malware.wikia.org Open in urlscan Pro
2a04:4e42:400::194 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://malware.wikia.org/wiki/Sodinokibi
Submission: On May 18 via manual (May 18th 2020, 2:02:30 pm UTC) from US

Summary HTTP 106 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 16 domains to perform 106 HTTP transactions. The main IP is 2a04:4e42:400::194, located in Ascension Island and belongs to FASTLY, US. The main domain is malware.wikia.org.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on February 21st 2020. Valid for: 2 years.

This is the only time malware.wikia.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	2a04:4e42:400... 2a04:4e42:400::194	54113 (FASTLY) (FASTLY)
44	74.120.188.194 74.120.188.194	22300 (WIKIA) (WIKIA)
1	151.101.14.91 151.101.14.91	54113 (FASTLY) (FASTLY)
16	151.101.0.194 151.101.0.194	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:200... 2a04:4e42:200::194	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3038::681f:2b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:eb:... 2a02:26f0:eb:3ac::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	72.247.224.27 72.247.224.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.45.99.37 23.45.99.37	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.84.50.120 52.84.50.120	16509 (AMAZON-02) (AMAZON-02)
3	18.235.131.250 18.235.131.250	14618 (AMAZON-AES) (AMAZON-AES)
1	52.216.106.188 52.216.106.188	16509 (AMAZON-02) (AMAZON-02)
1	52.7.165.206 52.7.165.206	14618 (AMAZON-AES) (AMAZON-AES)
1	162.159.128.233 162.159.128.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
106	18

27 2a04:4e42:400::194 (Ascension Island) 1 redirects

ASN54113 (FASTLY, US)

malware.wikia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dev.wikia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 74.120.188.194 (United States)

ASN22300 (WIKIA, US)

slot1-images.wikia.nocookie.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vignette4.wikia.nocookie.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vignette.wikia.nocookie.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vignette3.wikia.nocookie.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.wikia.nocookie.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.91 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 151.101.0.194 (United States)

ASN54113 (FASTLY, US)

dev.fandom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.wikia-services.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
services.fandom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:200::194 (Ascension Island)

ASN54113 (FASTLY, US)

services.wikia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::681f:2b8 (United States)

ASN13335 (CLOUDFLARENET, US)

puu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:eb:3ac::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.247.224.27 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-224-27.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.99.37 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-45-99-37.deploy.static.akamaitechnologies.com

a17126690382.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.50.120 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-50-120.ham50.r.cloudfront.net

d2bnxibecyz4h5.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.235.131.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-131-250.compute-1.amazonaws.com

railwam.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.106.188 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

surveygizmobeacon.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.165.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-165-206.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.128.233 (None, )

ASN13335 (CLOUDFLARENET, US)

discord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	nocookie.net slot1-images.wikia.nocookie.net vignette4.wikia.nocookie.net vignette.wikia.nocookie.net vignette3.wikia.nocookie.net static.wikia.nocookie.net	546 KB
29	wikia.org malware.wikia.org services.wikia.org	200 KB
15	fandom.com dev.fandom.com services.fandom.com	161 KB
3	herokuapp.com railwam.herokuapp.com	5 KB
3	optimizely.com cdn.optimizely.com a17126690382.cdn.optimizely.com logx.optimizely.com	85 KB
2	media.net hbx.media.net	81 KB
2	gstatic.com fonts.gstatic.com	32 KB
1	discord.com discord.com
1	amazonaws.com surveygizmobeacon.s3.amazonaws.com	1 KB
1	cloudfront.net d2bnxibecyz4h5.cloudfront.net	27 KB
1	wikia-services.com beacon.wikia-services.com	531 B
1	puu.sh puu.sh
1	google-analytics.com www.google-analytics.com	18 KB
1	googletagmanager.com www.googletagmanager.com	30 KB
1	wikia.com 1 redirects dev.wikia.com	458 B
1	fastly-insights.com www.fastly-insights.com	725 B
106	16

	Domain	Requested by
27	slot1-images.wikia.nocookie.net	malware.wikia.org slot1-images.wikia.nocookie.net
26	malware.wikia.org	malware.wikia.org slot1-images.wikia.nocookie.net
14	dev.fandom.com	malware.wikia.org slot1-images.wikia.nocookie.net
12	vignette.wikia.nocookie.net	malware.wikia.org
3	railwam.herokuapp.com	slot1-images.wikia.nocookie.net
3	static.wikia.nocookie.net	malware.wikia.org
3	services.wikia.org	malware.wikia.org slot1-images.wikia.nocookie.net
2	hbx.media.net	www.googletagmanager.com hbx.media.net
2	fonts.gstatic.com	malware.wikia.org
1	discord.com	slot1-images.wikia.nocookie.net
1	services.fandom.com	malware.wikia.org
1	logx.optimizely.com	cdn.optimizely.com
1	surveygizmobeacon.s3.amazonaws.com	d2bnxibecyz4h5.cloudfront.net
1	d2bnxibecyz4h5.cloudfront.net	malware.wikia.org
1	a17126690382.cdn.optimizely.com	cdn.optimizely.com
1	cdn.optimizely.com	www.googletagmanager.com
1	beacon.wikia-services.com	slot1-images.wikia.nocookie.net
1	vignette3.wikia.nocookie.net	malware.wikia.org
1	puu.sh	slot1-images.wikia.nocookie.net
1	www.google-analytics.com	slot1-images.wikia.nocookie.net
1	www.googletagmanager.com	malware.wikia.org
1	dev.wikia.com	1 redirects
1	www.fastly-insights.com	malware.wikia.org
1	vignette4.wikia.nocookie.net	malware.wikia.org
106	24

This site contains links to these domains. Also see Links.

Domain
www.surveygizmo.com
www.wikia.org
malware.wikia.com
es.malware.wikia.com
it.malware.wikia.com
pl.malware.wikia.com
id.malware.wikia.com
ja.malware.wikia.com
zh.malware.wikia.com
vignette.wikia.nocookie.net
services.wikia.org
decryptor.top
www.fandom.com
community.fandom.com
dev.fandom.com
kenshin.fandom.com
letsgoluna.fandom.com
camilacabello.fandom.com
fandom.zendesk.com
fandom.link
bit.ly

Subject Issuer	Validity	Valid
*.wikia-services.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-02-21` - `2022-05-01`	2 years	crt.sh
*.wikia.nocookie.net DigiCert SHA2 Secure Server CA	`2020-02-19` - `2021-05-26`	a year	crt.sh
fastlyanalytics.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-19` - `2021-04-20`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-07` - `2020-10-09`	8 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2020-01-20` - `2021-03-20`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2020-03-05` - `2021-06-04`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.herokuapp.com DigiCert SHA2 High Assurance Server CA	`2017-04-19` - `2020-06-22`	3 years	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2021-03-12`	a year	crt.sh
logx.optimizely.com DigiCert SHA2 High Assurance Server CA	`2018-10-01` - `2020-10-05`	2 years	crt.sh
ssl764977.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-05-15` - `2020-11-21`	6 months	crt.sh

This page contains 3 frames:

Primary Page: https://malware.wikia.org/wiki/Sodinokibi
Frame ID: A3A91ABBA37E87FA3CDAB3129637DBFC
Requests: 108 HTTP requests in this frame

Frame: https://a17126690382.cdn.optimizely.com/client_storage/a17126690382.html
Frame ID: CDF27BDAB0BE2CB4A263B8DF656D32EE
Requests: 1 HTTP requests in this frame

Frame: https://discord.com/widget?id=538516185516474374&theme=dark&username=null
Frame ID: 5D6D60A8E8CA0D303F6829B7B10BD9AF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

MediaWiki (Wikis) Expand

Overall confidence: 100%
Detected patterns

meta generator /^MediaWiki ?(.+)$/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^MediaWiki ?(.+)$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

106
Requests

100 %
HTTPS

41 %
IPv6

16
Domains

24
Subdomains

18
IPs

5
Countries

1187 kB
Transfer

3945 kB
Size

13
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://www.surveygizmo.com/s3/5507187/29d9f4306093?contentLanguage=en&userLanguage=en&pageType=article&isCorporatePage=No&verticalName=Lifestyle&fullVerticalName=lifestyle&visitorType=New&isLoggedIn=false&cpBenefitsModalShown=false&isContributor=false&isCurrentWikiAdmin=false&&isDartGnreAdventure=false&isDartGnreAction=false&isDartGnreFantasy=false&isDartGnreRpg=false&isDartGnreScifi=false&isDartGnreOpenworld=false&isDartGnreFighting=false&isDartGnreDrama=false&isDartGnreCasual=false&isDartGnreAnime=false&isDartGnreShooter=false&isDartGnreCartoon=false&isDartGnreComedy=false&isDartGnre3rdpersonshooter=false&isDartGnreFps=false&isDartGnreHorror=false&isDartGnreDriving=false&isDartGnreSports=false
Title: Take Survey

Search URL Search Domain Scan URL

URL: https://www.wikia.org/
Title:

Search URL Search Domain Scan URL

URL: https://www.wikia.org/signin?redirect=https%3A%2F%2Fmalware.wikia.org%2Fwiki%2FSodinokibi
Title: Sign In

Search URL Search Domain Scan URL

URL: https://www.wikia.org/register?redirect=https%3A%2F%2Fmalware.wikia.org%2Fwiki%2FSodinokibi
Title: Register

Search URL Search Domain Scan URL

URL: http://malware.wikia.com/d
Title: Discussions

Search URL Search Domain Scan URL

URL: http://es.malware.wikia.com/wiki/Malware_Wiki
Title: Español

Search URL Search Domain Scan URL

URL: http://it.malware.wikia.com/wiki/Malware_Wiki
Title: Italiano

Search URL Search Domain Scan URL

URL: http://pl.malware.wikia.com/wiki/Malware_Wiki
Title: Polski

Search URL Search Domain Scan URL

URL: http://id.malware.wikia.com/wiki/Halaman_Utama
Title: Bahasa Indonesia

Search URL Search Domain Scan URL

URL: http://ja.malware.wikia.com/wiki
Title: 日本語

Search URL Search Domain Scan URL

URL: http://zh.malware.wikia.com/wiki/Malware_Wiki_%E4%B8%AD%E6%96%87
Title: 中文

Search URL Search Domain Scan URL

URL: https://vignette.wikia.nocookie.net/malware/images/a/a7/Ransom_Win32_SODINOKIBI_A2.jpg/revision/latest?cb=20190627122726
Title:

Search URL Search Domain Scan URL

URL: https://services.wikia.org/affiliate/redirect/12344/23108/disney/covisitation/direct/4?r=https%3A%2F%2Fdisneyplus.bn5x.net%2Fc%2F1947570%2F772722%2F9358%3FsubId1%3Dgeneric-de%26subId2%3Dlaunch%26subId3%3Dad-fandom%26sharedid%3Ddesktop
Title: Schaue deine liebsten Disney-Filme und -Serien, alle am selben Ort.Jetzt Kostenlos Testen

Search URL Search Domain Scan URL

URL: https://vignette.wikia.nocookie.net/malware/images/6/67/Sodinokibi-folder.jpg/revision/latest?cb=20190712141631
Title: <img src="https://vignette.wikia.nocookie.net/malware/images/6/67/Sodinokibi-folder.jpg/revision/latest/scale-to-width-down/220?cb=20190712141631" alt="Sodinokibi-folder" class="thumbimage " data-image-key="Sodinokibi-folder.jpg" data-image-name="Sodinokibi-folder.jpg" width="220" height="136" >

Search URL Search Domain Scan URL

URL: https://vignette.wikia.nocookie.net/malware/images/f/fc/Sodinokibi-wallpaper.jpg/revision/latest?cb=20190712141945
Title: <img src="https://vignette.wikia.nocookie.net/malware/images/f/fc/Sodinokibi-wallpaper.jpg/revision/latest/scale-to-width-down/220?cb=20190712141945" alt="Sodinokibi-wallpaper" class="thumbimage " data-image-key="Sodinokibi-wallpaper.jpg" data-image-name="Sodinokibi-wallpaper.jpg" width="220" height="143" >

Search URL Search Domain Scan URL

URL: http://decryptor.top/913AED0B5FE1497D
Title: http://decryptor.top/913AED0B5FE1497D

Search URL Search Domain Scan URL

URL: https://vignette.wikia.nocookie.net/malware/images/1/1d/Sodinokibi-homepage.jpg/revision/latest?cb=20190712141653
Title: <img src="https://vignette.wikia.nocookie.net/malware/images/1/1d/Sodinokibi-homepage.jpg/revision/latest/scale-to-width-down/220?cb=20190712141653" alt="Sodinokibi-homepage" class="thumbimage " data-image-key="Sodinokibi-homepage.jpg" data-image-name="Sodinokibi-homepage.jpg" width="220" height="175" >

Search URL Search Domain Scan URL

URL: https://vignette.wikia.nocookie.net/malware/images/6/6f/Sodinokibi-web1.jpg/revision/latest?cb=20190712142120
Title: <img src="https://vignette.wikia.nocookie.net/malware/images/6/6f/Sodinokibi-web1.jpg/revision/latest/scale-to-width-down/220?cb=20190712142120" alt="Sodinokibi-web1" class="thumbimage " data-image-key="Sodinokibi-web1.jpg" data-image-name="Sodinokibi-web1.jpg" width="220" height="173" >

Search URL Search Domain Scan URL

URL: https://vignette.wikia.nocookie.net/malware/images/3/3f/Sodinokibi-web2.jpg/revision/latest?cb=20190712142134
Title: <img src="https://vignette.wikia.nocookie.net/malware/images/3/3f/Sodinokibi-web2.jpg/revision/latest/scale-to-width-down/220?cb=20190712142134" alt="Sodinokibi-web2" class="thumbimage " data-image-key="Sodinokibi-web2.jpg" data-image-name="Sodinokibi-web2.jpg" width="220" height="203" >

Search URL Search Domain Scan URL

URL: https://www.fandom.com/licensing
Title: CC-BY-SA

Search URL Search Domain Scan URL

URL: https://community.fandom.com/wiki/WAM
Title: Official WAM Page

Search URL Search Domain Scan URL

URL: https://dev.fandom.com/wiki/RailWAM
Title: RailWAM

Search URL Search Domain Scan URL

URL: https://kenshin.fandom.com/wiki/Main_Page
Title: Rurouni Kenshin Wiki

Search URL Search Domain Scan URL

URL: https://letsgoluna.fandom.com/wiki/Let%27s_Go_Luna!_Wiki
Title: Let's Go Luna! Wiki

Search URL Search Domain Scan URL

URL: https://camilacabello.fandom.com/wiki/Camila_Cabello_Wiki
Title: Camila Cabello Wiki

Search URL Search Domain Scan URL

URL: https://www.fandom.com/terms-of-use
Title:

Search URL Search Domain Scan URL

URL: https://www.fandom.com/privacy-policy
Title:

Search URL Search Domain Scan URL

URL: https://fandom.zendesk.com/
Title:

Search URL Search Domain Scan URL

URL: https://community.fandom.com/wiki/Help:Contents
Title:

Search URL Search Domain Scan URL

URL: https://fandom.link/FandomWikis
Title: Follow Fandom Wikis on Twitter

Search URL Search Domain Scan URL

URL: http://bit.ly/31KuElR
Title: JokeyPsych

Search URL Search Domain Scan URL

URL: https://bit.ly/EndgameHT
Title: EndgameHonest

Search URL Search Domain Scan URL

URL: https://fandom.link/NeverSurrender
Title: GalaxyQuest

Search URL Search Domain Scan URL

URL: https://www.fandom.com/partner-list
Title: Partner List

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://dev.wikia.com/load.php?mode=articles&articles=u:dev:MediaWiki:RectangularButtons/code.css&only=styles HTTP 301
https://dev.fandom.com/load.php?mode=articles&articles=u:dev:MediaWiki:RectangularButtons/code.css&only=styles

Request Chain 33

https://puu.sh/pyeX9/83d808d9e1.cur HTTP 0
http://puu.sh/pyeX9/83d808d9e1.cur HTTP 0
http://puu.sh/pyeX9/83d808d9e1.cur HTTP 0
http://puu.sh/pyeX9/83d808d9e1.cur

106 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Sodinokibi Show response
malware.wikia.org/wiki/ 120 KB
31 KB 35ms
7ms Document
text/html 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4d362f76e6f29fe8e060edc40f48184d52078bc287a688e137f6e2553c0a959b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: malware.wikia.org
:scheme: https
:path: /wiki/Sodinokibi
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-encoding: gzip
content-language: en
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
content-type: text/html; charset=utf-8
etag: "20200229150229-1589447383916"
last-modified: Sat, 29 Feb 2020 15:02:29 GMT
x-backend-response-time: 0.137
x-content-type-options: nosniff
x-span-id: 4830f9e0-6737-43ca-bdd9-2670a740b82a
x-trace-id: 22693942-2c79-4784-b17b-bd37aabc9fda
x-datacenter: SJC
x-cacheable: YES
accept-ranges: bytes
date: Mon, 18 May 2020 14:02:11 GMT
age: 74749
x-served-by: mediawiki-prod-ucp-68fc999d99-nfln8, cache-wk-sjc3162-WIKIA, cache-fra19133-FRA
x-cache: ORIGIN, HIT, HIT
x-cache-hits: ORIGIN, 7, 1
x-timer: S1589810532.896827,VS0,VE2
vary: Accept-Encoding, Cookie
set-cookie: wikia_beacon_id=W9Zjq7Fw8W; domain=.wikia.org; path=/; expires=Sat, 14 Nov 2020 14:02:11 GMT; SameSite=None; Secure; wikia_session_id=h9GxthN4rw; domain=.wikia.org; path=/; expires=Mon, 18 May 2020 14:32:11 GMT; SameSite=None; Secure; Geo={%22region%22:%22BY%22%2C%22country%22:%22DE%22%2C%22continent%22:%22EU%22}; path=/; domain=.wikia.org; SameSite=None; Secure;
cache-control: private, s-maxage=0, max-age=0, must-revalidate
content-length: 30547

GET
H2 200 Qualaroo.scss
slot1-images.wikia.nocookie.net/__am/1589447383916/sasses/background-dynamic%3Dfalse%26background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimages%252F5%252F50%252FWi... 362 KB
57 KB 194ms
86ms Stylesheet
text/css 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1589447383916/sasses/background-dynamic%3Dfalse%26background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimages%252F5%252F50%252FWiki-background%252Frevision%252Flatest%253Fcb%253D20140919094252%26background-image-height%3D640%26background-image-width%3D640%26color-body%3D%2523ebf1f5%26color-body-middle%3D%2523bacdd8%26color-buttons%3D%2523df0101%26color-community-header%3D%25230b0b3b%26color-header%3D%2523dd4702%26color-links%3D%2523a47719%26color-page%3D%2523012e59%26oasisTypography%3D1%26page-opacity%3D87%26widthType%3D0/skins/oasis/css/oasis.scss,extensions/wikia/Forum/css/ForumTag.scss,extensions/wikia/DesignSystem/styles/design-system.scss,extensions/wikia/CommunityHeader/styles/index.scss,extensions/wikia/PageHeader/styles/index.scss,extensions/wikia/Recirculation/styles/recirculation.scss,extensions/wikia/EmbeddableDiscussions/styles/EmbeddableDiscussions.scss,extensions/wikia/PortableInfobox/styles/PortableInfobox.scss,extensions/wikia/PortableInfobox/styles/PortableInfoboxEuropaTheme.scss,extensions/wikia/AdEngine3/dist/styles.scss,extensions/wikia/Qualaroo/css/Qualaroo.scss

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

cc35aed0bbd2e80a54e7ab55def169224339e6000c0a58e179ca94d681cfd2ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 13:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 348227
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 58277
x-served-by: mediawiki-prod-ucp-8fb47c87-fg7mt, wk-cdn-f2, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 14 May 2020 13:18:24 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.033
x-cache-hits: ORIGIN, 3012, 0

GET
H2 200 load.php
malware.wikia.org/ 7 KB
2 KB 9ms
6ms Stylesheet
text/css 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?cb=1589447383916&debug=false&lang=en&modules=site&only=styles&skin=oasis&*

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

456cc2397d11cd9b3d04df6596e4735cc29cb7f9f61b14194e4b4c3ee51350b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: ef047829-bbc1-4c95-b88b-176a806772b7
age: 262
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 1887
x-served-by: mediawiki-prod-ucp-68fc999d99-2zdz5, cache-wk-sjc3162-WIKIA, cache-fra19133-FRA
x-trace-id: 6e8b88c6-5a76-497a-b889-d3065fcd889a
last-modified: Tue, 07 Jan 2020 00:45:22 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:11 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1589810532.916439,VS0,VE1
x-backend-response-time: 0.023
x-cache-hits: ORIGIN, 1, 1

GET
H2 200 wikia.ext.abt3sting Show response
slot1-images.wikia.nocookie.net/__load/-/cb%3D1589447383916%26debug%3Dfalse%26lang%3Den%26only%3Dscripts%26skin%3Doasis/ 179 B
833 B 157ms
50ms Script
text/javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__load/-/cb%3D1589447383916%26debug%3Dfalse%26lang%3Den%26only%3Dscripts%26skin%3Doasis/wikia.ext.abt3sting

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

d854798fb3feeb9095d9dd38629f803bf302ef275a948c6622a60c4a54c18b0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 13:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
x-span-id: 2e0b91ed-af70-4df3-9436-ead3f7873dca
age: 188
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 175
x-served-by: mediawiki-prod-ucp-6967675f49-t7cdv, wk-cdn-f6, wk-cdn-f5
x-trace-id: e67bb9bf-5609-4e2d-8f32-e34e88a6bb4b
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Mon, 04 May 2020 16:00:00 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-pass-cache-control: public, max-age=300, s-maxage=300
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.009
x-cache-hits: ORIGIN, 13728, 0

GET
H2 200 amd%7Cwikia.tracker.stub,stub%7Cwikia.abTest,cache,cookies,document,geo,location,log,querystring,window Show response
slot1-images.wikia.nocookie.net/__load/-/cb%3D1589447383916%26debug%3Dfalse%26lang%3Den%26only%3Dscripts%26skin%3Doasis/ 17 KB
6 KB 158ms
51ms Script
text/javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__load/-/cb%3D1589447383916%26debug%3Dfalse%26lang%3Den%26only%3Dscripts%26skin%3Doasis/amd%7Cwikia.tracker.stub,stub%7Cwikia.abTest,cache,cookies,document,geo,location,log,querystring,window

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

be1aea8a2775ef33fad0722e59ef07278322848d336ef5456b35ba7581e0ef67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 13:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
x-span-id: edab9fc2-2a5d-4a07-baf1-8ff334f73004
age: 348374
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 5622
x-served-by: mediawiki-prod-ucp-8fb47c87-sxlpd, wk-cdn-f4, wk-cdn-f5
x-trace-id: 8894b002-89fe-499f-94d3-d4fd339dc99f
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 14 May 2020 09:00:00 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-pass-cache-control: public, max-age=2592000, s-maxage=2592000
cache-control: public, max-age=2592000, s-maxage=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.009
x-cache-hits: ORIGIN, 5135666, 0

GET
H2 200 abtesting,oasis_blocking,universal_analytics_js,adengine3_top_js,tracking_opt_in_js,qualaroo_blocking_js Show response
slot1-images.wikia.nocookie.net/__am/1589447383916/groups/-/ 720 KB
197 KB 226ms
120ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1589447383916/groups/-/abtesting,oasis_blocking,universal_analytics_js,adengine3_top_js,tracking_opt_in_js,qualaroo_blocking_js

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

68c77cb405cf2961bbdad3393a38b65268280144e209da515a14989926dc9716

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 13:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 348373
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 201496
x-served-by: mediawiki-prod-ucp-8fb47c87-5kb8z, wk-cdn-f6, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 14 May 2020 13:15:58 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.142
x-cache-hits: ORIGIN, 10871715, 0

GET
H2 200 latest
vignette4.wikia.nocookie.net/malware/images/8/89/Wiki-wordmark.png/revision/ 4 KB
4 KB 64ms
50ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette4.wikia.nocookie.net/malware/images/8/89/Wiki-wordmark.png/revision/latest?cb=20160812035434
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 92e72d19bacb3cbf258b26f619497102b318afa42b4448e03e921cf1b1dc1210

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 11:53:14 GMT
x-cacheable: YES - FORCED
age: 1217338
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="Wiki-wordmark.webp"; filename*=UTF-8''Wiki-wordmark.webp
content-length: 3658
x-served-by: thumblr-697dcdc7cf-pmxnn, wk-cdn-f2, wk-cdn-f5
surrogate-key: 4ff8ebbf8ff8f588a0b9423ecc49d7cde1006661 wiki-malware thumblr original
x-thumbnailer: Thumblr
etag: CIi8o9HM2eUCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 10039, 0

GET
H2 200 310
vignette.wikia.nocookie.net/malware/images/a/a7/Ransom_Win32_SODINOKIBI_A2.jpg/revision/latest/scale-to-width-down/ 3 KB
4 KB 64ms
50ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/malware/images/a/a7/Ransom_Win32_SODINOKIBI_A2.jpg/revision/latest/scale-to-width-down/310?cb=20190627122726
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 07a677393b4b1e7c77b9e5d8debdf2fe3534ec5c863a028ffbe8566f8714a53b

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 05 May 2020 11:11:41 GMT
x-cacheable: YES - FORCED
age: 1133431
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="Ransom_Win32_SODINOKIBI_A2.webp"; filename*=UTF-8''Ransom_Win32_SODINOKIBI_A2.webp
content-length: 3210
x-served-by: thumblr-697dcdc7cf-l6zzp, wk-cdn-f6, wk-cdn-f5
surrogate-key: b11d6e74fbe35be14bb46fc8812bd706c2323170 wiki-malware thumblr scale-to-width-down
x-thumbnailer: Thumblr
etag: CJC7wJ/k2uUCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 123, 0

GET
H2 200 56
vignette.wikia.nocookie.net/spotlightsimagestemporary/images/5/5a/Kenshin.jpg/revision/latest/zoom-crop/width/100/height/ 2 KB
3 KB 89ms
75ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/spotlightsimagestemporary/images/5/5a/Kenshin.jpg/revision/latest/zoom-crop/width/100/height/56?cb=20200318084702
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 73cc91d633f979b5d1740f1cfe9b1ef0d7df385a0f2feec326fea2be32f43106

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 10:44:26 GMT
x-cacheable: YES - FORCED
age: 1221465
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="Kenshin.webp"; filename*=UTF-8''Kenshin.webp
content-length: 2164
x-served-by: thumblr-697dcdc7cf-xjzhj, wk-cdn-f4, wk-cdn-f5
surrogate-key: fef0655aba459954b61a29ce0048af0fb947c4a6 wiki-spotlightsimagestemporary thumblr zoom-crop
x-thumbnailer: Thumblr
etag: CIaXq7fSo+gCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 11294999, 0

GET
H2 200 56
vignette.wikia.nocookie.net/letsgoluna/images/c/cd/Erik-Luna-article-2-copy.png/revision/latest/zoom-crop/width/100/height/ 3 KB
4 KB 89ms
76ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/letsgoluna/images/c/cd/Erik-Luna-article-2-copy.png/revision/latest/zoom-crop/width/100/height/56?cb=20200327133046
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 0d144a47aa43efe0c7618916833f08e63dd788900199c51d19ecbcf79a9dcb02

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 10:44:08 GMT
x-cacheable: YES - FORCED
age: 1221484
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="Erik-Luna-article-2-copy.webp"; filename*=UTF-8''Erik-Luna-article-2-copy.webp
content-length: 3156
x-served-by: thumblr-697dcdc7cf-987nv, wk-cdn-f3, wk-cdn-f5
surrogate-key: b1f6ca90c0306f7a97ef16161070581482ae3e67 wiki-letsgoluna thumblr zoom-crop
x-thumbnailer: Thumblr
etag: CMCw18Skv+gCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 11299197, 0

GET
H2 200 56
vignette.wikia.nocookie.net/karlacamilacabello/images/b/b6/Spotlight.jpg/revision/latest/zoom-crop/width/100/height/ 3 KB
3 KB 64ms
51ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/karlacamilacabello/images/b/b6/Spotlight.jpg/revision/latest/zoom-crop/width/100/height/56?cb=20200211045312
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 449d3c9aaa6efcf99e7abee31a3167a8c3e34bdb7c21b3a3c03541a930da9c80

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 10:20:51 GMT
x-cacheable: YES - FORCED
age: 1222880
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="Spotlight.webp"; filename*=UTF-8''Spotlight.webp
content-length: 2756
x-served-by: thumblr-697dcdc7cf-vqgml, wk-cdn-f6, wk-cdn-f5
surrogate-key: f3abc5bb5a0a3cf3b269a595266a43872767ffb2 wiki-karlacamilacabello thumblr zoom-crop
x-thumbnailer: Thumblr
etag: CKDGq42byecCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 11263111, 0

GET
H2 200 wikiabarIcon.png
slot1-images.wikia.nocookie.net/__cb1589447383916/common/extensions/wikia/WikiaBar/images/ 405 B
746 B 59ms
51ms Image
image/png 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://slot1-images.wikia.nocookie.net/__cb1589447383916/common/extensions/wikia/WikiaBar/images/wikiabarIcon.png
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 2eee0fe36709ae2f7a1d64b51b044e819f34ab498b18338e595bcb8b62b0a354

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 13:11:44 GMT
x-cacheable: YES - FORCED
age: 348627
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 405
x-served-by: , wk-cdn-f2, wk-cdn-f5
last-modified: Wed, 13 May 2020 12:57:55 GMT
x-datacenter: SJC
etag: "5ebbeed3-195"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 77964, 0

GET
H2 200 load.php Show response
malware.wikia.org/ 25 KB
6 KB 8ms
8ms Script
text/javascript 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?cb=1589447383916&debug=false&lang=en&modules=startup&newve=1&only=scripts&skin=oasis&*

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6474f8e1fe2d77fdd5a9054eff6e76d4327e5de437f0ca976ea329ae6de41d8d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 00ca77b5-db08-4fb0-9b9f-03f19eb490fd
age: 14
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, MISS, HIT
status: 200
content-length: 5645
x-served-by: mediawiki-prod-ucp-58944cbf77-l292l, cache-wk-sjc3163-WIKIA, cache-fra19133-FRA
x-trace-id: d1a9d29d-3485-454c-b769-f8318086eec3
last-modified: Mon, 18 May 2020 14:01:57 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:12 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1589810532.142711,VS0,VE1
x-backend-response-time: 0.059
x-cache-hits: ORIGIN, 0, 1

GET
H2 200 oasis_shared_core_js,oasis_shared_js,oasis_anon_js,toc_js,recirculation_js,qualaroo_js Show response
slot1-images.wikia.nocookie.net/__am/1589447383916/groups/-/ 276 KB
76 KB 53ms
53ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1589447383916/groups/-/oasis_shared_core_js,oasis_shared_js,oasis_anon_js,toc_js,recirculation_js,qualaroo_js

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

45e2e03e0484d8321f7a12e8e94a4552043d7d7a4416dafdf3f0aa23d34ec097

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 13:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 348373
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 77622
x-served-by: mediawiki-prod-ucp-8fb47c87-2cf7x, wk-cdn-f3, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 14 May 2020 13:15:58 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.123
x-cache-hits: ORIGIN, 7691075, 0

GET
H2 200 search_tracking_js Show response
slot1-images.wikia.nocookie.net/__am/1589447383916/group/-/ 8 KB
3 KB 681ms
681ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1589447383916/group/-/search_tracking_js

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

6cbe19bb7614b9dc5fa43ad77c605281d90e73a83105c627cc29fecf9a3024d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 13:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 348374
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 2612
x-served-by: mediawiki-prod-ucp-8fb47c87-5jrpl, wk-cdn-f1, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 14 May 2020 13:15:58 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.010
x-cache-hits: ORIGIN, 10856549, 0

GET
H2 200 auth_modal_js Show response
slot1-images.wikia.nocookie.net/__am/1589447383916/group/-/ 3 KB
2 KB 60ms
50ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1589447383916/group/-/auth_modal_js

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

8fed7e12a70de30c9f6110fb97081dba50fd03393500cd351070c26707dd2c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 13:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 348373
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 1031
x-served-by: mediawiki-prod-ucp-8fb47c87-ln2hm, wk-cdn-f4, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 14 May 2020 13:15:58 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.007
x-cache-hits: ORIGIN, 10851755, 0

GET
H2 200 community_header_js Show response
slot1-images.wikia.nocookie.net/__am/1589447383916/group/-/ 2 KB
2 KB 60ms
49ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1589447383916/group/-/community_header_js

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

9c27cb90f24aa4d9375eecf6b16a0b3f265686a9d2038e7678a8aa3298063283

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 13:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 348373
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 1006
x-served-by: mediawiki-prod-ucp-8fb47c87-wlmdm, wk-cdn-f1, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 14 May 2020 13:15:58 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.006
x-cache-hits: ORIGIN, 10852922, 0

GET
H2 200 page_header_js Show response
slot1-images.wikia.nocookie.net/__am/1589447383916/group/-/ 365 B
792 B 60ms
50ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1589447383916/group/-/page_header_js

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

933cd98e932afa3e86311d20912fec831f4830052fed943c43e1aad5a5ee5169

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 13:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 348373
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 253
x-served-by: mediawiki-prod-ucp-8fb47c87-5jrpl, wk-cdn-f3, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 14 May 2020 13:15:58 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.006
x-cache-hits: ORIGIN, 11569176, 0

GET
H2 200 embeddable_discussions_js Show response
slot1-images.wikia.nocookie.net/__am/1589447383916/group/-/ 11 KB
4 KB 58ms
48ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1589447383916/group/-/embeddable_discussions_js

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

8b7ced1bc64700c521def586a51b747f817c0ea0c46a1f53dfb06e93d188cf40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 13:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
age: 348372
x-cache: ORIGIN, HIT
status: 200
content-length: 3312
x-served-by: mediawiki-prod-ucp-8fb47c87-2cf7x, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 14 May 2020 13:15:59 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.009
x-cache-hits: ORIGIN, 7738555

GET
H2 200 wikia_in_your_lang_js Show response
slot1-images.wikia.nocookie.net/__am/1589447383916/group/-/ 5 KB
2 KB 61ms
51ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1589447383916/group/-/wikia_in_your_lang_js

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

f186055d271de5b9b6dc96573ac9acad6473353553445ebe819ed983fdc21e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 13:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 348373
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 1431
x-served-by: mediawiki-prod-ucp-8fb47c87-84l9l, wk-cdn-f6, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 14 May 2020 13:15:58 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.007
x-cache-hits: ORIGIN, 10839523, 0

GET
H2 200 portable_infobox_js Show response
slot1-images.wikia.nocookie.net/__am/1589447383916/group/-/ 2 KB
1 KB 61ms
50ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1589447383916/group/-/portable_infobox_js

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

e9d78667d6d670825872a939c9dae6ba9378edd5f0eee312283ca55c73683a9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 13:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 348373
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 779
x-served-by: mediawiki-prod-ucp-8fb47c87-6tkqv, wk-cdn-f1, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 14 May 2020 13:15:58 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.006
x-cache-hits: ORIGIN, 10851008, 0

GET
H2 200 visit_source_js Show response
slot1-images.wikia.nocookie.net/__am/1589447383916/group/-/ 1 KB
1 KB 62ms
51ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1589447383916/group/-/visit_source_js

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

85b766db5560c269bacaba40acfcea95a70bb2b1ba6056531d9077f0eb92a933

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 13:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 348373
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 542
x-served-by: mediawiki-prod-ucp-8fb47c87-fg7mt, wk-cdn-f3, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 14 May 2020 13:15:58 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.008
x-cache-hits: ORIGIN, 10846331, 0

GET
H2 200 wikia.php Show response
malware.wikia.org/ 6 KB
2 KB 26ms
16ms Script
text/javascript 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/wikia.php?controller=JSMessages&method=getMessages&format=html&packages=AdEngine3%2CArticleVideo%2CConfirmModal%2CEditPageLayout%2CEmbeddableDiscussions%2CImagePlaceholder%2COasis-generic%2CRecirculation&uselang=en&cb=1589447383916.0.0

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b650d53b37001ac7d4de646464e79a580211aa638308f9eb450f21bdf3b226af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 51f29f37-e313-4d17-8b64-2f76aff0b392
age: 348495
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 1838
x-served-by: mediawiki-prod-ucp-68fc999d99-nkgdg, cache-wk-sjc3162-WIKIA, cache-fra19133-FRA
x-trace-id: 8121d24a-f799-4eb1-9fb0-1d445fef5ccc
x-backend-response-time: 0.026
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:12 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=604800
accept-ranges: bytes
x-timer: S1589810532.240682,VS0,VE1
x-cache-hits: ORIGIN, 2, 1

GET
H2 200 load.php Show response
malware.wikia.org/ 3 KB
1 KB 20ms
10ms Script
text/javascript 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?cb=1589447383916&debug=false&lang=en&modules=ext.siteWideMessages.anon&only=scripts&skin=oasis&*

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3c5f70cab1120e323598e6e635b9b53487d4a2bd6957c93b5313ece1818e5ac2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 0762a642-2ef9-42f3-8513-5924c29eaeeb
age: 348489
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 1098
x-served-by: mediawiki-prod-ucp-68fc999d99-t5bbm, cache-wk-sjc3163-WIKIA, cache-fra19133-FRA
x-trace-id: 0a8891f0-d0f0-498f-8e8b-93585e0ff825
last-modified: Thu, 14 May 2020 09:00:00 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:12 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000, s-maxage=2592000
accept-ranges: bytes
x-timer: S1589810532.236845,VS0,VE1
x-backend-response-time: 0.012
x-cache-hits: ORIGIN, 8, 1

GET
H2 200 load.php Show response
malware.wikia.org/ 3 KB
2 KB 24ms
14ms Script
text/javascript 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?cb=1589447383916&debug=false&lang=en&modules=site&only=scripts&reviewed=1561936428&skin=oasis&*

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7bbbdf51e13ce20280f501209cdb6bcf941e81d6c856829b94a1a036f01cf2cc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 7aae6d0e-52ff-443f-a627-d8c786f74c6a
age: 261
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 1206
x-served-by: mediawiki-prod-ucp-68fc999d99-8tjg4, cache-wk-sjc3162-WIKIA, cache-fra19133-FRA
x-trace-id: 46ce763a-0376-4c65-a923-ee5c0f81cd11
last-modified: Tue, 07 Jan 2020 00:45:22 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:12 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1589810532.236559,VS0,VE1
x-backend-response-time: 0.027
x-cache-hits: ORIGIN, 3, 1

GET
H/1.1 204
No Content scout.js Show response
www.fastly-insights.com/static/ 0
725 B 157ms
50ms Script
application/javascript 151.101.14.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 18 May 2020 14:02:12 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 43200}
X-Cache: HIT
Access-Control-Allow-Methods: POST, OPTIONS
Connection: keep-alive
X-Served-By: cache-fra19183-FRA
Server: Varnish
X-Timer: S1589810532.358585,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 43200, "endpoints": [{"url": "https://nel-cae.fastly-insights.com/report"}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

GET
H2 200 load.php
malware.wikia.org/ 7 KB
2 KB 10ms
9ms Stylesheet
text/css 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?mode=articles&only=styles&articles=u:dev:MediaWiki:ModernProfile/Masthead.css|u:dev:MediaWiki:ModernProfile/Wall.css

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a27b09b2a54696a932fd5283de93fc6fbba91cf4b6c37bce51cbeb18be6ca325

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: f9872063-81d8-46a4-a211-95017327d499
age: 59
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 1929
x-served-by: mediawiki-prod-f8f7c6854-cz6cd, cache-wk-sjc3163-WIKIA, cache-fra19133-FRA
x-trace-id: db5c33fe-a649-46dc-b65d-8ecf2a16bba7
last-modified: Sat, 12 Oct 2019 15:35:16 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:11 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1589810532.927131,VS0,VE1
x-backend-response-time: 0.022
x-cache-hits: ORIGIN, 2, 1

GET
H2

200

load.php
dev.fandom.com/
Redirect Chain

https://dev.wikia.com/load.php?mode=articles&articles=u:dev:MediaWiki:RectangularButtons/code.css&only=styles
https://dev.fandom.com/load.php?mode=articles&articles=u:dev:MediaWiki:RectangularButtons/code.css&only=styles

2 KB
1 KB

162ms
53ms

Stylesheet
text/css

151.101.0.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.fandom.com/load.php?mode=articles&articles=u:dev:MediaWiki:RectangularButtons/code.css&only=styles

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ed6fe953a49b63afc019a173202c3251a6d2146c6a6021f11d00ba25802bb4a1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 38a4fdfa-46b4-4c2c-ac2a-4b5d006190e5
age: 204
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.fandom.com/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 425
x-served-by: mediawiki-prod-ucp-5db9b76f4d-8bghn, cache-wk-sjc3162-WIKIA, cache-hhn4021-HHN
x-trace-id: 09d45746-b92d-4130-9c75-6d0620278294
last-modified: Sun, 03 Jul 2016 04:05:50 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:12 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1589810532.072498,VS0,VE1
x-backend-response-time: 0.015
x-cache-hits: ORIGIN, 10, 1

Redirect headers

date: Mon, 18 May 2020 14:02:11 GMT
x-content-type-options: nosniff
x-cacheable: YES
age: 77854
x-cache: HIT, HIT
status: 301
content-length: 0
x-served-by: cache-wk-sjc3162-WIKIA, cache-fra19133-FRA
x-redirected-by-wf: NotPrimary
x-datacenter: SJC
vary: Accept-Encoding, Cookie
content-type: text/html; charset=UTF-8
location: https://dev.fandom.com/load.php?mode=articles&articles=u:dev:MediaWiki:RectangularButtons/code.css&only=styles
cache-control: s-maxage=86400, must-revalidate, max-age=0
accept-ranges: bytes
x-timer: S1589810532.927035,VS0,VE1
x-cache-hits: 3, 1

GET
H2 200 load.php
malware.wikia.org/ 9 KB
2 KB 9ms
8ms Stylesheet
text/css 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?mode=articles&articles=u:dev:MediaWiki:FandomizedActivityFeed.css&only=styles

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

19fb5523cb3f017cf7ff1a22755459f09a7dfc10176b33cc375be6adcafc9221

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 8fbeadaa-750f-4536-80e0-359358089aca
age: 59
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 1650
x-served-by: mediawiki-prod-ucp-77c9df9687-sfvnj, cache-wk-sjc3163-WIKIA, cache-fra19133-FRA
x-trace-id: 487a15ae-9377-4909-9ba1-3f637ed46c98
last-modified: Fri, 03 Apr 2020 16:46:08 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:11 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1589810532.927107,VS0,VE1
x-backend-response-time: 0.025
x-cache-hits: ORIGIN, 20, 1

GET
H2 200 load.php
malware.wikia.org/ 20 KB
3 KB 8ms
8ms Stylesheet
text/css 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?mode=articles&articles=u:dev:MediaWiki:Nord.css&only=styles

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a2d1ecd10debaaa0876d06584f2a601ad2a3ff76a21c6ca659fc0b131339269a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 31a5fb0c-6cad-4ca4-9f6e-8a47ec6c724a
age: 59
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 2472
x-served-by: mediawiki-prod-ucp-5db9b76f4d-gnghk, cache-wk-sjc3162-WIKIA, cache-fra19133-FRA
x-trace-id: 5da309e4-4bf2-4b04-97c9-57feaffdedf4
last-modified: Tue, 15 Oct 2019 22:12:45 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:11 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1589810532.927060,VS0,VE1
x-backend-response-time: 0.025
x-cache-hits: ORIGIN, 6, 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 83 KB
30 KB 27ms
15ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MDPTN53

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b762a39f0d51b3a61911a03dae2a91e0053058f18d1ad8cddfd1159808c01f66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:02:12 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30150
x-xss-protection: 0
last-modified: Mon, 18 May 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 May 2020 14:02:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 25ms
13ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: slot1-images.wikia.nocookie.net
URL: https://slot1-images.wikia.nocookie.net/__am/1589447383916/groups/-/abtesting,oasis_blocking,universal_analytics_js,adengine3_top_js,tracking_opt_in_js,qualaroo_blocking_js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 3953
date: Mon, 18 May 2020 12:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Mon, 18 May 2020 14:56:19 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 404 app
services.wikia.org/csp-logger/csp/ 0
0 197ms
165ms Other
text/plain 2a04:4e42:200::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://services.wikia.org/csp-logger/csp/app
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::194 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2

200

83d808d9e1.cur
puu.sh/pyeX9/
Redirect Chain

https://puu.sh/pyeX9/83d808d9e1.cur
http://puu.sh/pyeX9/83d808d9e1.cur
http://puu.sh/pyeX9/83d808d9e1.cur
http://puu.sh/pyeX9/83d808d9e1.cur

13 KB
0

236ms
208ms

Image
application/x-123

2606:4700:3038::681f:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://puu.sh/pyeX9/83d808d9e1.cur

Requested by

Host: slot1-images.wikia.nocookie.net
URL: https://slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26only%3Dscripts%26skin%3Doasis%26version%3D1589567588360-20200515T181500Z/jquery,mediawiki

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::681f:2b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95927a3d82a71ba8927713a189420285f863ce3052865db6c9eaba6e67503148

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer

Response headers

date: Mon, 18 May 2020 14:02:12 GMT
cf-cache-status: DYNAMIC
x-s3n: HIT
status: 200
content-disposition: inline; filename="cursor+(1).cur"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 4286
cf-request-id: 02c9b0a7a900001f29ee372200000001
last-modified: Fri, 05 Apr 2019 22:53:53 GMT
server: cloudflare
etag: "d8876bffd27ab78c9ada26a73d8755f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/x-123
accept-ranges: bytes
cf-ray: 59561d52aeb91f29-FRA

GET
H2 200 latest
vignette3.wikia.nocookie.net/malware/images/5/50/Wiki-background/revision/ 13 KB
13 KB 62ms
59ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette3.wikia.nocookie.net/malware/images/5/50/Wiki-background/revision/latest?cb=20140919094252
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: f997e06f527904ab55b2b1b41f5a500a2fc41e3eec8e2bd52bf5f6d9216036d3

Request headers

Referer: https://slot1-images.wikia.nocookie.net/__am/1589447383916/sasses/background-dynamic%3Dfalse%26background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimages%252F5%252F50%252FWiki-background%252Frevision%252Flatest%253Fcb%253D20140919094252%26background-image-height%3D640%26background-image-width%3D640%26color-body%3D%2523ebf1f5%26color-body-middle%3D%2523bacdd8%26color-buttons%3D%2523df0101%26color-community-header%3D%25230b0b3b%26color-header%3D%2523dd4702%26color-links%3D%2523a47719%26color-page%3D%2523012e59%26oasisTypography%3D1%26page-opacity%3D87%26widthType%3D0/skins/oasis/css/oasis.scss,extensions/wikia/Forum/css/ForumTag.scss,extensions/wikia/DesignSystem/styles/design-system.scss,extensions/wikia/CommunityHeader/styles/index.scss,extensions/wikia/PageHeader/styles/index.scss,extensions/wikia/Recirculation/styles/recirculation.scss,extensions/wikia/EmbeddableDiscussions/styles/EmbeddableDiscussions.scss,extensions/wikia/PortableInfobox/styles/PortableInfobox.scss,extensions/wikia/PortableInfobox/styles/PortableInfoboxEuropaTheme.scss,extensions/wikia/AdEngine3/dist/styles.scss,extensions/wikia/Qualaroo/css/Qualaroo.scss
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 11:53:14 GMT
x-cacheable: YES - FORCED
age: 1217337
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="Wiki-background.webp"; filename*=UTF-8''Wiki-background.webp
content-length: 12806
x-served-by: thumblr-697dcdc7cf-pj88g, wk-cdn-f6, wk-cdn-f5
surrogate-key: d3b92f3374b90f5addb20f8bef3cc2b54077e0d5 wiki-malware thumblr original
x-thumbnailer: Thumblr
etag: CLqVy9vr2+UCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 9629, 0

GET
H2 200 115
vignette.wikia.nocookie.net/malware/images/0/0e/Community-header-background/revision/latest/zoom-crop/width/471/height/ 24 KB
24 KB 57ms
56ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/malware/images/0/0e/Community-header-background/revision/latest/zoom-crop/width/471/height/115?cb=20170711045240
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 802d62cbcbc0d3634542174027c89e0a82e997d2cae9f5ebf089d04fa35b5f3f

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 11:53:14 GMT
x-cacheable: YES
age: 1217337
x-cache: ORIGIN, HIT
status: 200
content-disposition: inline; filename="Community-header-background.webp"; filename*=UTF-8''Community-header-background.webp
content-length: 24422
x-served-by: thumblr-697dcdc7cf-7c8vn, wk-cdn-f5
surrogate-key: 7736c360e7e78a4edebc72e421dd79193d5be950 wiki-malware thumblr zoom-crop
x-thumbnailer: Thumblr
etag: CLO/sNHM2eUCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 10534

GET
H2 200 sprite.png
slot1-images.wikia.nocookie.net/__cb1589374874813/common/skins/shared/images/ 10 KB
11 KB 59ms
59ms Image
image/png 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://slot1-images.wikia.nocookie.net/__cb1589374874813/common/skins/shared/images/sprite.png
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 6eff6f790d0dc40fd6cf7d349e45f258af23cecf12f64dc080b178bb923d1cae

Request headers

Referer: https://slot1-images.wikia.nocookie.net/__am/1589447383916/sasses/background-dynamic%3Dfalse%26background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimages%252F5%252F50%252FWiki-background%252Frevision%252Flatest%253Fcb%253D20140919094252%26background-image-height%3D640%26background-image-width%3D640%26color-body%3D%2523ebf1f5%26color-body-middle%3D%2523bacdd8%26color-buttons%3D%2523df0101%26color-community-header%3D%25230b0b3b%26color-header%3D%2523dd4702%26color-links%3D%2523a47719%26color-page%3D%2523012e59%26oasisTypography%3D1%26page-opacity%3D87%26widthType%3D0/skins/oasis/css/oasis.scss,extensions/wikia/Forum/css/ForumTag.scss,extensions/wikia/DesignSystem/styles/design-system.scss,extensions/wikia/CommunityHeader/styles/index.scss,extensions/wikia/PageHeader/styles/index.scss,extensions/wikia/Recirculation/styles/recirculation.scss,extensions/wikia/EmbeddableDiscussions/styles/EmbeddableDiscussions.scss,extensions/wikia/PortableInfobox/styles/PortableInfobox.scss,extensions/wikia/PortableInfobox/styles/PortableInfoboxEuropaTheme.scss,extensions/wikia/AdEngine3/dist/styles.scss,extensions/wikia/Qualaroo/css/Qualaroo.scss
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 13:18:39 GMT
x-cacheable: YES - FORCED
age: 434612
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 10483
x-served-by: , wk-cdn-f4, wk-cdn-f5
last-modified: Tue, 12 May 2020 07:54:20 GMT
x-datacenter: SJC
etag: "5eba562c-28f3"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 9397124, 0

GET
H2 200 iJWKBXyIfDnIV7nBrXyw023e.woff2
fonts.gstatic.com/s/rubik/v7/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v7/iJWKBXyIfDnIV7nBrXyw023e.woff2

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

725bff9a83f83ba4a96e8256bea8822f49a0c2c821311abcfb39c6b46714beaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://slot1-images.wikia.nocookie.net/__am/1589447383916/sasses/background-dynamic%3Dfalse%26background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimages%252F5%252F50%252FWiki-background%252Frevision%252Flatest%253Fcb%253D20140919094252%26background-image-height%3D640%26background-image-width%3D640%26color-body%3D%2523ebf1f5%26color-body-middle%3D%2523bacdd8%26color-buttons%3D%2523df0101%26color-community-header%3D%25230b0b3b%26color-header%3D%2523dd4702%26color-links%3D%2523a47719%26color-page%3D%2523012e59%26oasisTypography%3D1%26page-opacity%3D87%26widthType%3D0/skins/oasis/css/oasis.scss,extensions/wikia/Forum/css/ForumTag.scss,extensions/wikia/DesignSystem/styles/design-system.scss,extensions/wikia/CommunityHeader/styles/index.scss,extensions/wikia/PageHeader/styles/index.scss,extensions/wikia/Recirculation/styles/recirculation.scss,extensions/wikia/EmbeddableDiscussions/styles/EmbeddableDiscussions.scss,extensions/wikia/PortableInfobox/styles/PortableInfobox.scss,extensions/wikia/PortableInfobox/styles/PortableInfoboxEuropaTheme.scss,extensions/wikia/AdEngine3/dist/styles.scss,extensions/wikia/Qualaroo/css/Qualaroo.scss
Origin: https://malware.wikia.org

Response headers

date: Sun, 17 May 2020 18:27:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Oct 2017 23:02:11 GMT
server: sffe
age: 70498
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16012
x-xss-protection: 0
expires: Mon, 17 May 2021 18:27:14 GMT

GET
H2 200 gdpr_events Show response
beacon.wikia-services.com/__track/special/ 111 B
531 B 55ms
53ms Script
text/javascript 151.101.0.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.wikia-services.com/__track/special/gdpr_events?lang_code=en&detected_geo=de&beacon=W9Zjq7Fw8W&ga_category=gdpr-modal&ga_action=impression&ga_label=modal-view
Requested by: Host: slot1-images.wikia.nocookie.net
URL: https://slot1-images.wikia.nocookie.net/__am/1589447383916/groups/-/abtesting,oasis_blocking,universal_analytics_js,adengine3_top_js,tracking_opt_in_js,qualaroo_blocking_js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 72be020a6adc37efd291e0cfce853e9b8d418104db78aa35c50332319a2f02fa

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:02:12 GMT
x-cache: HIT
status: 200
x-restarts: 0
x-served-by: cache-hhn4021-HHN
accept-ranges: bytes
server: Varnish
x-timer: S1589810532.475332,VS0,VE0
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-selected-backend: sjc_shield
cache-control: private, s-maxage=0, max-age=0, must-revalidate
content-length: 111
retry-after: 0
x-cache-hits: 0

GET
H2 200 ajax.gif
slot1-images.wikia.nocookie.net/__cb1589374874813/common/skins/common/images/ 546 B
890 B 50ms
50ms Image
image/gif 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://slot1-images.wikia.nocookie.net/__cb1589374874813/common/skins/common/images/ajax.gif
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 53224add53de4c20a5db7363faae8b344b9df8281a19d88215feaf9b86a8916a

Request headers

Referer: https://slot1-images.wikia.nocookie.net/__am/1589447383916/sasses/background-dynamic%3Dfalse%26background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimages%252F5%252F50%252FWiki-background%252Frevision%252Flatest%253Fcb%253D20140919094252%26background-image-height%3D640%26background-image-width%3D640%26color-body%3D%2523ebf1f5%26color-body-middle%3D%2523bacdd8%26color-buttons%3D%2523df0101%26color-community-header%3D%25230b0b3b%26color-header%3D%2523dd4702%26color-links%3D%2523a47719%26color-page%3D%2523012e59%26oasisTypography%3D1%26page-opacity%3D87%26widthType%3D0/skins/oasis/css/oasis.scss,extensions/wikia/Forum/css/ForumTag.scss,extensions/wikia/DesignSystem/styles/design-system.scss,extensions/wikia/CommunityHeader/styles/index.scss,extensions/wikia/PageHeader/styles/index.scss,extensions/wikia/Recirculation/styles/recirculation.scss,extensions/wikia/EmbeddableDiscussions/styles/EmbeddableDiscussions.scss,extensions/wikia/PortableInfobox/styles/PortableInfobox.scss,extensions/wikia/PortableInfobox/styles/PortableInfoboxEuropaTheme.scss,extensions/wikia/AdEngine3/dist/styles.scss,extensions/wikia/Qualaroo/css/Qualaroo.scss
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 13:17:22 GMT
x-cacheable: YES - FORCED
age: 434690
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 546
x-served-by: , wk-cdn-f4, wk-cdn-f5
last-modified: Wed, 13 May 2020 07:13:13 GMT
x-datacenter: SJC
etag: "5ebb9e09-222"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 11259939, 0

GET
DATA 200
OK truncated
/ 86 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8030ba6c500215322a6c74dec59aae39c0d6be2a2ed09d6042bbbd146a779a5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 295 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8aa5a03749b87dfded5168574a09605bc1bfda348266dae7f4cacbdc671293c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 297 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4b73fff20a625422480f235549bc4ff4b151432ddc556c4c1d37dc53b25a444

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 iJWHBXyIfDnIV7F6iGmd8WD07oB-.woff2
fonts.gstatic.com/s/rubik/v7/ 16 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v7/iJWHBXyIfDnIV7F6iGmd8WD07oB-.woff2

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182f72be2ac58dda7e2ef9f7c1bc61789c3b6d6c1f86bbe5728251fca1eb1978

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://slot1-images.wikia.nocookie.net/__am/1589447383916/sasses/background-dynamic%3Dfalse%26background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimages%252F5%252F50%252FWiki-background%252Frevision%252Flatest%253Fcb%253D20140919094252%26background-image-height%3D640%26background-image-width%3D640%26color-body%3D%2523ebf1f5%26color-body-middle%3D%2523bacdd8%26color-buttons%3D%2523df0101%26color-community-header%3D%25230b0b3b%26color-header%3D%2523dd4702%26color-links%3D%2523a47719%26color-page%3D%2523012e59%26oasisTypography%3D1%26page-opacity%3D87%26widthType%3D0/skins/oasis/css/oasis.scss,extensions/wikia/Forum/css/ForumTag.scss,extensions/wikia/DesignSystem/styles/design-system.scss,extensions/wikia/CommunityHeader/styles/index.scss,extensions/wikia/PageHeader/styles/index.scss,extensions/wikia/Recirculation/styles/recirculation.scss,extensions/wikia/EmbeddableDiscussions/styles/EmbeddableDiscussions.scss,extensions/wikia/PortableInfobox/styles/PortableInfobox.scss,extensions/wikia/PortableInfobox/styles/PortableInfoboxEuropaTheme.scss,extensions/wikia/AdEngine3/dist/styles.scss,extensions/wikia/Qualaroo/css/Qualaroo.scss
Origin: https://malware.wikia.org

Response headers

date: Sun, 17 May 2020 18:25:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Oct 2017 23:02:24 GMT
server: sffe
age: 70588
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
expires: Mon, 17 May 2021 18:25:44 GMT

GET
H2 200 jquery,mediawiki Show response
slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26only%3Dscripts%26skin%3Doasis%26version%3D1589567588360-20200515T181500Z/ 159 KB
46 KB 52ms
51ms Script
text/javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26only%3Dscripts%26skin%3Doasis%26version%3D1589567588360-20200515T181500Z/jquery,mediawiki

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/load.php?cb=1589447383916&debug=false&lang=en&modules=startup&newve=1&only=scripts&skin=oasis&*

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

986cb1f502a55391a448235c90316f9d7540b5ab8057eea89f759a7155fcb1d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 18 May 2020 12:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: f8ae0762-0152-4b61-b291-e3f5ea0869a6
age: 4008
x-cache: ORIGIN, HIT
status: 200
content-length: 46849
x-served-by: mediawiki-prod-ucp-6967675f49-z8vbj, wk-cdn-f5
x-trace-id: 91c8997c-a290-476f-90af-fe728c075849
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Fri, 15 May 2020 18:15:00 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-pass-cache-control: public, max-age=2592000, s-maxage=2592000
cache-control: public, max-age=2592000, s-maxage=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.010
x-cache-hits: ORIGIN, 203745

GET
H2 200 17632281258.js Show response
cdn.optimizely.com/js/ 274 KB
85 KB 23ms
7ms Script
text/javascript 2a02:26f0:eb:3ac::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/17632281258.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPTN53

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:eb:3ac::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bca80b0ea14bfd07037efeeb7d4c1b7cef218026e448433448973fd65b10dc18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: 9wQCj3L1TSvVHeeB6hz5wFl0PB8rREci
content-encoding: gzip
etag: "1d8b6529f43eba0ffb693814dc259d6d"
x-amz-request-id: 7C115EC301484188
status: 200
x-amz-replication-status: PENDING
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:eb:3ac::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 85724
x-amz-id-2: +saJeIfD8l0iwMSKWTq4fz4ApIp7vF86vVs4VMsM8naTXrtQ3OnOBBwRNgvDd223PyF9ao28ZEc=
last-modified: Tue, 05 May 2020 13:28:10 GMT
server: AmazonS3
date: Mon, 18 May 2020 14:02:12 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=1800
x-amz-meta-revision: 240
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 bidexchange.js Show response
hbx.media.net/ 243 KB
80 KB 320ms
317ms Script
text/javascript 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/bidexchange.js?cid=8CUDYP2MO&version=6.1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPTN53

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

76a8471b8426f10b20a1aa9779677b38d9846a5b88d82b0227c19d57b02cda5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Mon, 18 May 2020 14:02:12 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=1800
expires: Mon, 18 May 2020 14:32:12 GMT

GET
H2 200 amd.shared%7Cext.wikia.facebookTags%7Cjquery.byteLength,checkboxShiftClick,client,cookie,makeCollapsible,messageBox,mw-jump,mwExtension,timeago%7Cmediawiki.Title,Uri,cldr,jqueryMsg,language,user,ut... Show response
slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26skin%3Doasis%26version%3D1589447383916-20200515T181500Z/ 125 KB
38 KB 53ms
52ms Script
text/javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26skin%3Doasis%26version%3D1589447383916-20200515T181500Z/amd.shared%7Cext.wikia.facebookTags%7Cjquery.byteLength,checkboxShiftClick,client,cookie,makeCollapsible,messageBox,mw-jump,mwExtension,timeago%7Cmediawiki.Title,Uri,cldr,jqueryMsg,language,user,util%7Cmediawiki.language.init%7Cmediawiki.legacy.ajax,wikibits%7Cmediawiki.libs.pluralruleparser%7Cmediawiki.page.ready,startup%7Cunderscore%7Cwikia.fbLocale,history,importScript,loader,mw,nirvana,throbber,thumbnailer,tracker

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

b0739847044b81584688415978da70a64110bd61d37237c6faf676c0965461f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 18 May 2020 12:50:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
x-span-id: 59f3f2e4-6081-4ce1-b268-2f7e07ba26d6
age: 4306
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 37853
x-served-by: mediawiki-prod-ucp-8fb47c87-77566, wk-cdn-f2, wk-cdn-f5
x-trace-id: 982aba93-cda6-40b1-9d55-798954b40fce
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 14 May 2020 09:00:00 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-pass-cache-control: public, max-age=2592000, s-maxage=2592000
cache-control: public, max-age=2592000, s-maxage=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.015
x-cache-hits: ORIGIN, 126781, 0

GET
H2 200 load.php Show response
malware.wikia.org/ 30 KB
9 KB 9ms
8ms Script
text/javascript 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?debug=false&lang=en&modules=ext.bannerNotifications%2CdesignSystem%2CuserLogin%7Cext.visualEditor.track%2Cve%7Cext.visualEditor.wikia.viewPageTarget.init%7Cext.wikia.AffiliateService%2CGoogleTagManager%2CTimeAgoMessaging%7Cmediawiki.language.data&sass_background-dynamic=false&sass_background-image=https%3A%2F%2Fvignette3.wikia.nocookie.net%2Fmalware%2Fimages%2F5%2F50%2FWiki-background%2Frevision%2Flatest%3Fcb%3D20140919094252&sass_background-image-height=640&sass_background-image-width=640&sass_color-body=%23ebf1f5&sass_color-body-middle=%23bacdd8&sass_color-buttons=%23df0101&sass_color-community-header=%230b0b3b&sass_color-header=%23dd4702&sass_color-links=%23a47719&sass_color-page=%23012e59&sass_oasisTypography=1&sass_page-opacity=87&sass_widthType=0&skin=oasis&version=1589447383916-20200515T181500Z&*

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cf254d217a2937fa4f8f1f076654515ec4f86aeb4026b226125c8430981cc691

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 8b8fd5bc-7c02-44c3-aeb5-c80170da1375
age: 4170
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 9040
x-served-by: mediawiki-prod-ucp-58944cbf77-d2b8j, cache-wk-sjc3163-WIKIA, cache-fra19133-FRA
x-trace-id: d92be137-cc78-419f-bb19-48be0ab20bf4
last-modified: Fri, 15 May 2020 18:15:00 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:12 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000, s-maxage=2592000
accept-ranges: bytes
x-timer: S1589810533.615303,VS0,VE1
x-backend-response-time: 0.025
x-cache-hits: ORIGIN, 1, 1

GET
H2 200 a17126690382.html
a17126690382.cdn.optimizely.com/client_storage/ Frame CDF2 0
0 201ms
65ms Document
text/html 23.45.99.37
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://a17126690382.cdn.optimizely.com/client_storage/a17126690382.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/17632281258.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.45.99.37 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a23-45-99-37.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: a17126690382.cdn.optimizely.com
:scheme: https
:path: /client_storage/a17126690382.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://malware.wikia.org/wiki/Sodinokibi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://malware.wikia.org/wiki/Sodinokibi

Response headers

status: 200
x-amz-id-2: PPRGc5TJP/Ikb1a4zk0kKWW0HnVm0rxv4/2rWlFQmkYqd54lFj0p0OBRYtAkyGhow+H7t5D/BLU=
x-amz-request-id: 35FB0FCC651F73F1
x-amz-replication-status: COMPLETED
last-modified: Tue, 05 May 2020 13:28:07 GMT
etag: "54e2272f3f16995f184ebf4142e2f79d"
cache-control: max-age=120
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: 3kLzxJEdnBvGHP7R7t4wr4d0nReW6ZC6
accept-ranges: bytes
content-type: text/html; charset=utf-8
content-length: 777
server: AmazonS3
vary: Accept-Encoding
date: Mon, 18 May 2020 14:02:12 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="31";dur=0,cdnip;desc="23.45.99.37";dur=0,cdnmap;desc="a4343.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000

GET
H2 200 wikia.php Show response
malware.wikia.org/ 8 KB
2 KB 9ms
9ms XHR
application/json 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/wikia.php?controller=Rail&method=lazyForAnons&articleTitle=Sodinokibi&cb=1589447383916&excludeScss%5B%5D=skins%2Foasis%2Fcss%2Foasis.scss&excludeScss%5B%5D=extensions%2Fwikia%2FForum%2Fcss%2FForumTag.scss&excludeScss%5B%5D=extensions%2Fwikia%2FDesignSystem%2Fstyles%2Fdesign-system.scss&excludeScss%5B%5D=extensions%2Fwikia%2FCommunityHeader%2Fstyles%2Findex.scss&excludeScss%5B%5D=extensions%2Fwikia%2FPageHeader%2Fstyles%2Findex.scss&excludeScss%5B%5D=extensions%2Fwikia%2FRecirculation%2Fstyles%2Frecirculation.scss&excludeScss%5B%5D=extensions%2Fwikia%2FEmbeddableDiscussions%2Fstyles%2FEmbeddableDiscussions.scss&excludeScss%5B%5D=extensions%2Fwikia%2FPortableInfobox%2Fstyles%2FPortableInfobox.scss&excludeScss%5B%5D=extensions%2Fwikia%2FPortableInfobox%2Fstyles%2FPortableInfoboxEuropaTheme.scss&excludeScss%5B%5D=extensions%2Fwikia%2FAdEngine3%2Fdist%2Fstyles.scss&excludeScss%5B%5D=extensions%2Fwikia%2FQualaroo%2Fcss%2FQualaroo.scss&format=json&namespace=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3b8a4c091abc285ed8042fde998d8b2cd40e51d8dc916e8791448b47a3a5590a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://malware.wikia.org/wiki/Sodinokibi
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: dfbc6490-5a4e-404f-9f48-d1a0b807a3a0
age: 74749
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 1986
x-served-by: mediawiki-prod-ucp-68fc999d99-5kv9v, cache-wk-sjc3162-WIKIA, cache-fra19133-FRA
x-trace-id: dfd2a209-07dd-4793-b11d-42278b5bde2d
x-backend-response-time: 0.066
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:12 GMT
vary: Accept-Encoding, Cookie
content-type: application/json; charset=utf-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-timer: S1589810533.905210,VS0,VE2
x-cache-hits: ORIGIN, 1, 1

GET
H2 200 23108 Show response
services.wikia.org/knowledge-graph/affiliates/12344/ 3 KB
407 B 7ms
7ms XHR
application/json 2a04:4e42:200::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://services.wikia.org/knowledge-graph/affiliates/12344/23108
Requested by: Host: slot1-images.wikia.nocookie.net
URL: https://slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26only%3Dscripts%26skin%3Doasis%26version%3D1589567588360-20200515T181500Z/jquery,mediawiki
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::194 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9c5434ac869a9b191f38a2291902bb3d32eb7f1a0da455c6b4dd0bbbba350f14

Request headers

Accept: */*
Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:02:12 GMT
content-encoding: gzip
age: 74748
status: 200
accept-ranges: bytes
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://malware.wikia.org
cache-control: no-transform, max-age=86400
x-datacenter: SJC
access-control-allow-credentials: true
content-length: 266

GET
H2 200 wikia.php Show response
malware.wikia.org/ 70 B
338 B 159ms
159ms XHR
application/json 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/wikia.php?controller=SiteWideMessages&method=getAnonMessages&articleId=23108&format=json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cf3d45227d9b401c48b8841144ba63d92d57948da0814701ff5b998a98d89036

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://malware.wikia.org/wiki/Sodinokibi
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 23533a11-fe35-4a69-86f5-d140495459d2
age: 8470
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 75
x-served-by: mediawiki-prod-ucp-68fc999d99-gjmgp, cache-wk-sjc3163-WIKIA, cache-fra19133-FRA
x-trace-id: 276e17ea-f765-4921-ba55-f5c921bdb873
x-backend-response-time: 0.014
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding, Cookie
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
accept-ranges: bytes
x-timer: S1589810533.926346,VS0,VE153
x-cache-hits: ORIGIN, 4, 0

GET
H2 200 load.php Show response
malware.wikia.org/ 184 KB
47 KB 8ms
7ms Script
text/javascript 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?debug=false&lang=en&mode=articles&skin=oasis&missingCallback=importNotifications.importArticleMissing&articles=external%3Adev%3AMediaWiki%3AAdminDashboard+JS-Button%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AAjaxBatchDelete%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AAjaxRC%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AAjaxRename%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AAnchoredRollback%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3ADiscordIntegrator%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3ADisplayClock%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3ADupImageList%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AInputUsername%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3ALastEdited%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AMarkBlocked.js%7CMediaWiki%3Adev.MassPatrol%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AMassRename%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AMessageBlock%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AModernProfile%2FEditButton.js%7Cexternal%3Adev%3AMediaWiki%3ANullEditButton%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AProfileTags.js%7Cexternal%3Adev%3AMediaWiki%3APowerPageMaker%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3APurgeButton%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3ARailWAM%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3ARevealAnonIP%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AWallGreetingButton%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AAddInsights%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AEditConflictAlert%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AMassNullEdit%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AAdminDashboard+block%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AFastDelete%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AMessageWallUserTags%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AInactiveUsers%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AQuickDiff%2Fcode.js&reviewed=1561936428&only=scripts

Requested by

Host: slot1-images.wikia.nocookie.net
URL: https://slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26skin%3Doasis%26version%3D1589447383916-20200515T181500Z/amd.shared%7Cext.wikia.facebookTags%7Cjquery.byteLength,checkboxShiftClick,client,cookie,makeCollapsible,messageBox,mw-jump,mwExtension,timeago%7Cmediawiki.Title,Uri,cldr,jqueryMsg,language,user,util%7Cmediawiki.language.init%7Cmediawiki.legacy.ajax,wikibits%7Cmediawiki.libs.pluralruleparser%7Cmediawiki.page.ready,startup%7Cunderscore%7Cwikia.fbLocale,history,importScript,loader,mw,nirvana,throbber,thumbnailer,tracker

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2c530061ef585d4eb2e76df568217dc17cc4cd7e1c5250e0e35d582fff63039f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 8cb1868a-c497-433d-bfb1-90a4f1c2dde7
age: 233
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 47494
x-served-by: mediawiki-prod-ucp-68fc999d99-67bz8, cache-wk-sjc3162-WIKIA, cache-fra19133-FRA
x-trace-id: b9955e31-f8e3-4f8f-bdd4-d4d03849abe4
last-modified: Fri, 15 May 2020 02:25:41 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:12 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1589810533.942980,VS0,VE1
x-backend-response-time: 0.114
x-cache-hits: ORIGIN, 1, 1

GET
H/1.1 200
OK intercept.js Show response
d2bnxibecyz4h5.cloudfront.net/runtimejs/intercept/ 26 KB
27 KB 448ms
71ms Script
text/javascript 52.84.50.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2bnxibecyz4h5.cloudfront.net/runtimejs/intercept/intercept.js
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.84.50.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-50-120.ham50.r.cloudfront.net
Software: Apache /
Resource Hash: 618b11e13b912f1f835576db1d9e85057617aa6eb242fe961660c0e05e4e41e1

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: cache
Date: Mon, 18 May 2020 13:58:56 GMT
Via: 1.1 150f57582a5422af77de04444db8acf9.cloudfront.net (CloudFront), 1.1 312b9f49a05a10af1e6462e1c59bae9b.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 193
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1800
X-Amz-Cf-Pop: HAM50-C3, HAM50-C2
X-Amz-Cf-Id: LnuU_Jj3uGaLXZSWO7xnArR-JY-ZwUY0WqNg8_pUwzAAg5vKYvgqpQ==
Expires: Mon, 18 May 2020 14:29:00 GMT

GET
H2 200 23108 Show response
services.wikia.org/taxonomy/pagedata/12344/ 56 B
116 B 158ms
158ms XHR
application/json 2a04:4e42:200::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://services.wikia.org/taxonomy/pagedata/12344/23108
Requested by: Host: slot1-images.wikia.nocookie.net
URL: https://slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26only%3Dscripts%26skin%3Doasis%26version%3D1589567588360-20200515T181500Z/jquery,mediawiki
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::194 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e5aefb492ef8bac72ee852af6499442b3057758be0a64c56ae44325d3b0a02e6

Request headers

Accept: */*
Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:02:13 GMT
age: 4588
status: 200
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://malware.wikia.org
cache-control: no-transform, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 56
x-datacenter: SJC

GET
H2 200 premium-rail.scss
slot1-images.wikia.nocookie.net/__am/1589447383916/sasses/background-dynamic%3Dfalse%26background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimages%252F5%252F50%252FWi... 3 KB
1 KB 202ms
201ms Stylesheet
text/css 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

a277f24bc4db148ce882f14c5b24ad8a7695d48995b218c8cddf5e1697ff0cb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 13:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 348227
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 857
x-served-by: mediawiki-prod-ucp-8fb47c87-92ljg, wk-cdn-f6, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 14 May 2020 13:18:25 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.009
x-cache-hits: ORIGIN, 2982, 0

GET
H2 200 /
static.wikia.nocookie.net/df3afc30-0f94-470d-85ce-e1319062c993/ 3 KB
4 KB 202ms
200ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wikia.nocookie.net/df3afc30-0f94-470d-85ce-e1319062c993/
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 2c27541965013128809f245b9ff14518295bd568984315b224ee2d0eb58ef679

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 10:48:32 GMT
x-cacheable: YES - FORCED
age: 1221220
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="static-assets-upload15241352124541073874.webp"; filename*=UTF-8''static-assets-upload15241352124541073874.webp
content-length: 3432
x-served-by: thumblr-697dcdc7cf-987nv, wk-cdn-f3, wk-cdn-f5
surrogate-key: df3afc30-0f94-470d-85ce-e1319062c993 thumblr original
x-thumbnailer: Thumblr
etag: COWHjIu9segCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 630876, 0

GET
H2 200 load.php Show response
malware.wikia.org/ 5 KB
2 KB 7ms
6ms Script
text/javascript 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?debug=false&lang=en&mode=articles&skin=oasis&missingCallback=importNotifications.importArticleMissing&articles=u%3Adev%3AMediaWiki%3AAjaxBatchDelete.js&reviewed=1561936428&only=scripts

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3309441ac20963e8fa7b0687271db8267648acf786349c398bde61cf1cf0e671

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 9a19d4f3-eca2-4e38-a089-483752ba9697
age: 269
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 1758
x-served-by: mediawiki-prod-f8f7c6854-b4ghk, cache-wk-sjc3163-WIKIA, cache-fra19133-FRA
x-trace-id: f03e8e6c-1595-47cf-8751-f3765c4a9cae
last-modified: Fri, 03 Jan 2020 01:46:21 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:12 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1589810533.990802,VS0,VE1
x-backend-response-time: 0.026
x-cache-hits: ORIGIN, 1, 1

GET
H2 200 load.php Show response
malware.wikia.org/ 4 KB
2 KB 8ms
7ms Script
text/javascript 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cd162049c30fb441c1dff2cb468c9a3a6d6a1b30bc9de803b2253638ad41db60

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: f89dcbf8-ed6a-4e11-a8e7-1c07c3f8b552
age: 269
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 1773
x-served-by: mediawiki-prod-ucp-68fc999d99-kjdbb, cache-wk-sjc3162-WIKIA, cache-fra19133-FRA
x-trace-id: 442ad7f5-09cb-444e-ae89-5474c1968690
last-modified: Sun, 17 May 2020 19:46:48 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:12 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1589810533.991052,VS0,VE1
x-backend-response-time: 0.034
x-cache-hits: ORIGIN, 1, 1

GET
H2 200 load.php Show response
malware.wikia.org/ 9 KB
4 KB 7ms
7ms Script
text/javascript 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b44555490840da5d41cf9c3657c31f39b2e9ccccb1c5d9a622e596fcc1f573ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: b532c372-b954-4068-985e-e0ecd07f16fb
age: 269
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 3524
x-served-by: mediawiki-prod-ucp-77c9df9687-5xbwb, cache-wk-sjc3163-WIKIA, cache-fra19133-FRA
x-trace-id: 04330c40-a91d-4cc2-bb9c-8ebd574c97db
last-modified: Sat, 25 Jan 2020 15:25:25 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:12 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1589810533.991312,VS0,VE1
x-backend-response-time: 0.021
x-cache-hits: ORIGIN, 1, 1

GET
H2 200 mediawiki.api Show response
slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26skin%3Doasis%26version%3D1589447383916-20200515T181500Z/ 2 KB
2 KB 197ms
197ms Script
text/javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26skin%3Doasis%26version%3D1589447383916-20200515T181500Z/mediawiki.api

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

cc0666860ac6fbfbc23eca7cf4aaa2fddf2744558cf0ea46d8a4546773969818

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 12:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
x-span-id: dd720cfa-130d-48e9-b418-fdce48712ca2
age: 4303
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 1019
x-served-by: mediawiki-prod-ucp-8fb47c87-qklcz, wk-cdn-f4, wk-cdn-f5
x-trace-id: 43204fb0-10e8-43b1-86d4-55bfd348c444
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 14 May 2020 09:00:00 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-pass-cache-control: public, max-age=2592000, s-maxage=2592000
cache-control: public, max-age=2592000, s-maxage=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.008
x-cache-hits: ORIGIN, 104175, 0

GET
H2 200 load.php
dev.fandom.com/ 837 B
645 B 201ms
200ms Stylesheet
text/css 151.101.0.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.fandom.com/load.php?mode=articles&only=styles&articles=MediaWiki:MassNullEdit.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f132a5a551323ec3133d0c927c4b7e2b222d68789f54a5222152c492bb0a35de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: e01fe1d6-2c82-4bc3-a8b8-06fe809f8575
age: 275
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.fandom.com/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 399
x-served-by: mediawiki-prod-ucp-68f964b87b-tmmvw, cache-wk-sjc3163-WIKIA, cache-hhn4021-HHN
x-trace-id: 9378c9c7-8d3b-4049-a402-7bb5bbc7c55e
last-modified: Mon, 16 Mar 2020 04:02:51 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1589810533.165613,VS0,VE1
x-backend-response-time: 0.019
x-cache-hits: ORIGIN, 1, 1

GET
H2 200 load.php Show response
dev.fandom.com/ 7 KB
3 KB 200ms
199ms Script
text/javascript 151.101.0.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.fandom.com/load.php?mode=articles&only=scripts&articles=MediaWiki:QDmodal.js&cb=20180212

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bc51a7741f4d9ee483aa4ddaab5bdeca84312a1a5804f7dcf079b0e91dbd2ad2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 26b6a850-f9ea-40c3-997f-bc0d0889b312
age: 111
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.fandom.com/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 2909
x-served-by: mediawiki-prod-ucp-77c9df9687-bkbt9, cache-wk-sjc3163-WIKIA, cache-hhn4021-HHN
x-trace-id: a97f6850-00ad-4fde-be18-5d3877b26fc2
last-modified: Sat, 09 May 2020 10:37:03 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1589810533.166214,VS0,VE0
x-backend-response-time: 0.017
x-cache-hits: ORIGIN, 44, 2

GET
H2 200 load.php Show response
dev.fandom.com/ 9 KB
4 KB 201ms
201ms Script
text/javascript 151.101.0.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.fandom.com/load.php?mode=articles&only=scripts&articles=MediaWiki:I18n-js/code.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

23c25f20f5cf8f5feae597dd3381d8e4d7e7df453a6b14d1dd769a2250bb7a9f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: daff1054-073e-423b-adc0-8413d313cff4
age: 222
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.fandom.com/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 3520
x-served-by: mediawiki-prod-ucp-f5d897fd8-77txv, cache-wk-sjc3163-WIKIA, cache-hhn4021-HHN
x-trace-id: 0ec7b43e-2157-406c-87c3-e5f331820ed5
last-modified: Sat, 25 Jan 2020 15:25:25 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1589810533.169626,VS0,VE0
x-backend-response-time: 0.017
x-cache-hits: ORIGIN, 1, 4

GET
H2 200 load.php Show response
dev.fandom.com/ 7 KB
3 KB 197ms
197ms Script
text/javascript 151.101.0.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.fandom.com/load.php?mode=articles&only=scripts&articles=MediaWiki:QDmodal.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cad7d129f34c47eef5d0612991f8427e5d046a805336d769870e9069b5858b10

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 19097714-bbab-44f8-a08e-dcc106c50f0a
age: 204
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.fandom.com/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 2942
x-served-by: mediawiki-prod-ucp-77c9df9687-48g7k, cache-wk-sjc3162-WIKIA, cache-hhn4021-HHN
x-trace-id: ec51c6b4-5092-4355-9b21-8b3255f8ab67
last-modified: Sat, 09 May 2020 10:37:03 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1589810533.169620,VS0,VE0
x-backend-response-time: 0.030
x-cache-hits: ORIGIN, 187, 2

GET
H2 200 load.php
malware.wikia.org/ 495 B
594 B 10ms
10ms Stylesheet
text/css 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

affd1a555d37f98455ae507adba6a9387e85a11c102059fb112a7d0d85d91f24

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: a316b718-2488-46c2-b5bd-225d6d6bac17
age: 65
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 299
x-served-by: mediawiki-prod-ucp-7c8f79dd98-97fnz, cache-wk-sjc3162-WIKIA, cache-fra19133-FRA
x-trace-id: 8564c6b4-e576-4daa-b43f-a4458cd1e7e8
last-modified: Thu, 14 May 2020 06:49:54 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1589810533.006493,VS0,VE1
x-backend-response-time: 0.018
x-cache-hits: ORIGIN, 1, 1

GET
H2 200 ajax.gif
slot1-images.wikia.nocookie.net/__cb1589567588360/common/skins/common/images/ 546 B
883 B 188ms
187ms Image
image/gif 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://slot1-images.wikia.nocookie.net/__cb1589567588360/common/skins/common/images/ajax.gif
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 53224add53de4c20a5db7363faae8b344b9df8281a19d88215feaf9b86a8916a

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 12:51:11 GMT
x-cacheable: YES - FORCED
age: 4261
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 546
x-served-by: , wk-cdn-f6, wk-cdn-f5
last-modified: Wed, 13 May 2020 19:20:02 GMT
x-datacenter: SJC
etag: "5ebc4862-222"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 347, 0

GET
H2 200 load.php
malware.wikia.org/ 13 KB
4 KB 9ms
9ms Stylesheet
text/css 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7c16d6d1d6ca8fa125febf7c550be9e1c7a1c857940306b6b268aede2dc0da62

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 50e9cc4f-195f-4d38-ba8f-198d25d12087
age: 269
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 3208
x-served-by: mediawiki-prod-ucp-77c9df9687-264x5, cache-wk-sjc3163-WIKIA, cache-fra19133-FRA
x-trace-id: 7b4018f7-89ec-4d54-9c97-bb753723d458
last-modified: Wed, 14 Aug 2019 02:20:15 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1589810533.008535,VS0,VE1
x-backend-response-time: 0.015
x-cache-hits: ORIGIN, 1, 1

GET
H2 200 load.php Show response
malware.wikia.org/ 205 KB
61 KB 8ms
7ms XHR
text/javascript 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?mode=articles&articles=u:dev:Chart.js&only=scripts

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f616d618c0cc1e0b3b7befe6f404d272e0ed2974a01b88218070d675680c24b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://malware.wikia.org/wiki/Sodinokibi
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 9a79a70c-3221-4a69-86c0-a78449c7d3a6
age: 268
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 62441
x-served-by: mediawiki-prod-ucp-77c9df9687-sntdw, cache-wk-sjc3162-WIKIA, cache-fra19133-FRA
x-trace-id: 60af0cf8-cff7-46e1-8a24-1782824a23b3
last-modified: Thu, 29 Mar 2018 19:07:34 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1589810533.028371,VS0,VE1
x-backend-response-time: 0.029
x-cache-hits: ORIGIN, 1, 1

GET
H2 200 load.php Show response
malware.wikia.org/ 21 KB
6 KB 8ms
7ms XHR
text/javascript 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?mode=articles&articles=u:dev:RailWAM/lib.js&only=scripts

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c19dcd3da804d0a91bef047ffc5f9c780bc74d1e31adcb99f3b496dc5750b04

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://malware.wikia.org/wiki/Sodinokibi
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 8752d553-3389-4086-8de3-3c535671f493
age: 269
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 6062
x-served-by: mediawiki-prod-ucp-77c9df9687-7g2tp, cache-wk-sjc3162-WIKIA, cache-fra19133-FRA
x-trace-id: e69f967d-0689-4490-a244-cd28d368613a
last-modified: Sat, 28 Mar 2020 22:42:55 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1589810533.028620,VS0,VE1
x-backend-response-time: 0.021
x-cache-hits: ORIGIN, 1, 1

GET
H2 200 load.php Show response
malware.wikia.org/ 9 KB
4 KB 16ms
15ms XHR
text/javascript 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?mode=articles&articles=u:dev:I18n-js/code.js&only=scripts

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a4a6c26e1f875ee51008dfd636469d857b9f23fcbaff7e92f2b68d2f723e0982

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://malware.wikia.org/wiki/Sodinokibi
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: b984e22a-f4ee-44a5-839d-504cc868adb1
age: 269
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 3525
x-served-by: mediawiki-prod-ucp-88b59dcc7-bg4q9, cache-wk-sjc3162-WIKIA, cache-fra19133-FRA
x-trace-id: 090c4376-441a-4ebb-8ede-5548ad6c3b37
last-modified: Sat, 25 Jan 2020 15:25:25 GMT
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1589810533.028832,VS0,VE1
x-backend-response-time: 0.022
x-cache-hits: ORIGIN, 1, 1

GET
H2 200 api.php Show response
dev.fandom.com/ 3 KB
1 KB 798ms
797ms Script
text/javascript 151.101.0.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.fandom.com/api.php?callback=jQuery18206871259279429591_1589810532603&action=query&format=json&prop=revisions&rvprop=content&titles=MediaWiki%3ACustom-AnchoredRollback%2Fi18n.json&indexpageids=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3247f8f3ac33a9de7b1d8ad43f0dd6df87417742eda86c10ce14de3f45425c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 652e211a-9cde-499d-9763-a7be1066bcd5
age: 0
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.fandom.com/csp-logger/csp/app
x-cache: ORIGIN, MISS, MISS
status: 200
content-disposition: inline; filename="api-result.json"
content-length: 771
x-served-by: mediawiki-prod-ucp-58944cbf77-bhtdc, cache-wk-sjc3163-WIKIA, cache-hhn4021-HHN
x-trace-id: 58e87b4d-49eb-471d-9c92-18940f33b952
x-backend-response-time: 0.019
x-datacenter: SJC
x-frame-options: DENY
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding, Cookie
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, s-maxage=3600, public
accept-ranges: bytes
x-timer: S1589810534.620145,VS0,VE189
x-cache-hits: ORIGIN, 0, 0

GET
H2 200 api.php Show response
dev.fandom.com/ 7 KB
2 KB 798ms
797ms Script
text/javascript 151.101.0.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.fandom.com/api.php?callback=jQuery18206871259279429591_1589810532604&action=query&format=json&prop=revisions&rvprop=content&titles=MediaWiki%3ACustom-DiscordIntegrator%2Fi18n.json&indexpageids=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5f2fc945ccb27501f6b158229aae1a85782af8e7696211e0e36860a3b1819dde

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 4f638572-9c9c-4ac9-a318-c1a77612cc0b
age: 0
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.fandom.com/csp-logger/csp/app
x-cache: ORIGIN, MISS, MISS
status: 200
content-disposition: inline; filename="api-result.json"
content-length: 2094
x-served-by: mediawiki-prod-ucp-58944cbf77-dwg9q, cache-wk-sjc3163-WIKIA, cache-hhn4021-HHN
x-trace-id: 85142031-e89f-43c3-8ae4-ef069442c00b
x-backend-response-time: 0.024
x-datacenter: SJC
x-frame-options: DENY
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding, Cookie
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, s-maxage=3600, public
accept-ranges: bytes
x-timer: S1589810534.620286,VS0,VE189
x-cache-hits: ORIGIN, 0, 0

GET
H2 200 api.php Show response
dev.fandom.com/ 2 KB
764 B 811ms
810ms Script
text/javascript 151.101.0.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.fandom.com/api.php?callback=jQuery18206871259279429591_1589810532605&action=query&format=json&prop=revisions&rvprop=content&titles=MediaWiki%3ACustom-DupImageList%2Fi18n.json&indexpageids=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2aac80d5253623b6ca2c507350d2b772f477d56beb280e10837e4e75dc3ab1f6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 1c2d005d-0afe-461a-b241-4601e92f6492
age: 0
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.fandom.com/csp-logger/csp/app
x-cache: ORIGIN, MISS, MISS
status: 200
content-disposition: inline; filename="api-result.json"
content-length: 574
x-served-by: mediawiki-prod-ucp-58944cbf77-ll5vw, cache-wk-sjc3163-WIKIA, cache-hhn4021-HHN
x-trace-id: b7ae56f0-a37a-46cb-b101-f875cbc1318d
x-backend-response-time: 0.020
x-datacenter: SJC
x-frame-options: DENY
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding, Cookie
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, s-maxage=3600, public
accept-ranges: bytes
x-timer: S1589810534.620120,VS0,VE191
x-cache-hits: ORIGIN, 0, 0

GET
H2 200 api.php Show response
dev.fandom.com/ 5 KB
2 KB 811ms
811ms Script
text/javascript 151.101.0.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.fandom.com/api.php?callback=jQuery18206871259279429591_1589810532606&action=query&format=json&prop=revisions&rvprop=content&titles=MediaWiki%3ACustom-PurgeButton%2Fi18n.json&indexpageids=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

56837e95079cb221f96db50432a8a6f5c249195d96143dfe34221b674549feb3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 96d6417a-9cb0-430b-b8d8-a1d35d89d74c
age: 0
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.fandom.com/csp-logger/csp/app
x-cache: ORIGIN, MISS, MISS
status: 200
content-disposition: inline; filename="api-result.json"
content-length: 1186
x-served-by: mediawiki-prod-ucp-58944cbf77-7rqrz, cache-wk-sjc3162-WIKIA, cache-hhn4021-HHN
x-trace-id: d4cf3a85-1e7e-4644-8568-0edca84e7b3a
x-backend-response-time: 0.018
x-datacenter: SJC
x-frame-options: DENY
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding, Cookie
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, s-maxage=3600, public
accept-ranges: bytes
x-timer: S1589810534.620097,VS0,VE192
x-cache-hits: ORIGIN, 0, 0

GET
H2 200 api.php Show response
dev.fandom.com/ 90 KB
13 KB 797ms
797ms Script
text/javascript 151.101.0.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.fandom.com/api.php?callback=jQuery18206871259279429591_1589810532607&action=query&format=json&prop=revisions&rvprop=content&titles=MediaWiki%3ACustom-MassNullEdit%2Fi18n.json&indexpageids=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

97cfbe360b8d3cccf18c38f4b83153ebe0a9f1442da1bd928a49dee63da41d2e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: d78bf812-f93f-433b-893f-5f808bfa8705
age: 0
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.fandom.com/csp-logger/csp/app
x-cache: ORIGIN, MISS, MISS
status: 200
content-disposition: inline; filename="api-result.json"
content-length: 12505
x-served-by: mediawiki-prod-ucp-58944cbf77-kvnqm, cache-wk-sjc3162-WIKIA, cache-hhn4021-HHN
x-trace-id: 691fac4b-22ec-41ef-b55f-2f1349addf5a
x-backend-response-time: 0.021
x-datacenter: SJC
x-frame-options: DENY
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding, Cookie
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, s-maxage=3600, public
accept-ranges: bytes
x-timer: S1589810534.620092,VS0,VE189
x-cache-hits: ORIGIN, 0, 0

GET
H2 200 api.php Show response
dev.fandom.com/ 11 KB
3 KB 792ms
792ms Script
text/javascript 151.101.0.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.fandom.com/api.php?callback=jQuery18206871259279429591_1589810532608&action=query&format=json&prop=revisions&rvprop=content&titles=MediaWiki%3ACustom-QuickDiff%2Fi18n.json&indexpageids=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f6ecad2f9febc6a72b88f0d3420f9db9ede23a5c87a61b2385ef543aefe752d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: cfb36859-2fcc-42b4-bb15-50c928ba46f1
age: 0
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.fandom.com/csp-logger/csp/app
x-cache: ORIGIN, MISS, MISS
status: 200
content-disposition: inline; filename="api-result.json"
content-length: 2771
x-served-by: mediawiki-prod-ucp-58944cbf77-v6mbp, cache-wk-sjc3163-WIKIA, cache-hhn4021-HHN
x-trace-id: a4065374-68ed-4de4-ac98-cd244ce56e4e
x-backend-response-time: 0.021
x-datacenter: SJC
x-frame-options: DENY
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding, Cookie
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, s-maxage=3600, public
accept-ranges: bytes
x-timer: S1589810534.620072,VS0,VE185
x-cache-hits: ORIGIN, 0, 0

GET
H2 200 api.php Show response
malware.wikia.org/ 17 KB
3 KB 190ms
190ms XHR
application/json 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/api.php?action=query&titles=Sodinokibi&prop=revisions&rvprop=timestamp%7Cuser%7Cuserid%7Csize%7Cparsedcomment%7Cflags&rvlimit=2&rvdiffto=prev&format=json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3a5de6615405ccd3c98789d92ba4647c3248ded6f4613dc4e74db1778b796d69

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Referer: https://malware.wikia.org/wiki/Sodinokibi
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: NO:Cache-Control=private
x-span-id: 092f3063-8e7c-46a2-a429-90303717be6f
age: 0, 0, 0, 0
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, MISS, MISS
status: 200
content-disposition: inline; filename="api-result.json"
content-length: 2764
x-served-by: mediawiki-prod-ucp-58944cbf77-skfkj, cache-wk-sjc3163-WIKIA, cache-fra19133-FRA
x-trace-id: e2bb3d52-bf52-4ffc-808f-1e8aa2fc454a
x-backend-response-time: 0.023
x-datacenter: SJC
x-frame-options: DENY
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding, Cookie
content-type: application/json; charset=utf-8
cache-control: private
accept-ranges: bytes, bytes, bytes, bytes, bytes
x-timer: S1589810533.042219,VS0,VE184
x-cache-hits: ORIGIN, 0, 0

GET
H2 200 api.php Show response
dev.fandom.com/ 27 KB
6 KB 788ms
788ms Script
text/javascript 151.101.0.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.fandom.com/api.php?callback=jQuery18206871259279429591_1589810532609&action=query&format=json&prop=revisions&rvprop=content&titles=MediaWiki%3ACustom-LastEdited%2Fi18n.json&indexpageids=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e244072d416f7b137e5bb7a6025dbd8a2e3da1e6b51b1c4ebe75355eefc9cd14

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 9830e97e-2e91-492d-9020-369c6f13d0a6
age: 0
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.fandom.com/csp-logger/csp/app
x-cache: ORIGIN, MISS, MISS
status: 200
content-disposition: inline; filename="api-result.json"
content-length: 5739
x-served-by: mediawiki-prod-ucp-58944cbf77-p4njs, cache-wk-sjc3163-WIKIA, cache-hhn4021-HHN
x-trace-id: 65cde8ae-dbde-4ea4-9c2c-b28d14121308
x-backend-response-time: 0.020
x-datacenter: SJC
x-frame-options: DENY
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding, Cookie
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, s-maxage=3600, public
accept-ranges: bytes
x-timer: S1589810534.620075,VS0,VE183
x-cache-hits: ORIGIN, 0, 0

GET
H2 200 wikia.php Show response
malware.wikia.org/ 4 KB
1 KB 10ms
7ms XHR
application/json 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/wikia.php?controller=Wikia%5CUI%5CUIFactoryApi&method=getComponentsConfig&cb=1589447383916&components%5B%5D=modal&format=json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c933555081d2d1127b539cb4a03178dd87a4b058505ee75fd7b74b56769537cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://malware.wikia.org/wiki/Sodinokibi
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 696d92e2-972f-4e63-a4bd-ed172f904704
age: 2487
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 1167
x-served-by: mediawiki-prod-ucp-58944cbf77-qqsgb, cache-wk-sjc3163-WIKIA, cache-fra19133-FRA
x-trace-id: f19f818c-a590-4cb1-88c1-09d4af775064
x-backend-response-time: 0.019
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding, Cookie
content-type: application/json; charset=utf-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-timer: S1589810533.045938,VS0,VE1
x-cache-hits: ORIGIN, 1, 1

GET
H2 200 mediawiki.action.history.diff Show response
slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26sass_background-dynamic%3Dfalse%26sass_background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimage... 2 KB
1 KB 226ms
223ms Script
text/javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26sass_background-dynamic%3Dfalse%26sass_background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimages%252F5%252F50%252FWiki-background%252Frevision%252Flatest%253Fcb%253D20140919094252%26sass_background-image-height%3D640%26sass_background-image-width%3D640%26sass_color-body%3D%2523ebf1f5%26sass_color-body-middle%3D%2523bacdd8%26sass_color-buttons%3D%2523df0101%26sass_color-community-header%3D%25230b0b3b%26sass_color-header%3D%2523dd4702%26sass_color-links%3D%2523a47719%26sass_color-page%3D%2523012e59%26sass_oasisTypography%3D1%26sass_page-opacity%3D87%26sass_widthType%3D0%26skin%3Doasis%26version%3D1589447383916-20200515T181500Z/mediawiki.action.history.diff

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

f352ca8663ba512477869069039d7339669d33941f6d60911c91cd016f949238

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 12:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
x-span-id: e2313de2-2230-4859-a3ca-2227ced639a2
age: 4164
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 702
x-served-by: mediawiki-prod-ucp-8fb47c87-m6qs6, wk-cdn-f2, wk-cdn-f5
x-trace-id: c8bc8e58-c9ae-4e6d-8710-5b23d1a437df
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 14 May 2020 09:00:00 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-pass-cache-control: public, max-age=2592000, s-maxage=2592000
cache-control: public, max-age=2592000, s-maxage=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.009
x-cache-hits: ORIGIN, 51, 0

GET
H2 200 api.php Show response
dev.fandom.com/ 5 KB
2 KB 1102ms
1101ms Script
text/javascript 151.101.0.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.fandom.com/api.php?callback=jQuery18206871259279429591_1589810532610&action=query&format=json&prop=revisions&rvprop=content&titles=MediaWiki%3ACustom-FastDelete%2Fi18n.json&indexpageids=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cd044dbd1f25b1b7f5e15f241ff59debaa23c52fa766a54eb764be7f4033fce8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 00e47e77-ca43-492b-9c91-707c16853dc7
age: 0
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.fandom.com/csp-logger/csp/app
x-cache: ORIGIN, MISS, MISS
status: 200
content-disposition: inline; filename="api-result.json"
content-length: 1588
x-served-by: mediawiki-prod-ucp-58944cbf77-lwtmb, cache-wk-sjc3162-WIKIA, cache-hhn4021-HHN
x-trace-id: f0a017b0-3348-447d-96bd-e20420066d4f
x-backend-response-time: 0.333
x-datacenter: SJC
x-frame-options: DENY
date: Mon, 18 May 2020 14:02:14 GMT
vary: Accept-Encoding, Cookie
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, s-maxage=3600, public
accept-ranges: bytes
x-timer: S1589810534.620046,VS0,VE501
x-cache-hits: ORIGIN, 0, 0

GET
H2 200 button_default.scss
slot1-images.wikia.nocookie.net/__am/1589567588360/sass/background-dynamic%3Dfalse%26background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimages%252F5%252F50%252FWiki... 10 KB
2 KB 214ms
213ms Stylesheet
text/css 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1589567588360/sass/background-dynamic%3Dfalse%26background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimages%252F5%252F50%252FWiki-background%252Frevision%252Flatest%253Fcb%253D20140919094252%26background-image-height%3D640%26background-image-width%3D640%26color-body%3D%2523ebf1f5%26color-body-middle%3D%2523bacdd8%26color-buttons%3D%2523df0101%26color-community-header%3D%25230b0b3b%26color-header%3D%2523dd4702%26color-links%3D%2523a47719%26color-page%3D%2523012e59%26oasisTypography%3D1%26page-opacity%3D87%26widthType%3D0/resources/wikia/ui_components/button/css/button_default.scss

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

0ea41215c30660f9d5b9c2e2b6a752f2ae866e3d748122b2bf81af58fce3dabf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 12:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 3850
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 1809
x-served-by: mediawiki-prod-ucp-6967675f49-sm6zk, wk-cdn-f1, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Mon, 18 May 2020 12:58:02 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.008
x-cache-hits: ORIGIN, 56, 0

GET
H2 200 modal_default.scss
slot1-images.wikia.nocookie.net/__am/1589567588360/sass/background-dynamic%3Dfalse%26background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimages%252F5%252F50%252FWiki... 3 KB
2 KB 218ms
218ms Stylesheet
text/css 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

5e9cd14decf6d723ec6c95109c21486a3b9521b024c0ceec28348739a3e2e2e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 12:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 3851
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 1135
x-served-by: mediawiki-prod-ucp-6967675f49-wt5vm, wk-cdn-f2, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Mon, 18 May 2020 12:58:02 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.007
x-cache-hits: ORIGIN, 46, 0

GET
H2 200 modal.js Show response
slot1-images.wikia.nocookie.net/__am/1589567588360/one/minify%3D1/resources/wikia/ui_components/modal/js/ 5 KB
2 KB 217ms
216ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1589567588360/one/minify%3D1/resources/wikia/ui_components/modal/js/modal.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

a922596b5b1c3774b8741c3e4cdad4188a42f4eb90ee8f6b2db26aa968b95475

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 12:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
age: 4005
x-cache: ORIGIN, HIT
status: 200
content-length: 1970
x-served-by: mediawiki-prod-ucp-6967675f49-7hthm, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Mon, 18 May 2020 12:55:27 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.010
x-cache-hits: ORIGIN, 10116

GET
H2 200 api.php Show response
dev.fandom.com/ 499 KB
86 KB 804ms
803ms Script
text/javascript 151.101.0.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.fandom.com/api.php?callback=jQuery18206871259279429591_1589810532611&action=query&format=json&prop=revisions&rvprop=content&titles=MediaWiki%3ACustom-RailWAM%2Fi18n.json&indexpageids=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4872c70fd27d9415ae6f18b30dfd8f8c0373967492ba29cecb1b5e8b7e0bc00c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: dbd743a5-89b4-4495-bf39-96864f2d6015
age: 0
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.fandom.com/csp-logger/csp/app
x-cache: ORIGIN, MISS, MISS
status: 200
content-disposition: inline; filename="api-result.json"
content-length: 87832
x-served-by: mediawiki-prod-ucp-58944cbf77-77bjc, cache-wk-sjc3163-WIKIA, cache-hhn4021-HHN
x-trace-id: 900803b9-768a-4d7d-954c-a6caf046d5f7
x-backend-response-time: 0.028
x-datacenter: SJC
x-frame-options: DENY
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding, Cookie
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, s-maxage=3600, public
accept-ranges: bytes
x-timer: S1589810534.620168,VS0,VE235
x-cache-hits: ORIGIN, 0, 0

GET
H/1.1 200
OK MinMaxWamIndexDate&cacheId=1589810533.045 Show response
railwam.herokuapp.com/api/v1/WAM/ 63 B
2 KB 934ms
264ms XHR
application/json 18.235.131.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://railwam.herokuapp.com/api/v1/WAM/MinMaxWamIndexDate&cacheId=1589810533.045

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.235.131.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-235-131-250.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

4887b2f455f85beb8e9dcc0e4484d549ef818d2db316256365ccfc6fecb1e398

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Cacheable: NO:Cache-Control=private
X-Span-Id: a79d911d-8ff6-4d47-8b99-addfc4e58f1d
Age: 0
Content-Security-Policy-Report-Only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.fandom.com/csp-logger/csp/app
X-Cache: ORIGIN, MISS, MISS
Connection: keep-alive
Content-Length: 68
X-Served-By: mediawiki-prod-ucp-58944cbf77-rrpv8, cache-wk-sjc3163-WIKIA, cache-bwi5035-BWI
X-Trace-Id: e011e8c8-5748-42e9-92fe-ac83c60097db
Access-Control-Allow-Origin: *
X-Backend-Response-Time: 0.012
Server: Cowboy
X-Datacenter: SJC
Date: Mon, 18 May 2020 14:02:13 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Via: 1.1 vegur
Cache-Control: private, s-maxage=0, max-age=0, must-revalidate
Accept-Ranges: bytes, bytes, bytes, bytes, bytes
X-Timer: S1589810534.848098,VS0,VE87
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: ORIGIN, 0, 0

GET
H2 200 community_page_entry_point_js Show response
slot1-images.wikia.nocookie.net/__am/1589447383916/group/-/ 517 B
830 B 88ms
87ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1589447383916/group/-/community_page_entry_point_js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

af38ed9df488ca149342b521e7aba9fdece85284a2d518ee05c67ae1084abe73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 13:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 348375
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 292
x-served-by: mediawiki-prod-ucp-8fb47c87-cgwgc, wk-cdn-f6, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 14 May 2020 13:15:57 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.005
x-cache-hits: ORIGIN, 8983374, 0

GET
H2 200 30
vignette.wikia.nocookie.net/messaging/images/c/cf/Avatar6.jpg/revision/latest/scale-to-width-down/ 809 B
1 KB 89ms
85ms Image
image/jpeg 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/messaging/images/c/cf/Avatar6.jpg/revision/latest/scale-to-width-down/30?format=jpg
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 85167ff0f66e95cc25e978ede3097cf9f94b173924ee6cb411d0ddcd268a6b01

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 10:44:43 GMT
x-cacheable: YES - FORCED
age: 1221449
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="Avatar6.jpg"; filename*=UTF-8''Avatar6.jpg
content-length: 809
x-served-by: thumblr-697dcdc7cf-gks4c, wk-cdn-f3, wk-cdn-f5
surrogate-key: 13f020024f339165f718015c97cf95e103b1d660 wiki-messaging thumblr scale-to-width-down
x-thumbnailer: Thumblr
etag: CODw0+mwuugCEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 2333569, 0

GET
H2 200 30
static.wikia.nocookie.net/1bd5a03c-c040-4bc9-9e7f-89a959245e87/scale-to-width-down/ 444 B
957 B 89ms
86ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wikia.nocookie.net/1bd5a03c-c040-4bc9-9e7f-89a959245e87/scale-to-width-down/30
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: ca4bbabd241bfff1ba385f14b9e8cc50def63b2066694ae4a6bba203487855ed

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:49:01 GMT
x-cacheable: YES - FORCED
age: 119591
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="%252Ftmp%252FavatarPzI582.webp"; filename*=UTF-8''%252Ftmp%252FavatarPzI582.webp
content-length: 444
x-served-by: thumblr-d9fc486b7-7qj5w, wk-cdn-f3, wk-cdn-f5
surrogate-key: 1bd5a03c-c040-4bc9-9e7f-89a959245e87 thumblr scale-to-width-down
x-thumbnailer: Thumblr
etag: CMSkkOH5uekCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 753, 0

GET
H2 200 30
vignette.wikia.nocookie.net/messaging/images/1/19/Avatar.jpg/revision/latest/scale-to-width-down/ 196 B
697 B 87ms
84ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/messaging/images/1/19/Avatar.jpg/revision/latest/scale-to-width-down/30
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 196162c798734984782b1a2cccd2668b21c91d2ba6be36ed604db68893841161

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 10:44:43 GMT
x-cacheable: YES - FORCED
age: 1221449
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="Avatar.webp"; filename*=UTF-8''Avatar.webp
content-length: 196
x-served-by: thumblr-697dcdc7cf-t7fwt, wk-cdn-f2, wk-cdn-f5
surrogate-key: 9a284b9560d85e849b787eb948562cb778f76fe7 wiki-messaging thumblr scale-to-width-down
x-thumbnailer: Thumblr
etag: CN6Ci+egkOYCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 17396785, 0

GET
H2 200 30
static.wikia.nocookie.net/e5eb00d0-e30b-48a7-a310-0ecdce2683d8/scale-to-width-down/ 626 B
1 KB 86ms
83ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wikia.nocookie.net/e5eb00d0-e30b-48a7-a310-0ecdce2683d8/scale-to-width-down/30
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 7c38917545535036769b8c5e299fb85b1e5f45d46ffa4ea704587d0f68ef4db9

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 17:43:40 GMT
x-cacheable: YES - FORCED
age: 418713
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="%252Ftmp%252Favatar5topGF.webp"; filename*=UTF-8''%252Ftmp%252Favatar5topGF.webp
content-length: 626
x-served-by: thumblr-d9fc486b7-8p7gj, wk-cdn-f1, wk-cdn-f5
surrogate-key: e5eb00d0-e30b-48a7-a310-0ecdce2683d8 thumblr scale-to-width-down
x-thumbnailer: Thumblr
etag: CNOW9eywsekCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 2948, 0

GET
H2 200 53
vignette.wikia.nocookie.net/malware/images/3/3a/LoveAttach.jpg/revision/latest/smart/width/53/height/ 474 B
963 B 87ms
85ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/malware/images/3/3a/LoveAttach.jpg/revision/latest/smart/width/53/height/53?cb=20140512030813
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 4a26f805f927a1468f4e9d9fb3bafdcfad0ada3cf04b03f4983859e48bef2c48

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 21:25:56 GMT
x-cacheable: YES - FORCED
age: 1182976
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="LoveAttach.webp"; filename*=UTF-8''LoveAttach.webp
content-length: 474
x-served-by: thumblr-697dcdc7cf-m9q9w, wk-cdn-f1, wk-cdn-f5
surrogate-key: efd0523feb3e3e36961e60f4dd5b90b616b5db9a wiki-malware thumblr smart
x-thumbnailer: Thumblr
etag: CNCUrImJ2OcCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 9185, 0

GET
H2 200 53
vignette.wikia.nocookie.net/malware/images/8/84/%D0%A1%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA_%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0_2014-09-29_%D0%B2_23.36.02.png/revision/latest/smart/width/53/height/ 5 KB
5 KB 84ms
81ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/malware/images/8/84/%D0%A1%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA_%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0_2014-09-29_%D0%B2_23.36.02.png/revision/latest/smart/width/53/height/53?cb=20140929194023
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 64c254630624f65b42d554bce9780b58c46225bf100a506938a2baf2a45057ac

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 11:53:15 GMT
x-cacheable: YES
age: 1217337
x-cache: ORIGIN, HIT
status: 200
content-disposition: inline; filename="%253F%253F%253F%253F%253F%253F_%253F%253F%253F%253F%253F%253F_2014-09-29_%253F_23.36.02.webp"; filename*=UTF-8''%253F%253F%253F%253F%253F%253F_%253F%253F%253F%253F%253F%253F_2014-09-29_%253F_23.36.02.webp
content-length: 4954
x-served-by: thumblr-697dcdc7cf-hxrdk, wk-cdn-f5
surrogate-key: 773d029bf6a28163b6d98e8e829a6b48c3334d26 ad6056c6b202299e91bea8ca36b0351ebf8d6eb9 wiki-malware thumblr smart
x-thumbnailer: Thumblr
etag: CMrUm4WC4eUCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 9890

GET
H2 200 53
vignette.wikia.nocookie.net/malware/images/b/b2/Gbshane_Finecut_1_9-14/revision/latest/smart/width/53/height/ 1 KB
2 KB 86ms
84ms Image
image/jpeg 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/malware/images/b/b2/Gbshane_Finecut_1_9-14/revision/latest/smart/width/53/height/53?cb=20161105083351
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 43ef740799ae12b7d05cd5ee5d60cf57c708c83b1c90c4ed8dcaa3b8c35e0a53

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 11:53:15 GMT
x-cacheable: YES - FORCED
age: 1217337
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="Gbshane_Finecut_1_9-14.jpg"; filename*=UTF-8''Gbshane_Finecut_1_9-14.jpg
content-length: 1277
x-served-by: thumblr-697dcdc7cf-klcpf, wk-cdn-f4, wk-cdn-f5
surrogate-key: 91b764e57bb1f77dd40ab4cb91ff8ab2053590c4 wiki-malware thumblr smart
x-thumbnailer: Thumblr
etag: CIrC9IvU3eUCEAE=
vary: Accept
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 9819, 0

GET
H2 200 53
vignette.wikia.nocookie.net/malware/images/7/7e/Screenshot_2016-07-30_at_7.06.07_PM.png/revision/latest/smart/width/53/height/ 1 KB
2 KB 88ms
86ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/malware/images/7/7e/Screenshot_2016-07-30_at_7.06.07_PM.png/revision/latest/smart/width/53/height/53?cb=20160730230640
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 5be90c625f1bca410220c4139f3b8e8b53f5b1c8867954725bf1820c3a1f6b7d

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 11:53:15 GMT
x-cacheable: YES - FORCED
age: 1217337
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="Screenshot_2016-07-30_at_7.06.07_PM.webp"; filename*=UTF-8''Screenshot_2016-07-30_at_7.06.07_PM.webp
content-length: 1220
x-served-by: thumblr-697dcdc7cf-x9ff8, wk-cdn-f3, wk-cdn-f5
surrogate-key: 7d72bd6bf5b47dbbe134c212594d9f6ae418de8f wiki-malware thumblr smart
x-thumbnailer: Thumblr
etag: CI6ZuMfWt+YCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 9301, 0

GET
H2 200 53
vignette.wikia.nocookie.net/malware/images/c/ce/MEMZMBR.jpg/revision/latest/smart/width/53/height/ 996 B
1 KB 52ms
50ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/malware/images/c/ce/MEMZMBR.jpg/revision/latest/smart/width/53/height/53?cb=20160925162902
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 18ede43553ee04338aa9adc0266c250a3e8dc519fcaeb51580f8238609f00aae

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 15:38:49 GMT
x-cacheable: YES - FORCED
age: 1635804
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="MEMZMBR.webp"; filename*=UTF-8''MEMZMBR.webp
content-length: 996
x-served-by: thumblr-697dcdc7cf-2n5x9, wk-cdn-f1, wk-cdn-f5
surrogate-key: 92dececf31afe7f1c48ba0234422d099555406e9 wiki-malware thumblr smart
x-thumbnailer: Thumblr
etag: COOB0NLo8OUCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 9042, 0

GET
H2 200 sprite.png
slot1-images.wikia.nocookie.net/__cb1589447383916/common/skins/shared/images/ 10 KB
11 KB 54ms
52ms Image
image/png 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://slot1-images.wikia.nocookie.net/__cb1589447383916/common/skins/shared/images/sprite.png
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 6eff6f790d0dc40fd6cf7d349e45f258af23cecf12f64dc080b178bb923d1cae

Request headers

Referer: https://slot1-images.wikia.nocookie.net/__am/1589567588360/sass/background-dynamic%3Dfalse%26background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimages%252F5%252F50%252FWiki-background%252Frevision%252Flatest%253Fcb%253D20140919094252%26background-image-height%3D640%26background-image-width%3D640%26color-body%3D%2523ebf1f5%26color-body-middle%3D%2523bacdd8%26color-buttons%3D%2523df0101%26color-community-header%3D%25230b0b3b%26color-header%3D%2523dd4702%26color-links%3D%2523a47719%26color-page%3D%2523012e59%26oasisTypography%3D1%26page-opacity%3D87%26widthType%3D0/resources/wikia/ui_components/button/css/button_default.scss
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 13:12:49 GMT
x-cacheable: YES - FORCED
age: 348563
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 10483
x-served-by: , wk-cdn-f2, wk-cdn-f5
last-modified: Wed, 13 May 2020 19:20:02 GMT
x-datacenter: SJC
etag: "5ebc4862-28f3"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 1285750, 0

GET
H/1.1 200
OK NjkxMjIwLTUxZTkwMGQyMWY2NmFhMmE1MDkxMGViNzkxOTRkMmI3NjdjMWVjZTMzZGRmNzQ0MDNm.json Show response
surveygizmobeacon.s3.amazonaws.com/beaconconfigs/ 446 B
1 KB 585ms
157ms XHR
application/json 52.216.106.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://surveygizmobeacon.s3.amazonaws.com/beaconconfigs/NjkxMjIwLTUxZTkwMGQyMWY2NmFhMmE1MDkxMGViNzkxOTRkMmI3NjdjMWVjZTMzZGRmNzQ0MDNm.json
Requested by: Host: d2bnxibecyz4h5.cloudfront.net
URL: https://d2bnxibecyz4h5.cloudfront.net/runtimejs/intercept/intercept.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.106.188 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f2cb62f521903b6fe989b39670b06ee354953303f9626d9d365e5de6d8345e92

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 18 May 2020 14:02:14 GMT
x-amz-request-id: 22C163FD22BDFF7C
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
Content-Length: 446
x-amz-id-2: kb5RXAD4HPKRLqliokPCVL9anmkzfapXU9JDOjy1xhMT9VLxcrfSgdK3iQhGG7qnDkXuJmM8AgQ=
Last-Modified: Thu, 07 May 2020 22:04:39 GMT
Server: AmazonS3
ETag: "980284b318d8cec92486759284845871"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
x-amz-version-id: sZ4ArbNWC2pV2UXZcRQE24uq1XkCBGRc
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-forwarded-for
Accept-Ranges: bytes
Content-Type: application/json

GET
H2 200 mcx.js Show response
hbx.media.net/ 716 B
875 B 269ms
269ms Script
text/javascript 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/mcx.js?&rt=2&callback=window.advBidxc.contextualcallback&cid=8CUDYP2MO&ver=2&dn=malware.wikia.org&itype=HB&icode=cop&url=https%3A%2F%2Fmalware.wikia.org%2Fwiki%2FSodinokibi

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUDYP2MO&version=6.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f1236512c77eec468cd1b642c1f01c27353f761fbe66ebe2f586e3b73f17801c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=604800
server: Apache
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=1800
content-length: 716
expires: Mon, 18 May 2020 14:32:13 GMT

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
362 B 591ms
148ms XHR
text/plain 52.7.165.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/17632281258.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.165.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-165-206.compute-1.amazonaws.com
Software: nginx/1.17.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 18 May 2020 14:02:14 GMT
Server: nginx/1.17.2
Content-Type: text/plain
Access-Control-Allow-Origin: https://malware.wikia.org
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 7b0b7269-3de7-4df0-99df-e41d133aa2ca

GET
H2 200 avatar
services.fandom.com/user-avatar/user/44800797/ 33 KB
34 KB 234ms
232ms Image
image/png 151.101.0.194
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.fandom.com/user-avatar/user/44800797/avatar
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Sodinokibi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 508b7a6bc17d839af851c1a7756f43a5870f6db9474185e684945534515b0cec

Request headers

Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:02:14 GMT
age: 0
etag: CPz0xr//6+YCEAE=
content-type: image/png
status: 200
x-datacenter: SJC
content-disposition: inline; filename="/tmp/avatarf1lglg"
accept-ranges: bytes
content-length: 34212

GET
H2 200 api.php Show response
malware.wikia.org/ 376 B
396 B 193ms
192ms XHR
application/json 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/api.php?action=parse&format=json&prop=text&text=%3Cspan+class%3D%27diff%27%3E%5B%5BSpecial%3ADiff%2F%5D%5D%3C%2Fspan%3E%3Cspan+class%3D%27compare%27%3E%5B%5BSpecial%3AComparePages%5D%5D%3C%2Fspan%3E&disablepp=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

818e970d6349a9f1f4e7982416ee1909da66efe196dcbed916228e8b7c457ade

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://malware.wikia.org/wiki/Sodinokibi
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: NO:Cache-Control=private
x-span-id: a6b04be9-f636-4c28-aa74-eef69d4c4dd0
age: 0, 0, 0, 0
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, MISS, MISS
status: 200
content-disposition: inline; filename="api-result.json"
content-length: 173
x-served-by: mediawiki-prod-ucp-58944cbf77-9frqt, cache-wk-sjc3163-WIKIA, cache-fra19133-FRA
x-trace-id: 882064d7-d8ce-4398-a32e-868b96e766ac
x-backend-response-time: 0.018
x-datacenter: SJC
x-frame-options: DENY
date: Mon, 18 May 2020 14:02:14 GMT
vary: Accept-Encoding, Cookie
content-type: application/json; charset=utf-8
cache-control: private
accept-ranges: bytes, bytes, bytes, bytes, bytes
x-timer: S1589810534.845406,VS0,VE187
x-cache-hits: ORIGIN, 0, 0

GET
H2 200 api.php Show response
malware.wikia.org/ 671 B
476 B 8ms
7ms XHR
application/json 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/api.php?action=query&format=json&meta=allmessages&ammessages=Custom-DiscordIntegrator-config-id%7CCustom-DiscordIntegrator-config-title%7CCustom-DiscordIntegrator-config-moduleHeight%7CCustom-DiscordIntegrator-config-theme%7CCustom-DiscordIntegrator-config-width%7CCustom-DiscordIntegrator-config-height%7CCustom-DiscordIntegrator-config-text%7CCustom-DiscordIntegrator-config-logged-in%7CCustom-DiscordIntegrator-config-footer%7CCustom-DiscordIntegrator-config-username&amlang=en&smaxage=300&maxage=300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dc8c3ca827ed6378a0b6e63457c9c4968951d4a29cd2144f6f49efbbc0349b78

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://malware.wikia.org/wiki/Sodinokibi
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 90fbf735-78d8-4d2e-8f92-c501ebbc1ba7
age: 230
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-disposition: inline; filename="api-result.json"
content-length: 183
x-served-by: mediawiki-prod-ucp-58944cbf77-skllr, cache-wk-sjc3162-WIKIA, cache-fra19133-FRA
x-trace-id: a0673aba-7c4c-4d98-a985-396d34cdbdf3
x-backend-response-time: 0.016
x-datacenter: SJC
x-frame-options: DENY
date: Mon, 18 May 2020 14:02:13 GMT
vary: Accept-Encoding, Cookie
content-type: application/json; charset=utf-8
cache-control: s-maxage=300, max-age=300, public
accept-ranges: bytes
x-timer: S1589810534.852862,VS0,VE1
x-cache-hits: ORIGIN, 1, 1

GET
H2 200 widget
discord.com/ Frame 5D6D 0
0 205ms
82ms Document
text/html 162.159.128.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/widget?id=538516185516474374&theme=dark&username=null

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.233 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: discord.com
:scheme: https
:path: /widget?id=538516185516474374&theme=dark&username=null
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://malware.wikia.org/wiki/Sodinokibi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://malware.wikia.org/wiki/Sodinokibi

Response headers

status: 200
date: Mon, 18 May 2020 14:02:14 GMT
content-type: text/html
set-cookie: __cfduid=d3cc7d38efc0ae846b0c2c132ce40b35e1589810534; expires=Wed, 17-Jun-20 14:02:14 GMT; path=/; domain=.discord.com; HttpOnly; SameSite=Lax; Secure
cf-ray: 59561d5d9d2cfa98-AMS
cache-control: public, max-age=14400
etag: W/"d8953876016c454833620df170fa0f3c"
last-modified: Sat, 28 Dec 2019 00:42:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-build-id: 7076453
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
cf-request-id: 02c9b0ae830000fa9840965200000001

GET
H2 404 index.php Show response
malware.wikia.org/ 0
478 B 186ms
186ms XHR
text/x-wiki 2a04:4e42:400::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/index.php?title=User:null/WAM%20Log&action=raw&_=1589810534016

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://malware.wikia.org/wiki/Sodinokibi
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 0
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: MISS, MISS
status: 404
content-length: 20
x-served-by: mediawiki-prod-ucp-58944cbf77-zbhtq, cache-wk-sjc3162-WIKIA, cache-fra19133-FRA
x-datacenter: SJC
date: Mon, 18 May 2020 14:02:14 GMT
vary: Accept-Encoding, Cookie
content-type: text/x-wiki; charset=UTF-8
cache-control: private, s-maxage=0, max-age=0, must-revalidate
accept-ranges: bytes
x-timer: S1589810534.019702,VS0,VE180
x-cache-hits: 0, 0

GET
H/1.1 200
OK WAMIndex Show response
railwam.herokuapp.com/api/v1/WAM/ 539 B
2 KB 201ms
200ms XHR
application/json 18.235.131.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://railwam.herokuapp.com/api/v1/WAM/WAMIndex?wam_day=1589587200&wam_previous_day=1589500800&wiki_id=12344&sort_column=wam&limit=1&fetch_admins=false&fetch_wiki_images=false

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.235.131.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-235-131-250.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

221080003329094bea41848f76602f46dd80d7f43114dc54950cab2d990b25a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Cacheable: YES
X-Span-Id: 191ebba7-d976-40fd-bc12-48a6c8afde6d
Age: 9453
Content-Security-Policy-Report-Only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.fandom.com/csp-logger/csp/app
X-Cache: ORIGIN, HIT, HIT
Connection: keep-alive
Content-Length: 286
X-Served-By: mediawiki-prod-ucp-68fc999d99-gsb7f, cache-wk-sjc3162-WIKIA, cache-wdc5554-WDC
X-Trace-Id: ab66a57a-7912-49fa-a239-45ad710805ef
Access-Control-Allow-Origin: *
X-Backend-Response-Time: 0.020
Server: Cowboy
X-Datacenter: SJC
Date: Mon, 18 May 2020 14:02:14 GMT
Vary: Accept-Encoding, Cookie
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Via: 1.1 vegur
Cache-Control: public, max-age=21600
Accept-Ranges: bytes
X-Timer: S1589810534.320739,VS0,VE1
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: ORIGIN, 1, 1

GET
H/1.1 200
OK WAMIndex Show response
railwam.herokuapp.com/api/v1/WAM/ 540 B
2 KB 211ms
211ms XHR
application/json 18.235.131.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://railwam.herokuapp.com/api/v1/WAM/WAMIndex?wam_day=1589673600&wam_previous_day=1589587200&wiki_id=12344&sort_column=wam&limit=1&fetch_admins=false&fetch_wiki_images=false

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.235.131.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-235-131-250.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

9b3e8616afddd1063d80532d2680c0c6a7c7401527ef28424df5a406171c1794

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://malware.wikia.org/wiki/Sodinokibi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: upgrade-insecure-requests
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Cacheable: YES
X-Span-Id: 9ae264a2-44e6-4bf1-bbb7-0987b58fc989
Age: 14341
Content-Security-Policy-Report-Only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.fandom.com/csp-logger/csp/app
X-Cache: ORIGIN, MISS, HIT
Connection: keep-alive
Content-Length: 287
X-Served-By: mediawiki-prod-ucp-68fc999d99-ws9xl, cache-wk-sjc3163-WIKIA, cache-bwi5055-BWI
X-Trace-Id: 65e3e5b8-849b-4d69-a329-0c3cfdd13faa
Access-Control-Allow-Origin: *
X-Backend-Response-Time: 0.020
Server: Cowboy
X-Datacenter: SJC
Date: Mon, 18 May 2020 14:02:14 GMT
Vary: Accept-Encoding, Cookie
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Via: 1.1 vegur
Cache-Control: public, max-age=21600
Accept-Ranges: bytes
X-Timer: S1589810535.524001,VS0,VE0
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: ORIGIN, 0, 2

Verdicts & Comments Add Verdict or Comment

355 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
malware.wikia.org/	1970-01-19 09:36:51	Name: _sg_b_p Value: %2Fwiki%2FSodinokibi
malware.wikia.org/	1969-12-31 23:59:59	Name: mnet_session_depth Value: 1%7C1589810533505
malware.wikia.org/	1970-01-19 11:46:26	Name: _sg_b_v Value: 1%3B0%3B1589810534
malware.wikia.org/	1970-01-19 09:36:52	Name: pv_number Value: 1
.wikia.org/	1970-01-25 20:31:23	Name: WikiaLifetimeSource Value:
malware.wikia.org/	1970-01-21 05:24:50	Name: _sg_b_n Value: 1589810534021
.wikia.org/	1970-01-19 13:56:02	Name: optimizelyEndUserId Value: oeu1589810532691r0.6433513981294086
.wikia.org/	1970-01-19 09:36:52	Name: pv_number_global Value: 1
.wikia.org/	1969-12-31 23:59:59	Name: Geo Value: {%22region%22:%22BY%22%2C%22country%22:%22DE%22%2C%22continent%22:%22EU%22}
.wikia.org/	1970-01-19 09:36:52	Name: tracking_session_id Value: d8d0f026-07e0-4b70-89c6-8ab6878be02c
.wikia.org/	1969-12-31 23:59:59	Name: WikiaSessionSource Value:
.wikia.org/	1970-01-19 09:36:52	Name: wikia_session_id Value: h9GxthN4rw
.wikia.org/	1970-01-19 13:56:02	Name: wikia_beacon_id Value: W9Zjq7Fw8W

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://slot1-images.wikia.nocookie.net/__am/1589447383916/groups/-/abtesting,oasis_blocking,universal_analytics_js,adengine3_top_js,tracking_opt_in_js,qualaroo_blocking_js(Line 607) Message: CCPA: Installing API stub
console-api	log	URL: https://slot1-images.wikia.nocookie.net/__am/1589447383916/groups/-/abtesting,oasis_blocking,universal_analytics_js,adengine3_top_js,tracking_opt_in_js,qualaroo_blocking_js(Line 606) Message: CCPA: User Signal Mechanism initialized
console-api	log	URL: https://slot1-images.wikia.nocookie.net/__am/1589447383916/groups/-/abtesting,oasis_blocking,universal_analytics_js,adengine3_top_js,tracking_opt_in_js,qualaroo_blocking_js(Line 609) Message: CCPA: Geo does not require API
console-api	log	URL: https://slot1-images.wikia.nocookie.net/__am/1589447383916/groups/-/abtesting,oasis_blocking,universal_analytics_js,adengine3_top_js,tracking_opt_in_js,qualaroo_blocking_js(Line 608) Message: CCPA: User Signal Mechanism installed
console-api	log	(Line 1) Message: Media.net Active
console-api	log	(Line 2) Message: Affiliate Unit Override
console-api	log	(Line 1) Message: Survey Gizmo Installed
console-api	debug	URL: https://malware.wikia.org/load.php?debug=false&lang=en&modules=ext.bannerNotifications%2CdesignSystem%2CuserLogin%7Cext.visualEditor.track%2Cve%7Cext.visualEditor.wikia.viewPageTarget.init%7Cext.wikia.AffiliateService%2CGoogleTagManager%2CTimeAgoMessaging%7Cmediawiki.language.data&sass_background-dynamic=false&sass_background-image=https%3A%2F%2Fvignette3.wikia.nocookie.net%2Fmalware%2Fimages%2F5%2F50%2FWiki-background%2Frevision%2Flatest%3Fcb%3D20140919094252&sass_background-image-height=640&sass_background-image-width=640&sass_color-body=%23ebf1f5&sass_color-body-middle=%23bacdd8&sass_color-buttons=%23df0101&sass_color-community-header=%230b0b3b&sass_color-header=%23dd4702&sass_color-links=%23a47719&sass_color-page=%23012e59&sass_oasisTypography=1&sass_page-opacity=87&sass_widthType=0&skin=oasis&version=1589447383916-20200515T181500Z&(Line 30) Message*: Affiliate Tracking [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a17126690382.cdn.optimizely.com
beacon.wikia-services.com
cdn.optimizely.com
d2bnxibecyz4h5.cloudfront.net
dev.fandom.com
dev.wikia.com
discord.com
fonts.gstatic.com
hbx.media.net
logx.optimizely.com
malware.wikia.org
puu.sh
railwam.herokuapp.com
services.fandom.com
services.wikia.org
slot1-images.wikia.nocookie.net
static.wikia.nocookie.net
surveygizmobeacon.s3.amazonaws.com
vignette.wikia.nocookie.net
vignette3.wikia.nocookie.net
vignette4.wikia.nocookie.net
www.fastly-insights.com
www.google-analytics.com
www.googletagmanager.com
151.101.0.194
151.101.14.91
162.159.128.233
18.235.131.250
23.45.99.37
2606:4700:3038::681f:2b8
2a00:1450:4001:81a::2003
2a00:1450:4001:81d::2008
2a00:1450:4001:81d::200e
2a02:26f0:eb:3ac::13b8
2a04:4e42:200::194
2a04:4e42:400::194
52.216.106.188
52.7.165.206
52.84.50.120
72.247.224.27
74.120.188.194
07a677393b4b1e7c77b9e5d8debdf2fe3534ec5c863a028ffbe8566f8714a53b
0c19dcd3da804d0a91bef047ffc5f9c780bc74d1e31adcb99f3b496dc5750b04
0d144a47aa43efe0c7618916833f08e63dd788900199c51d19ecbcf79a9dcb02
0ea41215c30660f9d5b9c2e2b6a752f2ae866e3d748122b2bf81af58fce3dabf
182f72be2ac58dda7e2ef9f7c1bc61789c3b6d6c1f86bbe5728251fca1eb1978
18ede43553ee04338aa9adc0266c250a3e8dc519fcaeb51580f8238609f00aae
196162c798734984782b1a2cccd2668b21c91d2ba6be36ed604db68893841161
19fb5523cb3f017cf7ff1a22755459f09a7dfc10176b33cc375be6adcafc9221
221080003329094bea41848f76602f46dd80d7f43114dc54950cab2d990b25a2
23c25f20f5cf8f5feae597dd3381d8e4d7e7df453a6b14d1dd769a2250bb7a9f
2aac80d5253623b6ca2c507350d2b772f477d56beb280e10837e4e75dc3ab1f6
2c27541965013128809f245b9ff14518295bd568984315b224ee2d0eb58ef679
2c530061ef585d4eb2e76df568217dc17cc4cd7e1c5250e0e35d582fff63039f
2eee0fe36709ae2f7a1d64b51b044e819f34ab498b18338e595bcb8b62b0a354
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3309441ac20963e8fa7b0687271db8267648acf786349c398bde61cf1cf0e671
3a5de6615405ccd3c98789d92ba4647c3248ded6f4613dc4e74db1778b796d69
3b8a4c091abc285ed8042fde998d8b2cd40e51d8dc916e8791448b47a3a5590a
3c5f70cab1120e323598e6e635b9b53487d4a2bd6957c93b5313ece1818e5ac2
43ef740799ae12b7d05cd5ee5d60cf57c708c83b1c90c4ed8dcaa3b8c35e0a53
449d3c9aaa6efcf99e7abee31a3167a8c3e34bdb7c21b3a3c03541a930da9c80
456cc2397d11cd9b3d04df6596e4735cc29cb7f9f61b14194e4b4c3ee51350b7
45e2e03e0484d8321f7a12e8e94a4552043d7d7a4416dafdf3f0aa23d34ec097
4872c70fd27d9415ae6f18b30dfd8f8c0373967492ba29cecb1b5e8b7e0bc00c
4887b2f455f85beb8e9dcc0e4484d549ef818d2db316256365ccfc6fecb1e398
4a26f805f927a1468f4e9d9fb3bafdcfad0ada3cf04b03f4983859e48bef2c48
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d362f76e6f29fe8e060edc40f48184d52078bc287a688e137f6e2553c0a959b
508b7a6bc17d839af851c1a7756f43a5870f6db9474185e684945534515b0cec
53224add53de4c20a5db7363faae8b344b9df8281a19d88215feaf9b86a8916a
56837e95079cb221f96db50432a8a6f5c249195d96143dfe34221b674549feb3
5be90c625f1bca410220c4139f3b8e8b53f5b1c8867954725bf1820c3a1f6b7d
5e9cd14decf6d723ec6c95109c21486a3b9521b024c0ceec28348739a3e2e2e6
5f2fc945ccb27501f6b158229aae1a85782af8e7696211e0e36860a3b1819dde
618b11e13b912f1f835576db1d9e85057617aa6eb242fe961660c0e05e4e41e1
6474f8e1fe2d77fdd5a9054eff6e76d4327e5de437f0ca976ea329ae6de41d8d
64c254630624f65b42d554bce9780b58c46225bf100a506938a2baf2a45057ac
68c77cb405cf2961bbdad3393a38b65268280144e209da515a14989926dc9716
6cbe19bb7614b9dc5fa43ad77c605281d90e73a83105c627cc29fecf9a3024d8
6eff6f790d0dc40fd6cf7d349e45f258af23cecf12f64dc080b178bb923d1cae
725bff9a83f83ba4a96e8256bea8822f49a0c2c821311abcfb39c6b46714beaf
72be020a6adc37efd291e0cfce853e9b8d418104db78aa35c50332319a2f02fa
73cc91d633f979b5d1740f1cfe9b1ef0d7df385a0f2feec326fea2be32f43106
76a8471b8426f10b20a1aa9779677b38d9846a5b88d82b0227c19d57b02cda5d
7bbbdf51e13ce20280f501209cdb6bcf941e81d6c856829b94a1a036f01cf2cc
7c16d6d1d6ca8fa125febf7c550be9e1c7a1c857940306b6b268aede2dc0da62
7c38917545535036769b8c5e299fb85b1e5f45d46ffa4ea704587d0f68ef4db9
802d62cbcbc0d3634542174027c89e0a82e997d2cae9f5ebf089d04fa35b5f3f
818e970d6349a9f1f4e7982416ee1909da66efe196dcbed916228e8b7c457ade
85167ff0f66e95cc25e978ede3097cf9f94b173924ee6cb411d0ddcd268a6b01
85b766db5560c269bacaba40acfcea95a70bb2b1ba6056531d9077f0eb92a933
8aa5a03749b87dfded5168574a09605bc1bfda348266dae7f4cacbdc671293c1
8b7ced1bc64700c521def586a51b747f817c0ea0c46a1f53dfb06e93d188cf40
8fed7e12a70de30c9f6110fb97081dba50fd03393500cd351070c26707dd2c89
92e72d19bacb3cbf258b26f619497102b318afa42b4448e03e921cf1b1dc1210
933cd98e932afa3e86311d20912fec831f4830052fed943c43e1aad5a5ee5169
95927a3d82a71ba8927713a189420285f863ce3052865db6c9eaba6e67503148
97cfbe360b8d3cccf18c38f4b83153ebe0a9f1442da1bd928a49dee63da41d2e
986cb1f502a55391a448235c90316f9d7540b5ab8057eea89f759a7155fcb1d6
9b3e8616afddd1063d80532d2680c0c6a7c7401527ef28424df5a406171c1794
9c27cb90f24aa4d9375eecf6b16a0b3f265686a9d2038e7678a8aa3298063283
9c5434ac869a9b191f38a2291902bb3d32eb7f1a0da455c6b4dd0bbbba350f14
9f616d618c0cc1e0b3b7befe6f404d272e0ed2974a01b88218070d675680c24b
a277f24bc4db148ce882f14c5b24ad8a7695d48995b218c8cddf5e1697ff0cb6
a27b09b2a54696a932fd5283de93fc6fbba91cf4b6c37bce51cbeb18be6ca325
a2d1ecd10debaaa0876d06584f2a601ad2a3ff76a21c6ca659fc0b131339269a
a4a6c26e1f875ee51008dfd636469d857b9f23fcbaff7e92f2b68d2f723e0982
a922596b5b1c3774b8741c3e4cdad4188a42f4eb90ee8f6b2db26aa968b95475
af38ed9df488ca149342b521e7aba9fdece85284a2d518ee05c67ae1084abe73
affd1a555d37f98455ae507adba6a9387e85a11c102059fb112a7d0d85d91f24
b0739847044b81584688415978da70a64110bd61d37237c6faf676c0965461f9
b44555490840da5d41cf9c3657c31f39b2e9ccccb1c5d9a622e596fcc1f573ad
b650d53b37001ac7d4de646464e79a580211aa638308f9eb450f21bdf3b226af
b762a39f0d51b3a61911a03dae2a91e0053058f18d1ad8cddfd1159808c01f66
bc51a7741f4d9ee483aa4ddaab5bdeca84312a1a5804f7dcf079b0e91dbd2ad2
bca80b0ea14bfd07037efeeb7d4c1b7cef218026e448433448973fd65b10dc18
be1aea8a2775ef33fad0722e59ef07278322848d336ef5456b35ba7581e0ef67
c933555081d2d1127b539cb4a03178dd87a4b058505ee75fd7b74b56769537cf
ca4bbabd241bfff1ba385f14b9e8cc50def63b2066694ae4a6bba203487855ed
cad7d129f34c47eef5d0612991f8427e5d046a805336d769870e9069b5858b10
cc0666860ac6fbfbc23eca7cf4aaa2fddf2744558cf0ea46d8a4546773969818
cc35aed0bbd2e80a54e7ab55def169224339e6000c0a58e179ca94d681cfd2ec
cd044dbd1f25b1b7f5e15f241ff59debaa23c52fa766a54eb764be7f4033fce8
cd162049c30fb441c1dff2cb468c9a3a6d6a1b30bc9de803b2253638ad41db60
cf254d217a2937fa4f8f1f076654515ec4f86aeb4026b226125c8430981cc691
cf3d45227d9b401c48b8841144ba63d92d57948da0814701ff5b998a98d89036
d854798fb3feeb9095d9dd38629f803bf302ef275a948c6622a60c4a54c18b0a
dc8c3ca827ed6378a0b6e63457c9c4968951d4a29cd2144f6f49efbbc0349b78
e244072d416f7b137e5bb7a6025dbd8a2e3da1e6b51b1c4ebe75355eefc9cd14
e3247f8f3ac33a9de7b1d8ad43f0dd6df87417742eda86c10ce14de3f45425c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5aefb492ef8bac72ee852af6499442b3057758be0a64c56ae44325d3b0a02e6
e9d78667d6d670825872a939c9dae6ba9378edd5f0eee312283ca55c73683a9b
ed6fe953a49b63afc019a173202c3251a6d2146c6a6021f11d00ba25802bb4a1
f1236512c77eec468cd1b642c1f01c27353f761fbe66ebe2f586e3b73f17801c
f132a5a551323ec3133d0c927c4b7e2b222d68789f54a5222152c492bb0a35de
f186055d271de5b9b6dc96573ac9acad6473353553445ebe819ed983fdc21e1c
f2cb62f521903b6fe989b39670b06ee354953303f9626d9d365e5de6d8345e92
f352ca8663ba512477869069039d7339669d33941f6d60911c91cd016f949238
f4b73fff20a625422480f235549bc4ff4b151432ddc556c4c1d37dc53b25a444
f6ecad2f9febc6a72b88f0d3420f9db9ede23a5c87a61b2385ef543aefe752d1
f8030ba6c500215322a6c74dec59aae39c0d6be2a2ed09d6042bbbd146a779a5
f997e06f527904ab55b2b1b41f5a500a2fc41e3eec8e2bd52bf5f6d9216036d3

malware.wikia.org Open in urlscan Pro 2a04:4e42:400::194 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

106 Requests

100 %HTTPS

41 %IPv6

16 Domains

24 Subdomains

18 IPs

5 Countries

1187 kBTransfer

3945 kBSize

13 Cookies

34 Outgoing links

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

malware.wikia.org Open in urlscan Pro
2a04:4e42:400::194 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

100 %
HTTPS

41 %
IPv6

16
Domains

24
Subdomains

18
IPs

5
Countries

1187 kB
Transfer

3945 kB
Size

13
Cookies

106 HTTP transactions
4 data transactions