537406abbe56fa9d1a' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=4698376209122884; frame-ancestors 'self' , script-src 'nonce-3ed98898edf1b0537406abbe56fa9d1a' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=4698376209122884
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-3ed98898edf1b0537406abbe56fa9d1a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=4698376209122884; frame-ancestors 'self' , script-src 'nonce-3ed98898edf1b0537406abbe56fa9d1a' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=4698376209122884
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.8499645f.1639636921.ca6577e
content-security-policy-report-only: script-src 'nonce-3ed98898edf1b0537406abbe56fa9d1a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 32
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 4698376209122884
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: 0688ae5
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Thu, 16 Dec 2021 06:42:01 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a01138e

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame F70B 0
4 KB 159ms
158ms Other
text/plain 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-60f5940795c973679681a7464a7ed7c6' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=8162868058349556; frame-ancestors 'self' , script-src 'nonce-60f5940795c973679681a7464a7ed7c6' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=8162868058349556
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-60f5940795c973679681a7464a7ed7c6' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=8162868058349556; frame-ancestors 'self' , script-src 'nonce-60f5940795c973679681a7464a7ed7c6' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=8162868058349556
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.8499645f.1639636921.ca65788
content-security-policy-report-only: script-src 'nonce-60f5940795c973679681a7464a7ed7c6' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 33
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 8162868058349556
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: 0688ae5
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Thu, 16 Dec 2021 06:42:01 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a01153d

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame F70B 0
4 KB 192ms
191ms Other
text/plain 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: www.fastcompany.com
URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-c827489d7a9e4cbd9de4588536634856' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1092646300506287; frame-ancestors 'self' , script-src 'nonce-c827489d7a9e4cbd9de4588536634856' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1092646300506287
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-c827489d7a9e4cbd9de4588536634856' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1092646300506287; frame-ancestors 'self' , script-src 'nonce-c827489d7a9e4cbd9de4588536634856' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1092646300506287
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.8499645f.1639636921.ca6578f
content-security-policy-report-only: script-src 'nonce-c827489d7a9e4cbd9de4588536634856' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 70
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 1092646300506287
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: 0688ae5
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Thu, 16 Dec 2021 06:42:01 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a011451

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame C421 0
320 B 111ms
110ms XHR
application/x-protobuf 3.13.126.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=142603
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.126.66 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-126-66.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 06:42:03 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fastcompany.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame C421 0
320 B 111ms
110ms XHR
application/x-protobuf 3.13.126.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=142603
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.126.66 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-126-66.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 06:42:05 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fastcompany.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame C421 168 B
358 B 109ms
109ms XHR
application/xml 146.20.132.75
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081146&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=600&height=337&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=185.232.23.181&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=d4b4bac6-df4e-4ea8-9e17-d2c2bd24a9c5
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.75 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.fastcompany.com
date: Thu, 16 Dec 2021 06:42:06 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 168
content-type: application/xml; charset=UTF-8

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame C421 168 B
358 B 353ms
353ms XHR
application/xml 146.20.132.75
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081148&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=600&height=337&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=185.232.23.181&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=0a434909-37be-489b-aab0-817c1fff31a1
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.75 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.fastcompany.com
date: Thu, 16 Dec 2021 06:42:07 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 168
content-type: application/xml; charset=UTF-8

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame C421 168 B
358 B 97ms
96ms XHR
application/xml 146.20.132.75
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081150&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=600&height=337&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=185.232.23.181&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=7e93ca4c-c89a-4830-8f7a-0f418a60bfa0
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.75 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.fastcompany.com
date: Thu, 16 Dec 2021 06:42:07 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 168
content-type: application/xml; charset=UTF-8

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame C421 0
320 B 112ms
110ms XHR
application/x-protobuf 3.13.126.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=142603
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.126.66 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-126-66.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 16 Dec 2021 06:42:09 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fastcompany.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: demo.connatix.com
URL: https://demo.connatix.com/ps/gary/assets/fastcomplA.svg

Verdicts & Comments Add Verdict or Comment

265 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

68 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.fastcompany.com/90706145	1969-12-31 23:59:59	Name: fc_rev_content Value: 1
www.fastcompany.com/90706145	1969-12-31 23:59:59	Name: X-abtest Value: a
www.fastcompany.com/magazine	1969-12-31 23:59:59	Name: X-abtest Value: a
www.fastcompany.com/	1970-01-19 23:27:16	Name: fastlygeo Value: Frankfurt Am Main:Germany:60326:185.232.23.181
www.fastcompany.com/	1970-01-19 23:28:43	Name: geodata Value: Frankfurt Am Main:Germany:60326:185.232.23.181
.fastcompany.com/	1970-01-20 16:58:28	Name: _ga Value: GA1.2.228701361.1639636917
.fastcompany.com/	1970-01-19 23:28:43	Name: _gid Value: GA1.2.9653619.1639636917
.fastcompany.com/	1970-01-19 23:27:16	Name: _gat Value: 1
.fastcompany.com/	1970-01-19 23:27:16	Name: _gat_rollup Value: 1
.scorecardresearch.com/	1970-01-20 16:44:04	Name: UID Value: 1UBB8BLAUEJ9V5XLPVYRGOg1639636917
.demdex.net/	1970-01-20 03:46:28	Name: demdex Value: 43467505268114911281011497352994340986
.fastcompany.com/	1969-12-31 23:59:59	Name: AMCVS_283B366E5AFAA4490A495E0C%40AdobeOrg Value: 1
.fastcompany.com/	1969-12-31 23:59:59	Name: s_plt Value: NaN
.fastcompany.com/	1969-12-31 23:59:59	Name: s_pltp Value: undefined
.fastcompany.com/	1970-01-21 01:44:04	Name: s_dslv Value: 1639636917566
.everesttech.net/	1970-01-20 08:12:52	Name: everest_g_v2 Value: g_surferid~YbrftQAAAFKhbQO1
www.fastcompany.com/	1970-01-19 23:28:43	Name: abgroup Value: 13
www.fastcompany.com/	1970-01-19 23:28:43	Name: alreadySeenRightRailPlayer Value: 1
.fastcompany.com/	1970-01-20 00:10:28	Name: s_cmp Value: unspecified
.fastcompany.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.fastcompany.com/	1970-01-20 01:36:52	Name: _fbp Value: fb.1.1639636917873.1839813914
.fastcompany.com/	1969-12-31 23:59:59	Name: s_campaign Value: rss
.fastcompany.com/	1970-01-21 19:16:43	Name: s_cpm Value: %5B%5B'rss'%2C'1639636917894'%5D%5D
.fastcompany.com/	1969-12-31 23:59:59	Name: s_nr Value: 1639636917894-New
.fastcompany.com/	1970-01-19 23:49:55	Name: s_vnum Value: 1640995200895%26vn%3D1
.fastcompany.com/	1970-01-19 23:27:18	Name: s_invisit Value: true
.fastcompany.com/	1970-01-21 01:44:04	Name: s_lv Value: 1639636917895
.fastcompany.com/	1970-01-19 23:27:18	Name: s_lv_s Value: First%20Visit
.fastcompany.com/	1970-01-19 23:27:18	Name: gpv_p12 Value: https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas
.fastcompany.com/	1969-12-31 23:59:59	Name: s_sq Value: %5B%5BB%5D%5D
.facebook.com/	1970-01-20 01:36:52	Name: fr Value: 0H7CbEjwhuDj6lnwR..Bhut-1...1.0.Bhut-1.
.dpm.demdex.net/	1970-01-20 03:46:28	Name: dpm Value: 43467505268114911281011497352994340986
.2o7.net/	1970-01-20 16:58:28	Name: s_vi_hefalinx7Cx7Blx60x7Fx7Dx60k Value: [CS]v4\|30DD6FDB74DF8352-600008C18059604A\|61BADFB5[CE]
.fastcompany.com/	1970-01-20 16:58:28	Name: AMCV_283B366E5AFAA4490A495E0C%40AdobeOrg Value: -2121179033%7CMCIDTS%7C18978%7CMCMID%7C43773153765825536941073005484851624732%7CMCAAMLH-1640241717%7C6%7CMCAAMB-1640241717%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1639644117s%7CNONE%7CMCSYNCSOP%7C411-18985%7CvVersion%7C5.3.0
.fastcompany.com/	1970-01-19 23:27:18	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp%22%2C%22sref%22:%22%22%2C%22sts%22:1639636918075%2C%22slts%22:0}
.fastcompany.com/	1970-01-20 08:56:40	Name: _parsely_visitor Value: {%22id%22:%22pid=55008e63bd27abfeccc0596c68c8f029%22%2C%22session_count%22:1%2C%22last_session_ts%22:1639636918075}
.twitter.com/	1970-01-20 16:58:28	Name: personalization_id Value: "v1_Ldc6jzaZdQgvNIk0HbZyfw=="
www.fastcompany.com/	1970-01-19 23:27:17	Name: __adblocker Value: false
.fastcompany.com/	1970-01-20 01:36:52	Name: _gcl_au Value: 1.1.209208355.1639636918
.fastcompany.com/	1970-01-19 23:27:18	Name: kw.session_ts Value: 1639636918355
.fastcompany.com/	1970-01-19 23:28:43	Name: kw.pv_session Value: 1
social.fastcompany.com/	1970-01-19 23:27:17	Name: AWSELB Value: D54D83371CA73269B30D9CD8F7A2329AB776287862FFD8DC0100DB03DE8A35C665837989736DA99D85F4A16FE11EE70927763121F82C2C8186C3B0A6012E04DE7F8C575D31
social.fastcompany.com/	1970-01-19 23:27:17	Name: AWSELBCORS Value: D54D83371CA73269B30D9CD8F7A2329AB776287862FFD8DC0100DB03DE8A35C665837989736DA99D85F4A16FE11EE70927763121F82C2C8186C3B0A6012E04DE7F8C575D31
social.fastcompany.com/	1970-01-19 23:28:39	Name: __cflb Value: 02DiuGRV1Xaj36rT8MFvx6QWTKLZYBsAnghBm23yHiHdv
.fastcompany.com/	1970-01-20 08:12:52	Name: _pin_unauth Value: dWlkPVptRTBaREJrTUdRdE9XWXlOQzAwWmpOakxUZ3hNR1l0Wm1WaU5UTTRNRFpoWmpoaQ
.fastcompany.com/	1970-01-20 08:48:52	Name: cmp-data Value: . . 9149f9c4-8804-41f7-b726-55399b0fcd38
.fastcompany.com/	1970-01-19 23:27:18	Name: _sp_ses.609d Value: *
.fastcompany.com/	1970-01-20 08:48:52	Name: _sp_id.609d Value: 579f1021-5105-4f59-8e3c-82604c1fcc2b.1639636919.1.1639636919.1639636919.d97cd89f-fc54-4097-b877-289600e7ff2d
www.fastcompany.com/	1970-01-20 01:36:52	Name: __pnahc Value: 0
.doubleclick.net/	1970-01-20 08:48:52	Name: IDE Value: AHWqTUkZqo3KIYZMS_amr8_YCZ2-fxjChO_Mqbg19rpo042bgs7xajEkmufO57cb
.piano.io/	1970-01-19 23:27:18	Name: __cf_bm Value: _sslz6DJ32l61.6twy6h1OnSW2NBgvCtjCQNh76Y5sw-1639636918-0-AYmsT6vwnxm4FmdEaAXaId9isfvJ1RFdkXw/gnxNAS7JaoPEt488nT2LImFABd+o/8Pwr3RvIdahhieIGIy31Ms=
.fastcompany.com/	1970-01-20 16:58:28	Name: __tbc Value: %7Bkpbx%7D6fVSWHkE2QIVbCYyXAtX9glwxxQ-G1p9Ywy9o5n01Hg
.fastcompany.com/	1970-01-20 16:58:28	Name: cX_P Value: kx8lhj12msycxfaj
.fastcompany.com/	1970-01-20 00:10:28	Name: __pat Value: -18000000
.fastcompany.com/	1970-01-19 23:28:43	Name: __pvi Value: %7B%22id%22%3A%22v-kx8lhj15xszuaj7b%22%2C%22domain%22%3A%22.fastcompany.com%22%2C%22time%22%3A1639636919182%7D
.fastcompany.com/	1970-01-20 16:58:28	Name: xbc Value: %7Bkpbx%7DsKRI0PZ12PRh8zf87ZzEVUfE-PRmCIFgIPMUZV3SPCWoOyHCmeevnH7C7uNQt152rU3zXIfcpuxxzCvLMWH-lm6YpzBbT7WusK36WB8L355ksOJ-V2OvT_3pyFSceOfXB-CRrxX7l4UHtmKsIOdTNq8xPFZORXcgTViUjANtcKoLX_HnRp-OPj1wIEZPDMmWBN7ITheK-lOKoIpEycd4JJL6M0wB3uC5JCDJkROm03i3SnHa4tAb93m3bttX3JuOf0_OGndlYtacXwyKt17gQGZWD2SyzKYVwoFD6IWPUFU3Ctbdkg2yyP6uOxuy9-cE
.fastcompany.com/	1969-12-31 23:59:59	Name: cX_S Value: kx8lhjz0b3t4l0wh
.cxense.com/	1970-01-20 08:12:52	Name: gckp Value: 2xa49gn3pelgb14jmddqbthf30
.fastcompany.com/	1970-01-19 23:28:43	Name: cX_T Value: kx8lhkezxsneq7qv
.fastcompany.com/	1970-01-20 08:12:52	Name: cX_G Value: cx%3A1v270e45z9ion3nq69qh1m3idh%3A1rbq576bvixco
www.fastcompany.com/	1969-12-31 23:59:59	Name: X-abtest Value: b
.fastcompany.com/	1969-12-31 23:59:59	Name: s_ppv Value: -%2C14%2C14%2C1200
www.fastcompany.com/	1970-01-20 08:56:04	Name: _cb_ls Value: 1
www.fastcompany.com/	1970-01-20 08:56:04	Name: _cb Value: DL83nXTgMFuwSFY9
www.fastcompany.com/	1970-01-20 08:56:04	Name: _chartbeat2 Value: .1639636920730.1639636920730.1.DuOGOhD7guKxCt3RyXCv4cNtDG4LFL.1
www.fastcompany.com/	1970-01-19 23:27:18	Name: _cb_svref Value: null
www.fastcompany.com/	1969-12-31 23:59:59	Name: QSI_HistorySession Value: https%3A%2F%2Fwww.fastcompany.com%2F90706145%2Fkronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas%3Fpartner%3Drss%26amp~1639636920914
www.pinterest.de/	1970-01-20 08:05:40	Name: _pinterest_sess Value: TWc9PSY2eDBpNWIyK0JxSVVvakVOb1gxSnliYmljYUZueUJSNXc1TXpQYVVRUkk1RHA3SWdrVENmK0V3cE56QmszOEZCOHh6Rk1HT2pXYSs3bDFEODJuaUxzTWVKS1NjR2RNVEZVWmY4QkFrVzVaWXlseGlGbFdaeGNnbGNIMUc2UzJ6ViZWamcxWi9TVnBqRFNYYVFGdzVPNWVFR0VhZXc9

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://free-geo-ip.p.rapidapi.com/json/185.232.23.181 Message: Failed to load resource: the server responded with a status of 429 (Too Many Requests)
network	error	URL: https://demo.connatix.com/ps/gary/assets/fastcomplA.svg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-a1b88377469e799454bea18950bb4e7e' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
javascript	warning	URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp Message: The resource https://images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/CentraNo2-Web/Book-Italic/CentraNo2-BookItalic.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.fastcompany.com/90706145/kronos-ransomware-attack-the-nightmare-that-could-hit-paychecks-right-before-christmas?partner=rss&amp Message: The resource https://images.fastcompany.net/multisite_files/fastcompany/static/sites/fonts/201010/CentraNo2-Web/Bold/CentraNo2-Bold.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

972240864.privacysandbox.googleadservices.com
ac.realvu.net
ad.doubleclick.net
analytics.twitter.com
api.conversant.mgr.consensu.org
api.ipify.org
api.parsely.com
api.tinypass.com
assets-jpcust.jwpsrv.com
assets.adobedtm.com
assets.fastcompany.com
be.durationmedia.net
buy.tinypass.com
c.amazon-adsystem.com
c2.piano.io
capi.connatix.com
cd.connatix.com
cdn.conversant.mgr.consensu.org
cdn.cxense.com
cdn.jwplayer.com
cdn.keywee.co
cdn.parsely.com
cdn.polyfill.io
cdn.tinypass.com
cdnjs.cloudflare.com
cds.connatix.com
cm.everesttech.net
comcluster.cxense.com
connect.facebook.net
content.jwplatform.com
creative-services.ceros.com
ct.pinterest.com
d1z2jf7jlzjs58.cloudfront.net
d2qhg50jab93jy.cloudfront.net
d2t7a3zbo166a9.cloudfront.net
d3aiy6aqoa3ykz.cloudfront.net
demo.connatix.com
dpm.demdex.net
drlimmode9ddd.cloudfront.net
entitlements.jwplayer.com
fc-api.fastcompany.com
free-geo-ip.p.rapidapi.com
geo.moatads.com
googleads.g.doubleclick.net
grunerandjahr.112.2o7.net
id.cxense.com
images.fastcompany.com
images.fastcompany.net
imasdk.googleapis.com
img.connatix.com
jsapi.lightboxcdn.com
lightboxapi.azurewebsites.net
mansueto.demdex.net
mb.moatads.com
ml314.com
p.skimresources.com
p1.parsely.com
p1cluster.cxense.com
pagead2.googlesyndication.com
ping-meta-prd.jwpltx.com
ping.chartbeat.net
pixel.keywee.co
platform.instagram.com
platform.twitter.com
prd.jwpltx.com
proc.ad.cpe.dotomi.com
r.skimresources.com
s.pinimg.com
s.skimresources.com
s0.2mdn.net
s3.amazonaws.com
sb.scorecardresearch.com
secure-us.imrworldwide.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
siteintercept.qualtrics.com
social.fastcompany.com
ssl.p.jwpcdn.com
ssp.lkqd.net
static.ads-twitter.com
static.chartbeat.com
stats.g.doubleclick.net
syndication.twitter.com
t.co
t.skimresources.com
tag.durationmedia.net
tagan.adlightning.com
tpc.googlesyndication.com
units.knotch.it
vid.connatix.com
videos-cloudflare.jwpsrv.com
view.ceros.com
www.dianomi.com
www.facebook.com
www.fastcompany.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.inc.com
www.instagram.com
www.knotch-cdn.com
www.lightboxcdn.com
www.npttech.com
www.pinterest.com
www.pinterest.de
www.queryly.com
z.moatads.com
zn2t6mdnujruus8jh-inc.siteintercept.qualtrics.com
demo.connatix.com
104.17.209.240
104.18.22.230
104.244.42.133
104.244.42.136
104.244.42.67
104.89.31.187
104.92.84.47
108.156.253.64
13.225.87.127
13.32.121.37
142.250.184.230
142.250.185.162
142.250.186.66
143.204.101.156
146.20.132.75
15.188.95.229
151.101.1.54
151.101.12.157
151.101.129.54
151.101.130.137
151.101.194.137
151.101.2.51
151.101.64.233
151.139.128.11
152.199.22.243
172.217.16.130
178.63.12.208
18.169.85.185
18.170.183.138
18.66.100.58
18.66.92.228
2.21.141.169
2.21.143.57
20.40.202.0
2600:9000:214f:3400:1:a3fa:7cc0:93a1
2600:9000:2156:0:1:a3fa:7cc0:93a1
2600:9000:2156:1a00:12:1bcc:1d00:93a1
2600:9000:2156:e200:10:ce97:9fc0:93a1
2600:9000:224a:3600:1d:1e33:7c40:21
2600:9000:2315:4200:e:ec66:e40:93a1
2600:9000:2315:5400:c:d8a6:21c0:93a1
2600:9000:2315:5800:18:1fcd:34f:cdc1
2600:9000:2315:6400:6:21a6:f4c0:21
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:20::ac43:497c
2606:4700:3037::6815:3c3f
2606:4700::6810:125e
2606:4700::6810:4fa5
2606:4700::6810:f015
2606:4700::6811:b9b1
2606:4700::6811:bab1
2606:4700::6812:da5
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2004
2a00:1450:4001:812::2006
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2001
2a00:1450:400c:c08::9b
2a02:26f0:fb:59e::1e80
2a02:26f0:fb:59f::268b
2a02:26f0:fb:5ae::1931
2a02:fa8:8806:12::1460
2a02:fa8:8806:16::1400
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
2a03:2880:f207:e5:face:b00c:0:4420
2a03:2880:f21c:80c4:face:b00c:0:43fe
2a04:4e42:400::626
2a04:4e42:600::626
2a04:4e42::282
3.13.126.66
3.215.137.103
3.220.57.224
34.248.191.66
34.252.195.31
35.190.59.101
35.190.91.160
35.201.67.47
46.137.57.74
52.208.138.90
52.216.98.141
52.22.141.132
52.222.210.175
52.59.69.103
54.144.144.142
54.163.236.63
54.167.42.48
54.174.97.254
54.72.156.114
0020ace5cc6cfb1333a18cffc7532d6cebdb75cfddf5607c2fede40bb197df24
02b352824377739a1ae6fdc69c19774054cc572448dca3a06c2497c1b028180c
04ce69066b1426bdb1a9c79f25e86870342306a2352d05ee86a8cd658fb99f51
04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a
04ee592de36575143670e03824879ef74a55720cf92171df134c5aaa6dcaced9
05fff02bcfa80ee305d36c3556f20e6eca76141e9390dfb61d3246400568ba33
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4
084e20df6f5b1d9852ae7794dab6db7a1bc2633287d820e90cfc282a72dc31ac
0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080
09112ca1f79cebdb30fd298aeb0f6affbff3c2d2e548b830c6fb4755921a8f76
0b34ab9037ad0d7d67f507acf2156d95f911382bcfde0e59175a704eab1add5a
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0d910cc1aa24413aaeef9f2cb52c3ed8bc4a06e823fc1d2d26f75667a0233764
0e8bf134f3868616881452cad899021e5aae5a5d9e728324eb4506c7dc424828
0e96a539eaf05d960e765d377db10a4381a180cb201dc905a3d4f6a7d9c4c661
0f1936f887184f37f43aec0e2e6277b4c999aebde238ae93b4e1bb1b1dfea707
0fc3dd4a29a22dfb44f078d97d85e3df9d626105550239f400ee32a1dfa4f7b7
10aa7853732b18c8a5e1c46509e4ffc6b752a18c367757c044b538eded6044ce
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
119c17d1fc971f9250f4867fe2eb6c2da602f2dab1d3557bc78be3efa0adb2d9
144d53d3d034b437de8514a316f211d0a2fa7ee4ac7842394dc270c949215d97
173aa697b5696d2d58c26114ef58ea6180a33b1d444b5fca5bb0c19a82decf2b
18244ab08ac080e428ca151788a08492296b5672d885dd3c4e0f62bb737d5cf1
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1985f7727c8c14d80cad31fe03f8e115c2e980040a595c894f8fbbf69658a064
19bff1a7a5abfbd9127f95b602b1e1caeb6782a77597b17463a4ffea812eb403
1ba0a6c58a2b1914e0bc588b8cfe1fcfee3b51ea11c4bf7ac5dc4f66ad48d75a
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
2013bf4a84e0a09119fb94df8a6055b10bb55520bc996bc63519de8c3af1e86d
2025033864defb543e70d082629f7e59b2a86a4c0a36e2b5638f025c2be6b7b9
2150d0e1dc93b352796ad2a03a1cbd48e258e0efc44a3a43e0e57506e785fd2c
2477320837bb15f65124dbcc523a400df4a3cbbf586ecfad1f8a58372d7ac26a
2504606d5870ebefbe9361b2ba7ef265cf1ce3ad28965c91435493c73f7c3dc8
267d1daed09d9ecec5f1e21bb6fe93e6eb9b65a051b7c07e966dfcda10f9e812
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2c77d01f048b0e2fbeab1557101343957924bb60bdd9a19004cb9a915145170a
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2d99dbafa328518f87ca52cd9fd06b7a444acd2315dfaa402ce0e1c63ce428a0
2e33c28371543f0fcdb299d4c23e5a1ec87bc8f2a198944c4e02a08dd10a4231
2ffef22f04fdd1d2f7380e3f54a10f0b74de79f7dc9595ada8181632fd0e40ca
32accb55c11f5745dba3ad33994c2febbe97be7d55e491d9b6b91e71e00b1b9f
33a64b60a92b6ec76f8f209c28b536284978a302b4596eb87ccfe4f1e48e7b2e
34ad786096dc693e86a852d74e29a4ba7b796ec21a49bb589187cb0f2c0ab16c
370ab412490c9d807dc8641572963b1047194a4bc9b073adf56fbc14cae11b19
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
384a39e0380c9c721bb3f374d252d34ceb2d7ebcd562c180eeb5b84a3b54d3b9
39cc3f53df6e273de753410b354b790e9a6ede61a639e8b714869d211508f902
3a10332bd53b68134ef87252e79e7cb2046b1be8eb3030b61d0e47b7ce203c18
3a1ddbfd88621418b7eead664309c12b9ca05607f2f6bec0cebda9b316b3d9f2
3aa3d911a5f9781f1d29ca70ab2be76b2b8dccda8a17be68af79b60f1d4f1329
3c715b5829390cff20595181b32ff48bb400dc86119a5ad4a6e75201d1838026
3cd06c630775fb5a815578075b1a03abdd58815e8cc528a4df56cfd355ec090e
3f3618e20a8fd48c0843bf88807795b94e28be687e76234ef87e9a340ad92a6e
3f447d8667e1a68ac5a90e45cf37489c3879ac1b4b1e0dc2e81b8762fd0b711f
4083e9808132911da3e13c3b41e7d6647c7998b0af19d90550f64addf41a491b
424b6a2db407e4ddc198fefe5dfe184903376f35989053c2db84358652f8d957
42f1ae0c5a003efd71612bc59cabb0bfdf32d8ff1b24383d9f28a11207971343
450878a2db3b385251b0b7e436ac7d2898ef05fc8dc27cfbdac0e41f392b330c
45c832f7484b64738dc321cf9c20955e64d67628c54b7e4fe6c11e106ea77757
4645c485d2785dfdbb86aaaf6efcdb9970cc1568950d8dd2cae26b0fd37ec737
467cb0d9156a3f6a25c0d3519c19dea339119641e21630a939ca14bc034350c6
46d178543a800f514259152952beaaecfc96437763783e9bb9c36185ecb90e32
477f8ef505240318ae75eaa55725cb9bb805d8ea636fb1b3152f0a40bfcaccce
4788aa41e5c2baf4838e97c2be52a34ff91e535da3d352847ae0d3c1ec9cdcb3
484826141337d13f2cd7d5c95a33605036d798dec9e68683a8aad795fd0f9639
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4a686d1abaacdaa9e66f978957087d85e258991489779b45044f8f3963d0c850
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4de104a1863c3e4e945714f8180f45c1bd0c383042789fc4cdf8a005f35f04c0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef1fe8dcbac5137a6f0805540acc2ad2d3561167bcae4787d8fac78c2f5dd8a
5073515759e15bf3d3e3fcfa1883033cfb72dabdfbaaad718809b83c8abf8079
50dd3d6104eaa4aa6bc655ff90274b508692f271a5fdc954b3ac7019df82eaed
51c466ccb2b6365a202b44703a989141e71251908b9a20ae63db11deba0a98fb
53862e0c3c6ef724c494f14972d4555ea46fe9dfac9ff6e1493c9440e5df945f
53bc15d5e085d9bb7c77dae8427c4d064a6db1d1211d91b8084eda4254e39903
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
5748291ce8dc252f2f7b80c774cd824d1bed00c3c58663629bb93aaa1c3f2337
5881f3e5b36e8abadf24c4fc74377c4fb03f4c278fa4f0e66671a621d92f5169
5ba0f2022f490b82e8846c382d8baea3f102cbddbb7506bb079600866f6d56d0
5d7c1a27f7feeb7edb36a42a4fa496fdcebb30bf5d6868be17c07e821f19ac9d
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5ded7bf92e0da0cdd6a12d9d855ef927cc321b27f6d53c904383561335795e0c
5e8c8ffd8af3bb33a7579885bee66e7a4c0549e9d87883c362694518ca072c31
5ea536e4e260be6d01bf51e11faf0b761716136fc1663dc45218453cdef94a65
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
61ec8804e682ece9118faca78152eb762eb7340be4647e291b68a393d969af3f
62dd62394456b7f3050a27311761abd491106c02a2bfaaeb561ec6c82c4520af
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
6351ed96f1727d7984f6b2389720effdce8e2a78b185929f580fa154e3b2e85d
639bbd25ee29fa8b65971327d4f0d97bd57d975998d78053db3a3e8e44307718
6a3187faa5db2e775c2e66b02056783833e2b5378efd3f396f7595dba1065010
6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab
6c92242764e39944f89698647d2760246377b5020c7a81b3e9e5db5c52eabe14
6dbfba471ede6d5d286947ae471abb02656ff5cc5f69374dd133ed2ba11e86c3
6f62f7762294908df4b510b0cc7e823640409c84d23aa8b798e12d8e8197be9f
6fc83f31b584dfdb7ce5ae4e0adb760008834348e95e6804dec6acfb24a21191
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
707f8a3c7623661747582ec16c56b95c7d9e4f0f77a62627e5114a16fcb00827
71a06ca90d4fe76a7b92430e6567711b8bb5f3f9e5b27c916b5ceb29ff8e9389
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
72a24849a385cc8c2e75bcd6a6cd2530d7d867ee28ae27aa89cd5b48f7403e8f
74635c9214796b900969a5efa786955bfff2b899d53c12da3a8c4e088f97bd5a
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
761d1eaef904bebf25aadd2a9a26971cca7e0595f10f31a3d330a513228f82d6
77226f2ff650ca5ca2b5a8c78758e5ae4114dee7b11731cd8b92af0d6b63dc1f
772cbabbc7654aca3db915e20446d13962391d785bc78c7d1aa50fc2a0a0d59c
77f223c2e54ef5c59d84f41a22f6aba61255453b43688d81b7178d1a03ae1a2a
78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c
7b16b9f24db05d01943c33166e92aa38382e53d5daa6c1859ae7aa81cf7e6c45
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ce3f47f9e89b0598a5a17e88ed0557efd817e73a9d3982b61ff6626cd65a2d2
7cf06aecbdd2c3a947b2dcd72fb12c481a92866dfe713da21c873d558ab39d14
7d1ccc3d49e43ed061df2d38f09b6156238caaefeb61baaf75d7304f633e5f16
7f0eb1cee4526013019d0eddaf6d222722f6b1684cd6ac01cf886703d04e7a97
7f43afa4e70ae8c2ebf2e05c8a93418a2be21c03d7d6a4d07c3449af23c04db7
7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68
7fb034e3a989e7668e46fe1c8850622a25934eee36976c0bc4a83c64d0a8289a
8066e30e9e07f313993a4abb31e0734e5ff9a585bbd999e8ea6c403c91027181
82e4f86a43576249efada40f31531090ffcaec7bcacfb8fbf5dde25af5574163
82e587ecca54057eabad78bed2d89c2fb8f4118c3504e6f096215cb72868913e
8334e5eb7851550868428f192dd7d9f10d7b513381d8bb3f5606774bc78c3976
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d12e1cb5a998b420c95a66450358827f359008775541d0800211911727addb
849ab478cc6251ce0b7def90bd0f6dbe04058cdf6ad7344191eeac29e4aa930f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
876afcaae2b9884eea5c0ca8ecd653839557d63be7820f0b48e5f854dc4aa1d1
878227787bfdfdc233209277b711325be189981949e62797f2b8413f1931c261
878f9629253a810cfdecd0871d3894dbedb835c417db3d0fc5ed8436965c8540
87bb06da8eea788a075fc009fbbaa37c1ea444bb52b5bb542da45f5bce976731
8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579
8c50937ee5190c53fa7106a2b25714386f2fb1457598ac2b60fd25f7a6a24eea
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8e060eb764ea2f0e7faef729610d369184becf17a12c1b0bb0cf6a9d2920a323
8e922b797126b6140522c86033ac028e99d27dbaacaf573904e0b2b3baae2649
8e94355ffe67ac6ed4fb5de61e6d269c7f0ce3fe745c33773cf0eff433575e6b
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec
8f97f7aa4ee00194377f6cf4ca87aba18f52027af5bed7b947811ab204b8dcda
8fe374513f376ded47b934cc6e453539ad6b1f771e1e123ff11d571e789708b8
902392e95509fee85fa0995b14e3683621a471bec2e7554daaa3e8ab4626d43f
909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef
9111f9606fe5e014690ea24dea49de57bbd16dbd8ce99cfcd465f0d7321fb808
919428179d9276eb014bf47ab8bff6d5e43fd362b0abc88b85a76ade5eac99e2
923257274e76e65d81e65879aae56392ded66f7e15d4eeaa4e0523db2969ad5b
92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7
9329412a9f44aea1afa78563546eb3623d5a61b33272b6e43362516a1caa485d
945671d4dc34e18afb114fdc5387ec23addcb6d92a6ca15c74479f99c9f3dd94
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
9903035e5b61b366e5709819a66349add4a4d132af460c00dc37babc30774ebb
99282042d21ad8f22797fd37b4fa6a9d8b0adc6365a06a188baa01fcd175de3a
99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c
99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c
9a843aa01c914500ec866109398a5c446255838498cfe31d163479335a2442c0
9d8ccbf853c0a98db0c4d2f2ba86fd690e0510c7855a26a1fc9d5d10b7f08713
9dfcafa083485c01a903ced1e72b267a508cbd7da22dc06a5c091ae36f2e1418
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
9f6f94fe76b0cc361818bc69213bbdc769982647c1975d4a99c1f17dde0ea961
9f976f76688d755b7d352e1fd777662af17c6ef501b1143275a8ead5459a026f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2d6d6de0c610c85579b1b439c2e85e998969fb733d131c8243a510ca8726abd
a33c39403b15863c22c619d7c8ba08dd686f5dc3214bec6cf9ae4b103b840682
a3fc71af1dc8855d8ac82c0ab0ab91b162b3ffbdee5cb8aa2c678fe331405357
a5fa53c31459756c4d73ba15abedd5d78ef3022b0732452ea9dc78dc92d6bd3f
a868a5c4db6f206094ece9d0f9b3bb8908920ce909d73278279f3843e4c27a2d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af96801b451f5e7078e2f969011795d23ee174f079520501d3d2850fecf5288d
b07d3bc08d7ec6e2f2580be298a0574b6e5ac937e68a9331e889aae9b10421b2
b1b40b4b083694a7d1680ca1f0a8b0445b6dc2776b4c48dc714c6e72aacbb0af
b2084f172586e0a07307967e63615559b34e65b5fa264587166343697552f1a5
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b3d58e30ccc8549f75e0cc5fcd1f35248f459d73359b56f53cc0095c5e00730f
b4a37fbc523c7b181e6e9a1afadb954ee3ad520e0538f89680e72e039206ee16
b65e2c361992e64267b997f2aa7776c6dc4b0fd427c7150f3cd04d2f46221c67
b6dec834c1c03ff6f6cbb720d09a412c3211ad759e39576477eaca9b066ff851
b96913ee642ed37a800d85bf41ea8a92b4d5934360603b1dc302a867451697cc
ba9ce492eafa027648fdb3b662aa72b2cb15c7dc3287678a5f0e1b54b807bdd4
be5f07f0b4c829715935e54834fe1e5ee4413f7c171d489f2456cec18d71e489
bfc47e7561c0c274ea616bcb3582cd40fa5484dfe09fed5255e4a6bee2f6bc07
c196c5f92d3821aadb1442dc481525f46a2fc03bdd856d097bf5b20f2c563a03
c2e9feba2a57131591142d0e7be1ee1f1defe7477b0de74a207c0daeb245f7be
c3b201a34cad7b7b9f6afc76ab11e7ca5a9aae4e136c7445b99e93458d94265e
c3ba0bcc847fcf19468f2cc2ec493d2ba7a6cdd0c509dad5af877b5706057565
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c91c8973b457262e8de72498e2c1b39d2b4d904368e7717fcec1310ab0693326
c9c2eaac0a12a5a54dc7459ff078654c60656a5a45a7154d3a62294a4c0667d6
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc7e94d1223f1505655b924e597b7d93a725fb0de3ae49e851c17379d232c67b
cd80ae8e3e2bda63c74d0584cc96aa28d5a54b7a7384ff046ed4082c3d642f6f
cd868fcc6e653b89958a2e3d372f5139b22e7721fcffa0a4e3ad60176cc68580
ce737bc0ae08bd805e99ad0fb794c078ed678826636e6f20daa613c386bcfc04
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d08193db830aa9971dba641bea506d3ca9f8f8dde6ca83ccbe88e18806020812
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d137349d6e17a001bc98e160a8114b7eefeb5bf7018082cfb0c15b96339e0503
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2
d2d79864ba5afbbf1316cff0cb537f5443e5ef26dee365c4c12f04c6e02c454f
d331ded8cd529e1c897ac702577f7d6b75cf2ce508627013c34f8d86da42c082
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
d4129cca4034a52a3eae45fc5517043d9350ff759a0bc6d4756c0ed327bcfbcc
d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57
d7cd09b590143e055a2a0bbfa2b87359e72b419db9f29ecdf3e946fc08c74a56
d7f2ca5ad362d47c3237c7337f3daac30acb6b900d070351bfdf1ff42deac1c3
db87e6a84cc7c7ee2ffff2e15d5012b2d3328ea3ca8fd27e3f2d351af21c0ee3
dce3f04c40d165d746da68219b6a756a1783fefe4038567d78cf4b55dae5409f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd17bd5ed9ad3ebbfae67464ab692a79b0f507dc7b52fa40e0975f2f9e30472d
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
debaef3c6a8ac393b781f40ea63a1ab0007f7fe4473256eb74d8ba63c38b2e15
defe772a52ed234ec2b397460c65d7fd148025e90885f0043e588e56f45830ad
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e22558a838b33908a6db45eeeb1ed53ba63149f786312b4bacc60a4a49447a64
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e326899a53e5d0f9a15201377e21f413a843b691f6c0004a8a06915efacda4b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5dc10664c94f8923a14174aaa4bfb412484529559de7f51e78651f1896b50a7
e768d870a80aed948c7337e11b69d0271632d86c921eed81e033e23daa9de3a3
e8e948b01f4bd12d7a0097908e78e786a0b8c33c00c8bdedd13bc9c4d18f006d
e97f4cc64ea113bf42adddcce7dd58977fbcdba7783a0227d3a44ddbd89aad0c
eb5d2dd8a63792c1cd2925f4c8131f3e1826e36d07a48b45f67113f3caf68b9a
eb610907af4023a24a8d68558c6b858b3943ad1d9e0fb8df8ba1d3e913fbe64e
ebf673755129d06ecaef7ada40d2b4209f3ae4bf0a24985ef65f0a98335d698a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc
efca4fc416b47b9a37a89f2214b3e54c1834f2d8da355a9085b7a66617005c36
f07e74aee534e55d927bede6c3f6abccc67e0df30aac622e8c61ef6abbfcdb71
f0b2aeea3b76afb2d3ef70a7968e7876aeffbbb81f2ac7888547ab4e2074cde0
f38a7449aba5c1605ffb3f562f1dd4716bb30db1c756a6935b04eaa7a760ed79
f39f5a2b61aea2db3244384a3f02be6830fb34b924538452856aa6c53b7ae5bf
f3fb6ccf49f718973e0c4d43d947358d59d6b34f828318798021c7037491502d
f5963533d46b4f1202b00bdcb2bb29270b1b55b4b9184d4552c290eb1c30c713
f5fa155d6255d27071255802f89607b32018e797ee5a10c579b8654a11c36a2c
f655529a1d53231155a57b23b15cdaf5456ee6edccc27c6c81bac9ce31901faf
f677d6b770cd4f5e28fad6423f762295f2f04eb84b23df1ea9b37af3d07b6a36
f75439b2b51856c6cd66d6d171767fdc7acebf2d96eb6a3ee9be3425c6cc087a
f77fc2275db072e63c3b8894fc36002ed4416d40bc0da51b862ccde23aba8970
f7bc5730a55033b849c530009d4190549acbd768efafa83c8c43af83a1519604
f9debc82c2703c79907ee189ca1404abee05651130549d37eae1a5d088e12614
fa4cad0b6e7e499ae3d6bf4d255c8a7fc1845b25a4ac3380f5c595ae1f07861e
faf61edbc219208b68122c7c9ca8c3c6ebd70e80e3df10d5b3bd6bba3e685a16
fb5a084db3cf3d8159d8d77657d3b8c235a69f60ab78b3cc0008167e8b870354
fb8b0b368f77ad52f888b50575c415e1807efeae70f4ee1f38e5606319bc5b02
fb954c0d1e6aa7e64cee452d5e6489704c907ef80ae59743d3a5fc8a5f038ecb
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd04a2d27eb8170902ec7da50b59db514132d90f9089743c72cf9352300bfb1f
ff72c6d1568d54f75bfba54d4279603d4d930489aa83f6e494a6c9e5ff4a2280

www.fastcompany.com Open in urlscan Pro 151.101.129.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

321 Requests

95 %HTTPS

43 %IPv6

66 Domains

110 Subdomains

91 IPs

9 Countries

11473 kBTransfer

25196 kBSize

68 Cookies

23 Outgoing links

Redirected requests

321 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.fastcompany.com Open in urlscan Pro
151.101.129.54 Public Scan

Screenshot
Live screenshot

Full Image

321
Requests

95 %
HTTPS

43 %
IPv6

66
Domains

110
Subdomains

91
IPs

9
Countries

11473 kB
Transfer

25196 kB
Size

68
Cookies

321 HTTP transactions
1 data transactions