malware.wikia.org Open in urlscan Pro
2a04:4e42:600::194 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://malware.wikia.org/wiki/Ryuk
Submission: On March 05 via manual (March 5th 2020, 5:35:58 pm UTC) from US

Summary HTTP 94 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 20 IPs in 7 countries across 10 domains to perform 94 HTTP transactions. The main IP is 2a04:4e42:600::194, located in Ascension Island and belongs to FASTLY, US. The main domain is malware.wikia.org.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on February 21st 2020. Valid for: 2 years.

This is the only time malware.wikia.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	2a04:4e42:600... 2a04:4e42:600::194	54113 (FASTLY) (FASTLY)
41	74.120.188.194 74.120.188.194	22300 (WIKIA) (WIKIA)
2	74.120.188.204 74.120.188.204	22300 (WIKIA) (WIKIA)
10	151.101.14.66 151.101.14.66	54113 (FASTLY) (FASTLY)
5	151.101.0.194 151.101.0.194	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3038::681f:2b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::578	54113 (FASTLY) (FASTLY)
1	151.101.234.91 151.101.234.91	54113 (FASTLY) (FASTLY)
1	151.101.130.66 151.101.130.66	54113 (FASTLY) (FASTLY)
1	162.159.135.233 162.159.135.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.10.91 151.101.10.91	54113 (FASTLY) (FASTLY)
2	151.101.114.91 151.101.114.91	54113 (FASTLY) (FASTLY)
1	151.101.174.91 151.101.174.91	54113 (FASTLY) (FASTLY)
1	151.101.2.91 151.101.2.91	54113 (FASTLY) (FASTLY)
1	151.101.14.91 151.101.14.91	54113 (FASTLY) (FASTLY)
1	151.101.6.91 151.101.6.91	54113 (FASTLY) (FASTLY)
1	199.232.38.91 199.232.38.91	54113 (FASTLY) (FASTLY)
94	20

21 2a04:4e42:600::194 (Ascension Island) 1 redirects

ASN54113 (FASTLY, US)

malware.wikia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dev.wikia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
services.wikia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 74.120.188.194 (United States)

ASN22300 (WIKIA, US)

slot1-images.wikia.nocookie.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vignette.wikia.nocookie.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.wikia.nocookie.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.120.188.204 (United States)

ASN22300 (WIKIA, US)

vignette4.wikia.nocookie.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vignette3.wikia.nocookie.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.14.66 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.0.194 (United States)

ASN54113 (FASTLY, US)

dev.fandom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.wikia-services.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::681f:2b8 (United States)

ASN13335 (CLOUDFLARENET, US)

puu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::578 (Ascension Island)

ASN54113 (FASTLY, US)

fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.234.91 (Wellington, New Zealand)

ASN54113 (FASTLY, US)

wlg-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.66 (United States)

ASN54113 (FASTLY, US)

4471ef76-ac39-4f07-8f5b-38b16146d0a7.eu.u.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.135.233 (None, )

ASN13335 (CLOUDFLARENET, US)

discordapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.10.91 (Singapore, Singapore)

ASN54113 (FASTLY, US)

sin-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.91 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

hhn-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pdata.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.174.91 (Johannesburg, South Africa)

ASN54113 (FASTLY, US)

jnb-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.91 (United States)

ASN54113 (FASTLY, US)

any-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.91 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

fra-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.6.91 (Miami, United States)

ASN54113 (FASTLY, US)

mia-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.38.91 (New York, United States)

ASN54113 (FASTLY, US)

lga-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	nocookie.net slot1-images.wikia.nocookie.net vignette4.wikia.nocookie.net vignette.wikia.nocookie.net vignette3.wikia.nocookie.net static.wikia.nocookie.net	527 KB
21	fastly-insights.com www.fastly-insights.com fastly-insights.com wlg-v4.pops.fastly-insights.com 4471ef76-ac39-4f07-8f5b-38b16146d0a7.eu.u.fastly-insights.com sin-v4.pops.fastly-insights.com hhn-v4.pops.fastly-insights.com jnb-v4.pops.fastly-insights.com pdata.pops.fastly-insights.com any-v4.pops.fastly-insights.com fra-v4.pops.fastly-insights.com mia-v4.pops.fastly-insights.com lga-v4.pops.fastly-insights.com	38 KB
20	wikia.org malware.wikia.org services.wikia.org	115 KB
4	fandom.com dev.fandom.com	6 KB
2	gstatic.com fonts.gstatic.com	32 KB
1	discordapp.com discordapp.com
1	wikia-services.com beacon.wikia-services.com	532 B
1	puu.sh puu.sh	5 KB
1	google-analytics.com www.google-analytics.com	18 KB
1	wikia.com 1 redirects dev.wikia.com	462 B
94	10

	Domain	Requested by
21	slot1-images.wikia.nocookie.net	malware.wikia.org slot1-images.wikia.nocookie.net
19	malware.wikia.org	malware.wikia.org slot1-images.wikia.nocookie.net
12	vignette.wikia.nocookie.net	malware.wikia.org slot1-images.wikia.nocookie.net
10	www.fastly-insights.com	malware.wikia.org www.fastly-insights.com
8	static.wikia.nocookie.net	slot1-images.wikia.nocookie.net
4	dev.fandom.com	malware.wikia.org slot1-images.wikia.nocookie.net
2	fonts.gstatic.com	malware.wikia.org
1	lga-v4.pops.fastly-insights.com	www.fastly-insights.com
1	mia-v4.pops.fastly-insights.com	www.fastly-insights.com
1	fra-v4.pops.fastly-insights.com	www.fastly-insights.com
1	any-v4.pops.fastly-insights.com	www.fastly-insights.com
1	pdata.pops.fastly-insights.com	www.fastly-insights.com
1	jnb-v4.pops.fastly-insights.com	www.fastly-insights.com
1	hhn-v4.pops.fastly-insights.com	www.fastly-insights.com
1	sin-v4.pops.fastly-insights.com	www.fastly-insights.com
1	discordapp.com	slot1-images.wikia.nocookie.net
1	4471ef76-ac39-4f07-8f5b-38b16146d0a7.eu.u.fastly-insights.com	www.fastly-insights.com
1	wlg-v4.pops.fastly-insights.com	www.fastly-insights.com
1	fastly-insights.com	www.fastly-insights.com
1	beacon.wikia-services.com	slot1-images.wikia.nocookie.net
1	vignette3.wikia.nocookie.net	malware.wikia.org
1	puu.sh	slot1-images.wikia.nocookie.net
1	services.wikia.org	malware.wikia.org
1	www.google-analytics.com	slot1-images.wikia.nocookie.net
1	dev.wikia.com	1 redirects
1	vignette4.wikia.nocookie.net	malware.wikia.org
94	26

This site contains links to these domains. Also see Links.

Domain
www.wikia.org
malware.wikia.com
es.malware.wikia.com
it.malware.wikia.com
pl.malware.wikia.com
id.malware.wikia.com
ja.malware.wikia.com
zh.malware.wikia.com
vignette.wikia.nocookie.net
www.fandom.com
bit.ly
fandom.zendesk.com
community.fandom.com
fandom.link

Subject Issuer	Validity	Valid
*.wikia-services.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-02-21` - `2022-05-01`	2 years	crt.sh
*.wikia.nocookie.net DigiCert SHA2 Secure Server CA	`2020-02-19` - `2021-05-26`	a year	crt.sh
fastlyanalytics.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-01-27` - `2021-01-27`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-07` - `2020-10-09`	8 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
ssl711320.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-02-13` - `2020-08-21`	6 months	crt.sh

This page contains 2 frames:

Primary Page: https://malware.wikia.org/wiki/Ryuk
Frame ID: D80410DA3DD2833A181A9D90669339F2
Requests: 97 HTTP requests in this frame

Frame: https://discordapp.com/widget?id=538516185516474374&theme=dark&username=null
Frame ID: 85D35863C269A94B03789F80C6003E70
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

MediaWiki (Wikis) Expand

Overall confidence: 100%
Detected patterns

meta generator /^MediaWiki ?(.+)$/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^MediaWiki ?(.+)$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

94
Requests

100 %
HTTPS

26 %
IPv6

10
Domains

26
Subdomains

20
IPs

7
Countries

741 kB
Transfer

2350 kB
Size

8
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wikia.org/
Title:

Search URL Search Domain Scan URL

URL: https://www.wikia.org/signin?redirect=https%3A%2F%2Fmalware.wikia.org%2Fwiki%2FRyuk
Title: Sign In

Search URL Search Domain Scan URL

URL: https://www.wikia.org/register?redirect=https%3A%2F%2Fmalware.wikia.org%2Fwiki%2FRyuk
Title: Register

Search URL Search Domain Scan URL

URL: http://malware.wikia.com/d
Title: Discussions

Search URL Search Domain Scan URL

URL: http://es.malware.wikia.com/wiki/Malware_Wiki
Title: Español

Search URL Search Domain Scan URL

URL: http://it.malware.wikia.com/wiki/Malware_Wiki
Title: Italiano

Search URL Search Domain Scan URL

URL: http://pl.malware.wikia.com/wiki/Malware_Wiki
Title: Polski

Search URL Search Domain Scan URL

URL: http://id.malware.wikia.com/wiki/Halaman_Utama
Title: Bahasa Indonesia

Search URL Search Domain Scan URL

URL: http://ja.malware.wikia.com/wiki
Title: 日本語

Search URL Search Domain Scan URL

URL: http://zh.malware.wikia.com/wiki/Malware_Wiki_%E4%B8%AD%E6%96%87
Title: 中文

Search URL Search Domain Scan URL

URL: https://vignette.wikia.nocookie.net/malware/images/3/32/Ryuk.jpg/revision/latest?cb=20191112235555
Title:

Search URL Search Domain Scan URL

URL: https://www.fandom.com/licensing
Title: CC-BY-SA

Search URL Search Domain Scan URL

URL: http://bit.ly/en-spotlight-wubbz
Title: Wubbzypedia

Search URL Search Domain Scan URL

URL: http://bit.ly/en-spotlight-101dalmatian
Title: 101 Dalmatian Street Wiki

Search URL Search Domain Scan URL

URL: http://bit.ly/en-spotlight-finalspace
Title: Final Space Wiki

Search URL Search Domain Scan URL

URL: https://www.fandom.com/terms-of-use
Title:

Search URL Search Domain Scan URL

URL: https://www.fandom.com/privacy-policy
Title:

Search URL Search Domain Scan URL

URL: https://fandom.zendesk.com/
Title:

Search URL Search Domain Scan URL

URL: https://community.fandom.com/wiki/Help:Contents
Title:

Search URL Search Domain Scan URL

URL: https://fandom.link/FandomWikis
Title: Follow Fandom Wikis on Twitter

Search URL Search Domain Scan URL

URL: http://bit.ly/31KuElR
Title: JokeyPsych

Search URL Search Domain Scan URL

URL: https://bit.ly/EndgameHT
Title: EndgameHonest

Search URL Search Domain Scan URL

URL: https://fandom.link/NeverSurrender
Title: GalaxyQuest

Search URL Search Domain Scan URL

URL: https://www.fandom.com/partner-list
Title: Partner List

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://dev.wikia.com/load.php?mode=articles&articles=u:dev:MediaWiki:RectangularButtons/code.css&only=styles HTTP 301
https://dev.fandom.com/load.php?mode=articles&articles=u:dev:MediaWiki:RectangularButtons/code.css&only=styles

Request Chain 32

https://puu.sh/pyeX9/83d808d9e1.cur HTTP 0
http://puu.sh/pyeX9/83d808d9e1.cur HTTP 0
http://puu.sh/pyeX9/83d808d9e1.cur HTTP 0
http://puu.sh/pyeX9/83d808d9e1.cur

94 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Ryuk Show response
malware.wikia.org/wiki/ 102 KB
26 KB 35ms
8ms Document
text/html 2a04:4e42:600::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7443ce38cce3be2d9255509e1727e1b3773341074e4d229ae9aabf8d454281d5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: malware.wikia.org
:scheme: https
:path: /wiki/Ryuk
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
content-encoding: gzip
content-language: en
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
content-type: text/html; charset=utf-8
etag: "20200305123123-1583402581668"
last-modified: Thu, 05 Mar 2020 12:31:23 GMT
x-backend-response-time: 0.104
x-content-type-options: nosniff
x-span-id: 440314eb-0e27-4dd2-b7ec-d07ab8f79730
x-trace-id: ada42318-3344-4735-8c0d-d2a5fa08de3c
x-datacenter: SJC
x-cacheable: YES
accept-ranges: bytes
date: Thu, 05 Mar 2020 17:35:38 GMT
age: 15582
x-served-by: mediawiki-prod-ucp-76f6ffcb59-2h5cr, cache-wk-sjc3162-WIKIA, cache-fra19171-FRA
x-cache: ORIGIN, HIT, HIT
x-cache-hits: ORIGIN, 5, 1
x-timer: S1583429739.990805,VS0,VE2
vary: Accept-Encoding, Cookie
set-cookie: wikia_beacon_id=8jEOWsb_gs; domain=.wikia.org; path=/; expires=Tue, 01 Sep 2020 17:35:38 GMT; SameSite=None; Secure; wikia_session_id=mv-IFqgeHD; domain=.wikia.org; path=/; expires=Thu, 05 Mar 2020 18:05:38 GMT; SameSite=None; Secure; Geo={%22region%22:%22BY%22%2C%22country%22:%22DE%22%2C%22continent%22:%22EU%22}; path=/; domain=.wikia.org; SameSite=None; Secure;
cache-control: private, s-maxage=0, max-age=0, must-revalidate
content-length: 25966

GET
H2 200 Qualaroo.scss
slot1-images.wikia.nocookie.net/__am/1583402581668/sasses/background-dynamic%3Dfalse%26background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimages%252F5%252F50%252FWi... 362 KB
58 KB 83ms
32ms Stylesheet
text/css 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1583402581668/sasses/background-dynamic%3Dfalse%26background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimages%252F5%252F50%252FWiki-background%252Frevision%252Flatest%253Fcb%253D20140919094252%26background-image-height%3D640%26background-image-width%3D640%26color-body%3D%2523ebf1f5%26color-body-middle%3D%2523bacdd8%26color-buttons%3D%2523df0101%26color-community-header%3D%25230b0b3b%26color-header%3D%2523dd4702%26color-links%3D%2523a47719%26color-page%3D%2523012e59%26oasisTypography%3D1%26page-opacity%3D87%26widthType%3D0/skins/oasis/css/oasis.scss,extensions/wikia/Forum/css/ForumTag.scss,extensions/wikia/DesignSystem/styles/design-system.scss,extensions/wikia/CommunityHeader/styles/index.scss,extensions/wikia/PageHeader/styles/index.scss,extensions/wikia/Recirculation/styles/recirculation.scss,extensions/wikia/EmbeddableDiscussions/styles/EmbeddableDiscussions.scss,extensions/wikia/PortableInfobox/styles/PortableInfobox.scss,extensions/wikia/PortableInfobox/styles/PortableInfoboxEuropaTheme.scss,extensions/wikia/AdEngine3/dist/styles.scss,extensions/wikia/Qualaroo/css/Qualaroo.scss

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

1acf8be6b79d597643c5f01e781286088113d4575613935b69ade80d53daa49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 05 Mar 2020 13:02:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
age: 16359
x-cache: ORIGIN, HIT
status: 200
content-length: 58278
x-served-by: mediawiki-prod-ucp-6f645875b7-q69c5, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 05 Mar 2020 13:02:59 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.054
x-cache-hits: ORIGIN, 41

GET
H2 200 load.php
malware.wikia.org/ 7 KB
2 KB 162ms
160ms Stylesheet
text/css 2a04:4e42:600::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?cb=1583402581668&debug=false&lang=en&modules=site&only=styles&skin=oasis&*

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

456cc2397d11cd9b3d04df6596e4735cc29cb7f9f61b14194e4b4c3ee51350b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 6901165b-302e-4db2-8036-04a83df144fb
age: 171
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 1887
x-served-by: mediawiki-prod-ucp-76f6ffcb59-qc7t2, cache-wk-sjc3163-WIKIA, cache-fra19171-FRA
x-trace-id: a566545c-13e1-47b9-a165-e2eb364a1c51
last-modified: Tue, 07 Jan 2020 00:45:22 GMT
x-datacenter: SJC
date: Thu, 05 Mar 2020 17:35:39 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1583429739.005717,VS0,VE155
x-backend-response-time: 0.018
x-cache-hits: ORIGIN, 8, 0

GET
H2 200 wikia.ext.abt3sting Show response
slot1-images.wikia.nocookie.net/__load/-/cb%3D1583402581668%26debug%3Dfalse%26lang%3Den%26only%3Dscripts%26skin%3Doasis/ 179 B
829 B 96ms
45ms Script
text/javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__load/-/cb%3D1583402581668%26debug%3Dfalse%26lang%3Den%26only%3Dscripts%26skin%3Doasis/wikia.ext.abt3sting

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

d854798fb3feeb9095d9dd38629f803bf302ef275a948c6622a60c4a54c18b0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 17:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
x-span-id: 9df6a41e-72c7-4785-89c6-9e8bc4a73e89
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 175
x-served-by: mediawiki-prod-ucp-6f645875b7-vxssg, wk-cdn-f1, wk-cdn-f5
x-trace-id: 6725ff06-a834-49b2-aa02-4486b52e5d51
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Fri, 05 Jul 2019 10:00:00 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-pass-cache-control: public, max-age=300, s-maxage=300
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.009
x-cache-hits: ORIGIN, 627, 0

GET
H2 200 amd%7Cwikia.tracker.stub,stub%7Cwikia.abTest,cache,cookies,document,geo,location,log,querystring,window Show response
slot1-images.wikia.nocookie.net/__load/-/cb%3D1583402581668%26debug%3Dfalse%26lang%3Den%26only%3Dscripts%26skin%3Doasis/ 17 KB
6 KB 96ms
46ms Script
text/javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__load/-/cb%3D1583402581668%26debug%3Dfalse%26lang%3Den%26only%3Dscripts%26skin%3Doasis/amd%7Cwikia.tracker.stub,stub%7Cwikia.abTest,cache,cookies,document,geo,location,log,querystring,window

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

be1aea8a2775ef33fad0722e59ef07278322848d336ef5456b35ba7581e0ef67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 13:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
x-span-id: 3deb665f-d883-4fe2-a906-72042aad4ead
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 5622
x-served-by: mediawiki-prod-ucp-6f645875b7-rbqms, wk-cdn-f1, wk-cdn-f5
x-trace-id: 375cbe9e-5d23-4c4d-87d2-5917f7155efc
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 05 Mar 2020 09:45:00 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-pass-cache-control: public, max-age=2592000, s-maxage=2592000
cache-control: public, max-age=2592000, s-maxage=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.010
x-cache-hits: ORIGIN, 126692, 0

GET
H2 200 abtesting,oasis_blocking,universal_analytics_js,adengine3_top_js,tracking_opt_in_js,qualaroo_blocking_js Show response
slot1-images.wikia.nocookie.net/__am/1583402581668/groups/-/ 706 KB
193 KB 96ms
46ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1583402581668/groups/-/abtesting,oasis_blocking,universal_analytics_js,adengine3_top_js,tracking_opt_in_js,qualaroo_blocking_js

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

a7f27d087e80307b219749cae8f26903a41dacd8b86342a906e8a0ef2a03dad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 13:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 197353
x-served-by: mediawiki-prod-ucp-6f645875b7-4577l, wk-cdn-f4, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 05 Mar 2020 13:00:12 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.236
x-cache-hits: ORIGIN, 290617, 0

GET
H2 200 latest
vignette4.wikia.nocookie.net/malware/images/8/89/Wiki-wordmark.png/revision/ 4 KB
4 KB 78ms
22ms Image
image/webp 74.120.188.204
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette4.wikia.nocookie.net/malware/images/8/89/Wiki-wordmark.png/revision/latest?cb=20160812035434
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.204 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 92e72d19bacb3cbf258b26f619497102b318afa42b4448e03e921cf1b1dc1210

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Dec 2019 16:45:26 GMT
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="Wiki-wordmark.webp"; filename*=UTF-8''Wiki-wordmark.webp
content-length: 3658
x-served-by: thumblr-5fc9978666-h2kt5, wk-cdn-f3, wk-cdn-f1
surrogate-key: 4ff8ebbf8ff8f588a0b9423ecc49d7cde1006661 wiki-malware thumblr original
x-thumbnailer: Thumblr
etag: CIi8o9HM2eUCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 37051, 0

GET
H2 200 310
vignette.wikia.nocookie.net/malware/images/3/32/Ryuk.jpg/revision/latest/scale-to-width-down/ 3 KB
4 KB 71ms
21ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/malware/images/3/32/Ryuk.jpg/revision/latest/scale-to-width-down/310?cb=20191112235555
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: a8664bee07257b6301083e9625a1a57f951b04bbf20440cfa2033e7175459094

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 17 Dec 2019 11:33:53 GMT
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="Ryuk.webp"; filename*=UTF-8''Ryuk.webp
content-length: 3296
x-served-by: thumblr-5fc9978666-mht24, wk-cdn-f5, wk-cdn-f6
surrogate-key: 120ba7d1995c59f47f629e0d7ed604c4081747dc wiki-malware thumblr scale-to-width-down
x-thumbnailer: Thumblr
etag: CMKIyfDv5eUCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 414, 0

GET
H2 200 56
vignette.wikia.nocookie.net/wubbzy/images/7/7e/Me_and_My_Friends_-_128.png/revision/latest/zoom-crop/width/100/height/ 3 KB
3 KB 22ms
21ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/wubbzy/images/7/7e/Me_and_My_Friends_-_128.png/revision/latest/zoom-crop/width/100/height/56?cb=20180423181936
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 844a500337f35a257ba6ad1956cb481d2cac62c32b06aac23bbc1524f92aa6a4

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 02 Mar 2020 09:39:04 GMT
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="Me_and_My_Friends_-_128.webp"; filename*=UTF-8''Me_and_My_Friends_-_128.webp
content-length: 2668
x-served-by: thumblr-7fbcf7fb9d-wdfp6, wk-cdn-f5, wk-cdn-f6
surrogate-key: d72780ceda3fa35fa44641207365fa5dfb2d61ea wiki-wubbzy thumblr zoom-crop
x-thumbnailer: Thumblr
etag: CMupuIrkpeECEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 1644476, 0

GET
H2 200 56
vignette.wikia.nocookie.net/101dalmatianstreet/images/0/0e/Community-header-background/revision/latest/zoom-crop/width/100/height/ 4 KB
4 KB 23ms
23ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/101dalmatianstreet/images/0/0e/Community-header-background/revision/latest/zoom-crop/width/100/height/56?cb=20200106151802
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 4930aa320d3f55b37a0ad235bf61cf03bb473a52410fce5ab8a19151bcf1c38b

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 19 Jan 2020 19:08:05 GMT
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="Community-header-background.webp"; filename*=UTF-8''Community-header-background.webp
content-length: 3792
x-served-by: thumblr-f85b76f47-fxpl8, wk-cdn-f5, wk-cdn-f6
surrogate-key: f01f27efb6386c9a861140fcb8222f45a4a4ef52 wiki-101dalmatianstreet thumblr zoom-crop
x-thumbnailer: Thumblr
etag: CITD29Ki7+YCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 23644313, 0

GET
H2 200 56
vignette.wikia.nocookie.net/final-space/images/7/7e/Final-Space.jpg/revision/latest/zoom-crop/width/100/height/ 4 KB
4 KB 28ms
28ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/final-space/images/7/7e/Final-Space.jpg/revision/latest/zoom-crop/width/100/height/56?cb=20200122100900
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 14c5decb6efee00902ef4d7d56677b0f25f4329c67953694101acae3f64e0d13

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 23 Jan 2020 17:30:37 GMT
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="Final-Space.webp"; filename*=UTF-8''Final-Space.webp
content-length: 3588
x-served-by: thumblr-f85b76f47-2r9dj, wk-cdn-f2, wk-cdn-f6
surrogate-key: 493793915bcdf404bc6b440e90ffdeff02f988c5 wiki-final-space thumblr zoom-crop
x-thumbnailer: Thumblr
etag: CMPh/bT7lucCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 21817661, 0

GET
H2 200 wikiabarIcon.png
slot1-images.wikia.nocookie.net/__cb1583402581668/common/extensions/wikia/WikiaBar/images/ 405 B
715 B 21ms
21ms Image
image/png 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://slot1-images.wikia.nocookie.net/__cb1583402581668/common/extensions/wikia/WikiaBar/images/wikiabarIcon.png
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 2eee0fe36709ae2f7a1d64b51b044e819f34ab498b18338e595bcb8b62b0a354

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 12:56:06 GMT
x-cacheable: YES
age: 16773
x-cache: ORIGIN, HIT
status: 200
content-length: 405
x-served-by: , wk-cdn-f5
last-modified: Tue, 03 Mar 2020 23:45:11 GMT
x-datacenter: SJC
etag: "5e5eec07-195"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 2048

GET
H2 200 load.php Show response
malware.wikia.org/ 25 KB
6 KB 163ms
163ms Script
text/javascript 2a04:4e42:600::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?cb=1583402581668&debug=false&lang=en&modules=startup&newve=1&only=scripts&skin=oasis&*

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

262088cad2064cf472d72c5980b2ccb545097c27edfd55df15576e7338ad5716

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 61da431a-45fb-44ed-b235-7db03d065b95
age: 171
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 5630
x-served-by: mediawiki-prod-ucp-76f6ffcb59-5wgbd, cache-wk-sjc3163-WIKIA, cache-fra19171-FRA
x-trace-id: 0cb1f5c4-21e3-4a97-860f-3eba53b13390
last-modified: Thu, 05 Mar 2020 17:32:47 GMT
x-datacenter: SJC
date: Thu, 05 Mar 2020 17:35:39 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1583429739.076391,VS0,VE157
x-backend-response-time: 0.057
x-cache-hits: ORIGIN, 1, 0

GET
H2 200 oasis_shared_core_js,oasis_shared_js,oasis_anon_js,toc_js,recirculation_js,qualaroo_js Show response
slot1-images.wikia.nocookie.net/__am/1583402581668/groups/-/ 276 KB
76 KB 43ms
43ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1583402581668/groups/-/oasis_shared_core_js,oasis_shared_js,oasis_anon_js,toc_js,recirculation_js,qualaroo_js

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

45e2e03e0484d8321f7a12e8e94a4552043d7d7a4416dafdf3f0aa23d34ec097

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 13:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
age: 16525
x-cache: ORIGIN, HIT
status: 200
content-length: 77622
x-served-by: mediawiki-prod-ucp-6f645875b7-q69c5, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 05 Mar 2020 13:00:13 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.133
x-cache-hits: ORIGIN, 181835

GET
H2 200 search_tracking_js Show response
slot1-images.wikia.nocookie.net/__am/1583402581668/group/-/ 8 KB
3 KB 22ms
21ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1583402581668/group/-/search_tracking_js

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

6cbe19bb7614b9dc5fa43ad77c605281d90e73a83105c627cc29fecf9a3024d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 13:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 2612
x-served-by: mediawiki-prod-ucp-6f645875b7-t42pn, wk-cdn-f3, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 05 Mar 2020 13:00:12 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.011
x-cache-hits: ORIGIN, 293051, 0

GET
H2 200 auth_modal_js Show response
slot1-images.wikia.nocookie.net/__am/1583402581668/group/-/ 3 KB
2 KB 22ms
21ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1583402581668/group/-/auth_modal_js

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

8fed7e12a70de30c9f6110fb97081dba50fd03393500cd351070c26707dd2c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 13:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 1031
x-served-by: mediawiki-prod-ucp-6f645875b7-8zx95, wk-cdn-f1, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 05 Mar 2020 13:00:12 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.007
x-cache-hits: ORIGIN, 292980, 0

GET
H2 200 community_header_js Show response
slot1-images.wikia.nocookie.net/__am/1583402581668/group/-/ 2 KB
2 KB 22ms
21ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1583402581668/group/-/community_header_js

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

9c27cb90f24aa4d9375eecf6b16a0b3f265686a9d2038e7678a8aa3298063283

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 13:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 1006
x-served-by: mediawiki-prod-ucp-6f645875b7-h295r, wk-cdn-f3, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 05 Mar 2020 13:00:12 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.007
x-cache-hits: ORIGIN, 292988, 0

GET
H2 200 page_header_js Show response
slot1-images.wikia.nocookie.net/__am/1583402581668/group/-/ 365 B
787 B 22ms
21ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1583402581668/group/-/page_header_js

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

933cd98e932afa3e86311d20912fec831f4830052fed943c43e1aad5a5ee5169

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 13:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 253
x-served-by: mediawiki-prod-ucp-6f645875b7-r4f9b, wk-cdn-f2, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 05 Mar 2020 13:00:12 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.006
x-cache-hits: ORIGIN, 300365, 0

GET
H2 200 embeddable_discussions_js Show response
slot1-images.wikia.nocookie.net/__am/1583402581668/group/-/ 11 KB
4 KB 22ms
22ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1583402581668/group/-/embeddable_discussions_js

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

8b7ced1bc64700c521def586a51b747f817c0ea0c46a1f53dfb06e93d188cf40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 13:00:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 3312
x-served-by: mediawiki-prod-ucp-6f645875b7-pfkwn, wk-cdn-f3, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 05 Mar 2020 13:00:14 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.007
x-cache-hits: ORIGIN, 195646, 0

GET
H2 200 wikia_in_your_lang_js Show response
slot1-images.wikia.nocookie.net/__am/1583402581668/group/-/ 5 KB
2 KB 22ms
22ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1583402581668/group/-/wikia_in_your_lang_js

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

f186055d271de5b9b6dc96573ac9acad6473353553445ebe819ed983fdc21e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 13:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 1431
x-served-by: mediawiki-prod-ucp-6f645875b7-pfkwn, wk-cdn-f3, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 05 Mar 2020 13:00:12 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.007
x-cache-hits: ORIGIN, 292325, 0

GET
H2 200 portable_infobox_js Show response
slot1-images.wikia.nocookie.net/__am/1583402581668/group/-/ 2 KB
1 KB 22ms
22ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1583402581668/group/-/portable_infobox_js

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

e9d78667d6d670825872a939c9dae6ba9378edd5f0eee312283ca55c73683a9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 13:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 779
x-served-by: mediawiki-prod-ucp-6f645875b7-5tvgx, wk-cdn-f2, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 05 Mar 2020 13:00:12 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.006
x-cache-hits: ORIGIN, 292945, 0

GET
H2 200 visit_source_js Show response
slot1-images.wikia.nocookie.net/__am/1583402581668/group/-/ 1 KB
1 KB 22ms
22ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1583402581668/group/-/visit_source_js

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

85b766db5560c269bacaba40acfcea95a70bb2b1ba6056531d9077f0eb92a933

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 13:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 542
x-served-by: mediawiki-prod-ucp-6f645875b7-j2s6r, wk-cdn-f1, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 05 Mar 2020 13:00:13 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.006
x-cache-hits: ORIGIN, 292761, 0

GET
H2 200 wikia.php Show response
malware.wikia.org/ 6 KB
2 KB 7ms
7ms Script
text/javascript 2a04:4e42:600::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/wikia.php?controller=JSMessages&method=getMessages&format=html&packages=AdEngine3%2CArticleVideo%2CConfirmModal%2CEditPageLayout%2CEmbeddableDiscussions%2CImagePlaceholder%2COasis-generic%2CRecirculation&uselang=en&cb=1583402581668.0.0

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b650d53b37001ac7d4de646464e79a580211aa638308f9eb450f21bdf3b226af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: d9660838-8a9a-4887-b848-fe0d825228e8
age: 16449
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 1838
x-served-by: mediawiki-prod-ucp-76f6ffcb59-dm5wc, cache-wk-sjc3163-WIKIA, cache-fra19171-FRA
x-trace-id: 0c130091-29c0-4594-a6ac-5a27259d468b
x-backend-response-time: 0.022
x-datacenter: SJC
date: Thu, 05 Mar 2020 17:35:39 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=604800
accept-ranges: bytes
x-timer: S1583429739.280075,VS0,VE1
x-cache-hits: ORIGIN, 3, 1

GET
H2 200 load.php Show response
malware.wikia.org/ 3 KB
1 KB 7ms
7ms Script
text/javascript 2a04:4e42:600::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?cb=1583402581668&debug=false&lang=en&modules=ext.siteWideMessages.anon&only=scripts&skin=oasis&*

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3c5f70cab1120e323598e6e635b9b53487d4a2bd6957c93b5313ece1818e5ac2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 8ea11a30-4af7-4dd2-8086-89c2591b8432
age: 16449
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 1098
x-served-by: mediawiki-prod-ucp-76f6ffcb59-t8g7l, cache-wk-sjc3162-WIKIA, cache-fra19171-FRA
x-trace-id: df82fe97-48a6-4ada-addb-39c4096e662f
last-modified: Thu, 05 Mar 2020 09:45:00 GMT
x-datacenter: SJC
date: Thu, 05 Mar 2020 17:35:39 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000, s-maxage=2592000
accept-ranges: bytes
x-timer: S1583429739.286120,VS0,VE1
x-backend-response-time: 0.014
x-cache-hits: ORIGIN, 2, 1

GET
H2 200 load.php Show response
malware.wikia.org/ 3 KB
2 KB 165ms
165ms Script
text/javascript 2a04:4e42:600::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?cb=1583402581668&debug=false&lang=en&modules=site&only=scripts&reviewed=1561936428&skin=oasis&*

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7bbbdf51e13ce20280f501209cdb6bcf941e81d6c856829b94a1a036f01cf2cc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 2aec18eb-4b0f-42e5-be5c-1a1546344c99
age: 171
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 1206
x-served-by: mediawiki-prod-ucp-76f6ffcb59-zdlr4, cache-wk-sjc3162-WIKIA, cache-fra19171-FRA
x-trace-id: af6fbf44-f591-4bd9-8324-5ba0d6898622
last-modified: Tue, 07 Jan 2020 00:45:22 GMT
x-datacenter: SJC
date: Thu, 05 Mar 2020 17:35:39 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1583429739.288017,VS0,VE159
x-backend-response-time: 0.039
x-cache-hits: ORIGIN, 9, 0

GET
H/1.1 200
OK scout.js Show response
www.fastly-insights.com/static/ 55 KB
25 KB 91ms
22ms Script
application/javascript 151.101.14.66
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.66 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d49e13929ca1c7770ce3ce9599f3ab4c942962a5f2b47a2dd5431795a1d6ed0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 05 Mar 2020 17:35:39 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 43200}
Age: 23630
transfer-encoding: chunked
X-Cache: HIT
Connection: keep-alive
Strict-Transport-Security: max-age=86400; includeSubDomains
content-encoding: br
Fastly-Restarts: 1
X-Served-By: cache-fra19153-FRA
Last-Modified: Mon, 24 Feb 2020 16:28:31 GMT
X-Timer: S1583429739.468766,VS0,VE0
ETag: "b52cd977a039ccdd1ad6a5885201ee37"
vary: accept-encoding
Report-To: {"group": "network-errors", "max_age": 43200, "endpoints": [{"url": "https://nel.fastly-insights.com/report"}]}
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: none
X-Cache-Hits: 232353

GET
H2 200 load.php
malware.wikia.org/ 7 KB
2 KB 164ms
164ms Stylesheet
text/css 2a04:4e42:600::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?mode=articles&only=styles&articles=u:dev:MediaWiki:ModernProfile/Masthead.css|u:dev:MediaWiki:ModernProfile/Wall.css

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a27b09b2a54696a932fd5283de93fc6fbba91cf4b6c37bce51cbeb18be6ca325

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: f9872063-81d8-46a4-a211-95017327d499
age: 171
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 1929
x-served-by: mediawiki-prod-f8f7c6854-cz6cd, cache-wk-sjc3163-WIKIA, cache-fra19171-FRA
x-trace-id: db5c33fe-a649-46dc-b65d-8ecf2a16bba7
last-modified: Sat, 12 Oct 2019 15:35:16 GMT
x-datacenter: SJC
date: Thu, 05 Mar 2020 17:35:39 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1583429739.167159,VS0,VE157
x-backend-response-time: 0.022
x-cache-hits: ORIGIN, 8, 1

GET
H2

200

load.php
dev.fandom.com/
Redirect Chain

https://dev.wikia.com/load.php?mode=articles&articles=u:dev:MediaWiki:RectangularButtons/code.css&only=styles
https://dev.fandom.com/load.php?mode=articles&articles=u:dev:MediaWiki:RectangularButtons/code.css&only=styles

2 KB
1 KB

231ms
191ms

Stylesheet
text/css

151.101.0.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.fandom.com/load.php?mode=articles&articles=u:dev:MediaWiki:RectangularButtons/code.css&only=styles

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.16.0 /

Resource Hash

ed6fe953a49b63afc019a173202c3251a6d2146c6a6021f11d00ba25802bb4a1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: d2fd0cb8-f64f-4e30-af4d-b7ba0740355e
age: 0
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.fandom.com/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 425
x-served-by: mediawiki-prod-568b9694b5-6bwvp, cache-wk-sjc3162-WIKIA, cache-ams21065-AMS
x-trace-id: d72aa5fb-c981-45b5-b453-88149ec111f4
last-modified: Sun, 03 Jul 2016 04:05:50 GMT
server: nginx/1.16.0
x-datacenter: SJC
date: Thu, 05 Mar 2020 17:35:39 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1583429739.275169,VS0,VE174
x-backend-response-time: 0.013
x-cache-hits: ORIGIN, 1, 1

Redirect headers

date: Thu, 05 Mar 2020 17:35:39 GMT
x-content-type-options: nosniff
x-cacheable: YES
age: 4645
x-cache: HIT, HIT
status: 301
content-length: 0
x-served-by: cache-wk-sjc3162-WIKIA, cache-fra19171-FRA
x-redirected-by-wf: NotPrimary
x-datacenter: SJC
vary: Accept-Encoding, Cookie
content-type: text/html; charset=UTF-8
location: https://dev.fandom.com/load.php?mode=articles&articles=u:dev:MediaWiki:RectangularButtons/code.css&only=styles
cache-control: s-maxage=86400, must-revalidate, max-age=0
accept-ranges: bytes
x-timer: S1583429739.223588,VS0,VE1
x-cache-hits: 8, 1

GET
H2 200 load.php
malware.wikia.org/ 9 KB
2 KB 160ms
159ms Stylesheet
text/css 2a04:4e42:600::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?mode=articles&articles=u:dev:MediaWiki:FandomizedActivityFeed.css&only=styles

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

45ce8bc11d2c33dbf0721121a984431a44b9efac43b45af080cd6be271d586f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 95a64587-1966-4233-8ed4-9a46cf3f89fa
age: 171
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 1648
x-served-by: mediawiki-prod-ucp-88b59dcc7-78d9h, cache-wk-sjc3163-WIKIA, cache-fra19171-FRA
x-trace-id: 5b5aebb7-ae48-47f9-88ce-1aeef054b3c4
last-modified: Mon, 17 Feb 2020 21:57:09 GMT
x-datacenter: SJC
date: Thu, 05 Mar 2020 17:35:39 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1583429739.167219,VS0,VE154
x-backend-response-time: 0.017
x-cache-hits: ORIGIN, 2, 1

GET
H2 200 load.php
malware.wikia.org/ 20 KB
3 KB 164ms
163ms Stylesheet
text/css 2a04:4e42:600::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?mode=articles&articles=u:dev:MediaWiki:Nord.css&only=styles

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a2d1ecd10debaaa0876d06584f2a601ad2a3ff76a21c6ca659fc0b131339269a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 82b698cb-6ac2-4a45-99cb-1e9b9f2d824e
age: 171
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 2472
x-served-by: mediawiki-prod-f8f7c6854-s4hcw, cache-wk-sjc3163-WIKIA, cache-fra19171-FRA
x-trace-id: dd3de506-9040-40c4-9f23-0c6b9fc156a5
last-modified: Tue, 15 Oct 2019 22:12:45 GMT
x-datacenter: SJC
date: Thu, 05 Mar 2020 17:35:39 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1583429739.167247,VS0,VE156
x-backend-response-time: 0.021
x-cache-hits: ORIGIN, 4, 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: slot1-images.wikia.nocookie.net
URL: https://slot1-images.wikia.nocookie.net/__am/1583402581668/groups/-/abtesting,oasis_blocking,universal_analytics_js,adengine3_top_js,tracking_opt_in_js,qualaroo_blocking_js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6209
date: Thu, 05 Mar 2020 15:52:10 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Thu, 05 Mar 2020 17:52:10 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 404 app
services.wikia.org/csp-logger/csp/ 0
0 199ms
165ms Other
text/plain 2a04:4e42:600::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://services.wikia.org/csp-logger/csp/app
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::194 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Origin: https://malware.wikia.org
Sec-Fetch-Dest: report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2

200

83d808d9e1.cur
puu.sh/pyeX9/
Redirect Chain

https://puu.sh/pyeX9/83d808d9e1.cur
http://puu.sh/pyeX9/83d808d9e1.cur
http://puu.sh/pyeX9/83d808d9e1.cur
http://puu.sh/pyeX9/83d808d9e1.cur

4 KB
5 KB

233ms
194ms

Image
application/x-123

2606:4700:3038::681f:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://puu.sh/pyeX9/83d808d9e1.cur

Requested by

Host: slot1-images.wikia.nocookie.net
URL: https://slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26only%3Dscripts%26skin%3Doasis%26version%3D1583402581668-20200305T094500Z/jquery,mediawiki

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::681f:2b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Response headers

date: Thu, 05 Mar 2020 17:35:39 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Apr 2019 22:53:53 GMT
server: cloudflare
x-s3n: HIT
etag: "d8876bffd27ab78c9ada26a73d8755f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/x-123
status: 200
content-disposition: inline; filename="cursor+(1).cur"
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 56f5983ffb370eb3-FRA
content-length: 4286

GET
H2 200 latest
vignette3.wikia.nocookie.net/malware/images/5/50/Wiki-background/revision/ 13 KB
13 KB 25ms
24ms Image
image/webp 74.120.188.204
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette3.wikia.nocookie.net/malware/images/5/50/Wiki-background/revision/latest?cb=20140919094252
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.204 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: f997e06f527904ab55b2b1b41f5a500a2fc41e3eec8e2bd52bf5f6d9216036d3

Request headers

Referer: https://slot1-images.wikia.nocookie.net/__am/1583402581668/sasses/background-dynamic%3Dfalse%26background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimages%252F5%252F50%252FWiki-background%252Frevision%252Flatest%253Fcb%253D20140919094252%26background-image-height%3D640%26background-image-width%3D640%26color-body%3D%2523ebf1f5%26color-body-middle%3D%2523bacdd8%26color-buttons%3D%2523df0101%26color-community-header%3D%25230b0b3b%26color-header%3D%2523dd4702%26color-links%3D%2523a47719%26color-page%3D%2523012e59%26oasisTypography%3D1%26page-opacity%3D87%26widthType%3D0/skins/oasis/css/oasis.scss,extensions/wikia/Forum/css/ForumTag.scss,extensions/wikia/DesignSystem/styles/design-system.scss,extensions/wikia/CommunityHeader/styles/index.scss,extensions/wikia/PageHeader/styles/index.scss,extensions/wikia/Recirculation/styles/recirculation.scss,extensions/wikia/EmbeddableDiscussions/styles/EmbeddableDiscussions.scss,extensions/wikia/PortableInfobox/styles/PortableInfobox.scss,extensions/wikia/PortableInfobox/styles/PortableInfoboxEuropaTheme.scss,extensions/wikia/AdEngine3/dist/styles.scss,extensions/wikia/Qualaroo/css/Qualaroo.scss
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Dec 2019 16:45:26 GMT
x-cacheable: YES
age: 6915012
x-cache: ORIGIN, HIT
status: 200
content-disposition: inline; filename="Wiki-background.webp"; filename*=UTF-8''Wiki-background.webp
content-length: 12806
x-served-by: thumblr-5fc9978666-zsmdn, wk-cdn-f1
surrogate-key: d3b92f3374b90f5addb20f8bef3cc2b54077e0d5 wiki-malware thumblr original
x-thumbnailer: Thumblr
etag: CLqVy9vr2+UCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 34818

GET
H2 200 115
vignette.wikia.nocookie.net/malware/images/0/0e/Community-header-background/revision/latest/zoom-crop/width/471/height/ 24 KB
24 KB 25ms
25ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/malware/images/0/0e/Community-header-background/revision/latest/zoom-crop/width/471/height/115?cb=20170711045240
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 802d62cbcbc0d3634542174027c89e0a82e997d2cae9f5ebf089d04fa35b5f3f

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Dec 2019 19:22:07 GMT
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="Community-header-background.webp"; filename*=UTF-8''Community-header-background.webp
content-length: 24422
x-served-by: thumblr-5fc9978666-lg2rx, wk-cdn-f3, wk-cdn-f6
surrogate-key: 7736c360e7e78a4edebc72e421dd79193d5be950 wiki-malware thumblr zoom-crop
x-thumbnailer: Thumblr
etag: CLO/sNHM2eUCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 38577, 0

GET
H2 200 sprite.png
slot1-images.wikia.nocookie.net/__cb1583283687450/common/skins/shared/images/ 10 KB
11 KB 22ms
22ms Image
image/png 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://slot1-images.wikia.nocookie.net/__cb1583283687450/common/skins/shared/images/sprite.png
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 6eff6f790d0dc40fd6cf7d349e45f258af23cecf12f64dc080b178bb923d1cae

Request headers

Referer: https://slot1-images.wikia.nocookie.net/__am/1583402581668/sasses/background-dynamic%3Dfalse%26background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimages%252F5%252F50%252FWiki-background%252Frevision%252Flatest%253Fcb%253D20140919094252%26background-image-height%3D640%26background-image-width%3D640%26color-body%3D%2523ebf1f5%26color-body-middle%3D%2523bacdd8%26color-buttons%3D%2523df0101%26color-community-header%3D%25230b0b3b%26color-header%3D%2523dd4702%26color-links%3D%2523a47719%26color-page%3D%2523012e59%26oasisTypography%3D1%26page-opacity%3D87%26widthType%3D0/skins/oasis/css/oasis.scss,extensions/wikia/Forum/css/ForumTag.scss,extensions/wikia/DesignSystem/styles/design-system.scss,extensions/wikia/CommunityHeader/styles/index.scss,extensions/wikia/PageHeader/styles/index.scss,extensions/wikia/Recirculation/styles/recirculation.scss,extensions/wikia/EmbeddableDiscussions/styles/EmbeddableDiscussions.scss,extensions/wikia/PortableInfobox/styles/PortableInfobox.scss,extensions/wikia/PortableInfobox/styles/PortableInfoboxEuropaTheme.scss,extensions/wikia/AdEngine3/dist/styles.scss,extensions/wikia/Qualaroo/css/Qualaroo.scss
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 13:16:32 GMT
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 10483
x-served-by: , wk-cdn-f1, wk-cdn-f5
last-modified: Tue, 03 Mar 2020 13:27:12 GMT
x-datacenter: SJC
etag: "5e5e5b30-28f3"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 560491, 0

GET
H2 200 iJWKBXyIfDnIV7nBrXyw023e.woff2
fonts.gstatic.com/s/rubik/v7/ 16 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v7/iJWKBXyIfDnIV7nBrXyw023e.woff2

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

725bff9a83f83ba4a96e8256bea8822f49a0c2c821311abcfb39c6b46714beaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://slot1-images.wikia.nocookie.net/__am/1583402581668/sasses/background-dynamic%3Dfalse%26background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimages%252F5%252F50%252FWiki-background%252Frevision%252Flatest%253Fcb%253D20140919094252%26background-image-height%3D640%26background-image-width%3D640%26color-body%3D%2523ebf1f5%26color-body-middle%3D%2523bacdd8%26color-buttons%3D%2523df0101%26color-community-header%3D%25230b0b3b%26color-header%3D%2523dd4702%26color-links%3D%2523a47719%26color-page%3D%2523012e59%26oasisTypography%3D1%26page-opacity%3D87%26widthType%3D0/skins/oasis/css/oasis.scss,extensions/wikia/Forum/css/ForumTag.scss,extensions/wikia/DesignSystem/styles/design-system.scss,extensions/wikia/CommunityHeader/styles/index.scss,extensions/wikia/PageHeader/styles/index.scss,extensions/wikia/Recirculation/styles/recirculation.scss,extensions/wikia/EmbeddableDiscussions/styles/EmbeddableDiscussions.scss,extensions/wikia/PortableInfobox/styles/PortableInfobox.scss,extensions/wikia/PortableInfobox/styles/PortableInfoboxEuropaTheme.scss,extensions/wikia/AdEngine3/dist/styles.scss,extensions/wikia/Qualaroo/css/Qualaroo.scss
Origin: https://malware.wikia.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 10:12:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Oct 2017 23:02:11 GMT
server: sffe
age: 3655413
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 16012
x-xss-protection: 0
expires: Fri, 22 Jan 2021 10:12:06 GMT

GET
H2 200 gdpr_events Show response
beacon.wikia-services.com/__track/special/ 111 B
532 B 21ms
19ms Script
text/javascript 151.101.0.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.wikia-services.com/__track/special/gdpr_events?lang_code=en&detected_geo=de&beacon=8jEOWsb_gs&ga_category=gdpr-modal&ga_action=impression&ga_label=modal-view
Requested by: Host: slot1-images.wikia.nocookie.net
URL: https://slot1-images.wikia.nocookie.net/__am/1583402581668/groups/-/abtesting,oasis_blocking,universal_analytics_js,adengine3_top_js,tracking_opt_in_js,qualaroo_blocking_js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 2f22c3bf1b2af2e5e9c3fbe027dd9ee916439011a3fe32697f178996449b1355

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 17:35:39 GMT
x-cache: HIT
status: 200
content-length: 111
x-restarts: 0
x-served-by: cache-ams21065-AMS
server: Varnish
x-timer: S1583429740.562943,VS0,VE0
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-selected-backend: sjc_shield
cache-control: private, s-maxage=0, max-age=0, must-revalidate
accept-ranges: bytes
retry-after: 0
x-cache-hits: 0

GET
H2 200 jquery,mediawiki Show response
slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26only%3Dscripts%26skin%3Doasis%26version%3D1583402581668-20200305T094500Z/ 159 KB
46 KB 23ms
22ms Script
text/javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26only%3Dscripts%26skin%3Doasis%26version%3D1583402581668-20200305T094500Z/jquery,mediawiki

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/load.php?cb=1583402581668&debug=false&lang=en&modules=startup&newve=1&only=scripts&skin=oasis&*

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

986cb1f502a55391a448235c90316f9d7540b5ab8057eea89f759a7155fcb1d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 05 Mar 2020 13:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
x-span-id: 3c1b091b-d6d9-4a86-b95a-c9c30d9beada
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 46849
x-served-by: mediawiki-prod-ucp-6f645875b7-mlfr2, wk-cdn-f3, wk-cdn-f5
x-trace-id: b5ee34ff-d9a2-4a77-b54e-16e13d40a14f
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 05 Mar 2020 09:45:00 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-pass-cache-control: public, max-age=2592000, s-maxage=2592000
cache-control: public, max-age=2592000, s-maxage=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.011
x-cache-hits: ORIGIN, 467616, 0

GET
H2 200 ajax.gif
slot1-images.wikia.nocookie.net/__cb1583283687450/common/skins/common/images/ 546 B
883 B 22ms
22ms Image
image/gif 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://slot1-images.wikia.nocookie.net/__cb1583283687450/common/skins/common/images/ajax.gif
Requested by: Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 53224add53de4c20a5db7363faae8b344b9df8281a19d88215feaf9b86a8916a

Request headers

Referer: https://slot1-images.wikia.nocookie.net/__am/1583402581668/sasses/background-dynamic%3Dfalse%26background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimages%252F5%252F50%252FWiki-background%252Frevision%252Flatest%253Fcb%253D20140919094252%26background-image-height%3D640%26background-image-width%3D640%26color-body%3D%2523ebf1f5%26color-body-middle%3D%2523bacdd8%26color-buttons%3D%2523df0101%26color-community-header%3D%25230b0b3b%26color-header%3D%2523dd4702%26color-links%3D%2523a47719%26color-page%3D%2523012e59%26oasisTypography%3D1%26page-opacity%3D87%26widthType%3D0/skins/oasis/css/oasis.scss,extensions/wikia/Forum/css/ForumTag.scss,extensions/wikia/DesignSystem/styles/design-system.scss,extensions/wikia/CommunityHeader/styles/index.scss,extensions/wikia/PageHeader/styles/index.scss,extensions/wikia/Recirculation/styles/recirculation.scss,extensions/wikia/EmbeddableDiscussions/styles/EmbeddableDiscussions.scss,extensions/wikia/PortableInfobox/styles/PortableInfobox.scss,extensions/wikia/PortableInfobox/styles/PortableInfoboxEuropaTheme.scss,extensions/wikia/AdEngine3/dist/styles.scss,extensions/wikia/Qualaroo/css/Qualaroo.scss
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 13:15:36 GMT
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 546
x-served-by: , wk-cdn-f3, wk-cdn-f5
last-modified: Tue, 03 Mar 2020 13:27:12 GMT
x-datacenter: SJC
etag: "5e5e5b30-222"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 892637, 0

GET
DATA 200
OK truncated
/ 86 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8030ba6c500215322a6c74dec59aae39c0d6be2a2ed09d6042bbbd146a779a5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 295 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8aa5a03749b87dfded5168574a09605bc1bfda348266dae7f4cacbdc671293c1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 297 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4b73fff20a625422480f235549bc4ff4b151432ddc556c4c1d37dc53b25a444

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 iJWHBXyIfDnIV7F6iGmd8WD07oB-.woff2
fonts.gstatic.com/s/rubik/v7/ 16 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v7/iJWHBXyIfDnIV7F6iGmd8WD07oB-.woff2

Requested by

Host: malware.wikia.org
URL: https://malware.wikia.org/wiki/Ryuk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182f72be2ac58dda7e2ef9f7c1bc61789c3b6d6c1f86bbe5728251fca1eb1978

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://slot1-images.wikia.nocookie.net/__am/1583402581668/sasses/background-dynamic%3Dfalse%26background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimages%252F5%252F50%252FWiki-background%252Frevision%252Flatest%253Fcb%253D20140919094252%26background-image-height%3D640%26background-image-width%3D640%26color-body%3D%2523ebf1f5%26color-body-middle%3D%2523bacdd8%26color-buttons%3D%2523df0101%26color-community-header%3D%25230b0b3b%26color-header%3D%2523dd4702%26color-links%3D%2523a47719%26color-page%3D%2523012e59%26oasisTypography%3D1%26page-opacity%3D87%26widthType%3D0/skins/oasis/css/oasis.scss,extensions/wikia/Forum/css/ForumTag.scss,extensions/wikia/DesignSystem/styles/design-system.scss,extensions/wikia/CommunityHeader/styles/index.scss,extensions/wikia/PageHeader/styles/index.scss,extensions/wikia/Recirculation/styles/recirculation.scss,extensions/wikia/EmbeddableDiscussions/styles/EmbeddableDiscussions.scss,extensions/wikia/PortableInfobox/styles/PortableInfobox.scss,extensions/wikia/PortableInfobox/styles/PortableInfoboxEuropaTheme.scss,extensions/wikia/AdEngine3/dist/styles.scss,extensions/wikia/Qualaroo/css/Qualaroo.scss
Origin: https://malware.wikia.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 10:10:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Oct 2017 23:02:24 GMT
server: sffe
age: 3655480
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 16184
x-xss-protection: 0
expires: Fri, 22 Jan 2021 10:10:59 GMT

GET
H2 200 amd.shared%7Cext.wikia.facebookTags%7Cjquery.byteLength,checkboxShiftClick,client,cookie,makeCollapsible,messageBox,mw-jump,mwExtension,timeago%7Cmediawiki.Title,Uri,cldr,jqueryMsg,language,user,ut... Show response
slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26skin%3Doasis%26version%3D1583402581668-20200305T094500Z/ 125 KB
38 KB 23ms
23ms Script
text/javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26skin%3Doasis%26version%3D1583402581668-20200305T094500Z/amd.shared%7Cext.wikia.facebookTags%7Cjquery.byteLength,checkboxShiftClick,client,cookie,makeCollapsible,messageBox,mw-jump,mwExtension,timeago%7Cmediawiki.Title,Uri,cldr,jqueryMsg,language,user,util%7Cmediawiki.language.init%7Cmediawiki.legacy.ajax,wikibits%7Cmediawiki.libs.pluralruleparser%7Cmediawiki.page.ready,startup%7Cunderscore%7Cwikia.fbLocale,history,importScript,loader,mw,nirvana,throbber,thumbnailer,tracker

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

b0739847044b81584688415978da70a64110bd61d37237c6faf676c0965461f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 05 Mar 2020 13:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
x-span-id: c11892f5-61ef-4678-a2b1-58349de4dc99
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 37853
x-served-by: mediawiki-prod-ucp-6f645875b7-rmckf, wk-cdn-f2, wk-cdn-f5
x-trace-id: e96b9435-bfc4-49ae-b0a3-78b649ef23be
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 05 Mar 2020 09:45:00 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-pass-cache-control: public, max-age=2592000, s-maxage=2592000
cache-control: public, max-age=2592000, s-maxage=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.014
x-cache-hits: ORIGIN, 109730, 0

GET
H2 200 load.php Show response
malware.wikia.org/ 28 KB
9 KB 8ms
7ms Script
text/javascript 2a04:4e42:600::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?debug=false&lang=en&modules=ext.bannerNotifications%2CdesignSystem%2CuserLogin%7Cext.visualEditor.track%2Cve%7Cext.visualEditor.wikia.viewPageTarget.init%7Cext.wikia.AffiliateService%2CTimeAgoMessaging%7Cmediawiki.language.data&sass_background-dynamic=false&sass_background-image=https%3A%2F%2Fvignette3.wikia.nocookie.net%2Fmalware%2Fimages%2F5%2F50%2FWiki-background%2Frevision%2Flatest%3Fcb%3D20140919094252&sass_background-image-height=640&sass_background-image-width=640&sass_color-body=%23ebf1f5&sass_color-body-middle=%23bacdd8&sass_color-buttons=%23df0101&sass_color-community-header=%230b0b3b&sass_color-header=%23dd4702&sass_color-links=%23a47719&sass_color-page=%23012e59&sass_oasisTypography=1&sass_page-opacity=87&sass_widthType=0&skin=oasis&version=1583402581668-20200305T094500Z&*

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

720d598b9873cb6a916464447a44d5bbcac429d826a334c3ec706b1cf035f3e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 776856b7-fc14-414c-807e-6a786e093a64
age: 16358
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 8474
x-served-by: mediawiki-prod-ucp-76f6ffcb59-f2md9, cache-wk-sjc3163-WIKIA, cache-fra19171-FRA
x-trace-id: ff1d4052-3a21-460f-bdfc-2b8b42fbf11b
last-modified: Thu, 05 Mar 2020 09:45:00 GMT
x-datacenter: SJC
date: Thu, 05 Mar 2020 17:35:39 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000, s-maxage=2592000
accept-ranges: bytes
x-timer: S1583429740.624670,VS0,VE2
x-backend-response-time: 0.019
x-cache-hits: ORIGIN, 1, 1

GET
H2 200 wikia.php Show response
malware.wikia.org/ 8 KB
2 KB 7ms
7ms XHR
application/json 2a04:4e42:600::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/wikia.php?controller=Rail&method=lazyForAnons&articleTitle=Ryuk&cb=1583402581668&excludeScss%5B%5D=skins%2Foasis%2Fcss%2Foasis.scss&excludeScss%5B%5D=extensions%2Fwikia%2FForum%2Fcss%2FForumTag.scss&excludeScss%5B%5D=extensions%2Fwikia%2FDesignSystem%2Fstyles%2Fdesign-system.scss&excludeScss%5B%5D=extensions%2Fwikia%2FCommunityHeader%2Fstyles%2Findex.scss&excludeScss%5B%5D=extensions%2Fwikia%2FPageHeader%2Fstyles%2Findex.scss&excludeScss%5B%5D=extensions%2Fwikia%2FRecirculation%2Fstyles%2Frecirculation.scss&excludeScss%5B%5D=extensions%2Fwikia%2FEmbeddableDiscussions%2Fstyles%2FEmbeddableDiscussions.scss&excludeScss%5B%5D=extensions%2Fwikia%2FPortableInfobox%2Fstyles%2FPortableInfobox.scss&excludeScss%5B%5D=extensions%2Fwikia%2FPortableInfobox%2Fstyles%2FPortableInfoboxEuropaTheme.scss&excludeScss%5B%5D=extensions%2Fwikia%2FAdEngine3%2Fdist%2Fstyles.scss&excludeScss%5B%5D=extensions%2Fwikia%2FQualaroo%2Fcss%2FQualaroo.scss&format=json&namespace=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3546b0220f3d47dc2a9c7104595f755dbc1e34fd4c8992d2ffaeef98a1815604

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://malware.wikia.org/wiki/Ryuk
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 4fd50698-8868-450f-a905-6da2a43934cc
age: 14929
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 2028
x-served-by: mediawiki-prod-ucp-76f6ffcb59-bfdw7, cache-wk-sjc3163-WIKIA, cache-fra19171-FRA
x-trace-id: d8d3ef7c-cbe3-4eac-b6da-0e4a3ce0c9ab
x-backend-response-time: 0.056
x-datacenter: SJC
date: Thu, 05 Mar 2020 17:35:39 GMT
vary: Accept-Encoding, Cookie
content-type: application/json; charset=utf-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-timer: S1583429740.699383,VS0,VE1
x-cache-hits: ORIGIN, 3, 1

GET
H2 200 wikia.php Show response
malware.wikia.org/ 70 B
570 B 160ms
160ms XHR
application/json 2a04:4e42:600::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/wikia.php?controller=SiteWideMessages&method=getAnonMessages&articleId=22980&format=json

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cf3d45227d9b401c48b8841144ba63d92d57948da0814701ff5b998a98d89036

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://malware.wikia.org/wiki/Ryuk
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 7ef32ef5-aa76-4eed-a0ae-60c40411d2b3
age: 3981
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 75
x-served-by: mediawiki-prod-ucp-76f6ffcb59-gt5sp, cache-wk-sjc3162-WIKIA, cache-fra19171-FRA
x-trace-id: 504f2a8a-790f-43c5-a8f8-dc162b6ff95b
x-backend-response-time: 0.014
x-datacenter: SJC
date: Thu, 05 Mar 2020 17:35:39 GMT
vary: Accept-Encoding, Cookie
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
accept-ranges: bytes
x-timer: S1583429740.718119,VS0,VE155
x-cache-hits: ORIGIN, 2, 0

GET
H/1.1 200
OK 17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5 Show response
fastly-insights.com/api/v1/config/ 14 KB
3 KB 26ms
6ms Fetch
application/json 2a04:4e42:600::578
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fastly-insights.com/api/v1/config/17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::578 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b9f0a7c95eafa3f709108d02beb3181bef9c9f7a5ed87552152b9d2bf9a749b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Origin: https://malware.wikia.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Mar 2020 17:35:39 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 43200, "include_subdomains": true}
Age: 8116
transfer-encoding: chunked
X-Cache: HIT
Report-To: {"group": "network-errors", "max_age": 43200, "endpoints": [{"url": "https://nel.fastly-insights.com/report"}], "include_subdomains": true}
Connection: keep-alive
content-encoding: br
X-Served-By: cache-fra19120-FRA
Last-Modified: Mon, 12 Aug 2019 10:54:16 GMT
X-Timer: S1583429740.744287,VS0,VE0
ETag: "73b94a1a1ce6bb6c08fcdca571071c4e"
vary: accept-encoding
Strict-Transport-Security: max-age=86400; includeSubDomains
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
accept-ranges: none
X-Cache-Hits: 2646

GET
H2 200 load.php Show response
malware.wikia.org/ 183 KB
47 KB 162ms
162ms Script
text/javascript 2a04:4e42:600::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?debug=false&lang=en&mode=articles&skin=oasis&missingCallback=importNotifications.importArticleMissing&articles=external%3Adev%3AMediaWiki%3AAdminDashboard+JS-Button%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AAjaxBatchDelete%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AAjaxRC%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AAjaxRename%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AAnchoredRollback%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3ADiscordIntegrator%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3ADisplayClock%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3ADupImageList%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AInputUsername%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3ALastEdited%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AMarkBlocked.js%7CMediaWiki%3Adev.MassPatrol%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AMassRename%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AMessageBlock%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AModernProfile%2FEditButton.js%7Cexternal%3Adev%3AMediaWiki%3ANullEditButton%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AProfileTags.js%7Cexternal%3Adev%3AMediaWiki%3APowerPageMaker%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3APurgeButton%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3ARailWAM%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3ARevealAnonIP%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AWallGreetingButton%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AAddInsights%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AEditConflictAlert%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AMassNullEdit%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AAdminDashboard+block%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AFastDelete%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AMessageWallUserTags%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AInactiveUsers%2Fcode.js%7Cexternal%3Adev%3AMediaWiki%3AQuickDiff%2Fcode.js&reviewed=1561936428&only=scripts

Requested by

Host: slot1-images.wikia.nocookie.net
URL: https://slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26skin%3Doasis%26version%3D1583402581668-20200305T094500Z/amd.shared%7Cext.wikia.facebookTags%7Cjquery.byteLength,checkboxShiftClick,client,cookie,makeCollapsible,messageBox,mw-jump,mwExtension,timeago%7Cmediawiki.Title,Uri,cldr,jqueryMsg,language,user,util%7Cmediawiki.language.init%7Cmediawiki.legacy.ajax,wikibits%7Cmediawiki.libs.pluralruleparser%7Cmediawiki.page.ready,startup%7Cunderscore%7Cwikia.fbLocale,history,importScript,loader,mw,nirvana,throbber,thumbnailer,tracker

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

71a1f5d3a553a7cd142c7fddddbeedf17ce81227367ae1ce1f4f903e779d6707

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: cea92c45-c7fe-4698-be03-ae010aef29d4
age: 171
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 47360
x-served-by: mediawiki-prod-ucp-bb65745b7-9892c, cache-wk-sjc3163-WIKIA, cache-fra19171-FRA
x-trace-id: a11646da-8b46-4d98-905c-a6a721d3b541
last-modified: Sat, 29 Feb 2020 00:55:59 GMT
x-datacenter: SJC
date: Thu, 05 Mar 2020 17:35:39 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1583429740.742193,VS0,VE155
x-backend-response-time: 0.091
x-cache-hits: ORIGIN, 11, 1

GET
H2 200 premium-rail.scss
slot1-images.wikia.nocookie.net/__am/1583402581668/sasses/background-dynamic%3Dfalse%26background-image%3Dhttps%253A%252F%252Fvignette3.wikia.nocookie.net%252Fmalware%252Fimages%252F5%252F50%252FWi... 3 KB
1 KB 22ms
21ms Stylesheet
text/css 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

a277f24bc4db148ce882f14c5b24ad8a7695d48995b218c8cddf5e1697ff0cb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 05 Mar 2020 13:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 857
x-served-by: mediawiki-prod-ucp-6f645875b7-vd8gp, wk-cdn-f2, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 05 Mar 2020 13:03:03 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.009
x-cache-hits: ORIGIN, 54, 0

GET
H/1.1 200
OK o.svg Show response
wlg-v4.pops.fastly-insights.com/ 378 B
1 KB 924ms
307ms Fetch
image/svg+xml 151.101.234.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://wlg-v4.pops.fastly-insights.com/o.svg?u=4471ef76-ac39-4f07-8f5b-38b16146d0a7

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.234.91 Wellington, New Zealand, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Origin: https://malware.wikia.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Mar 2020 17:35:40 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 43200}
X-Timer: S1583429741.525261,VS0,VE0
X-Cache: HIT
Connection: close
Content-Length: 378
X-Served-By: cache-wlg19722-WLG
Server: Varnish
X-Datacenter: WLG
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 43200, "endpoints": [{"url": "https://nel.fastly-insights.com/report"}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK l Show response
4471ef76-ac39-4f07-8f5b-38b16146d0a7.eu.u.fastly-insights.com/ 555 B
1 KB 127ms
29ms Fetch
application/json 151.101.130.66
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://4471ef76-ac39-4f07-8f5b-38b16146d0a7.eu.u.fastly-insights.com/l

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.66 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

72e1484f8fcfb5aa24effd8caca33a9422dfe40fcdfba0113ff0da9b23da0db8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Origin: https://malware.wikia.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Mar 2020 17:35:39 GMT
Via: 1.1 varnish
X-Backend: lookup-eu
X-Cache: HIT
Connection: keep-alive
Content-Length: 555
X-Served-By: cache-ams21074-AMS
Server: Varnish
X-Timer: S1583429740.862611,VS0,VE11
Strict-Transport-Security: max-age=86400; includeSubDomains
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes, bytes
Retry-After: 0
X-Cache-Hits: 0

GET
H2 200 community_page_entry_point_js Show response
slot1-images.wikia.nocookie.net/__am/1583402581668/group/-/ 517 B
826 B 23ms
23ms Script
application/x-javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__am/1583402581668/group/-/community_page_entry_point_js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

af38ed9df488ca149342b521e7aba9fdece85284a2d518ee05c67ae1084abe73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 13:00:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 292
x-served-by: mediawiki-prod-ucp-6f645875b7-w8ht4, wk-cdn-f6, wk-cdn-f5
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 05 Mar 2020 13:00:14 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: application/x-javascript
x-pass-cache-control: public, max-age=2592000
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.006
x-cache-hits: ORIGIN, 260994, 0

GET
H2 200 wikia.php Show response
malware.wikia.org/ 4 KB
1 KB 164ms
162ms XHR
text/html 2a04:4e42:600::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/wikia.php?controller=LatestActivity&method=Index&format=html

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5fa158978ebb1c147e7e07aa79182aeb04a9f28e2a9fae5dcd201886f2146fb2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept: text/html, */*; q=0.01
Referer: https://malware.wikia.org/wiki/Ryuk
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 91fb16ff-089c-4e4a-8275-16b309925d2e
age: 418
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 1108
x-served-by: mediawiki-prod-ucp-76f6ffcb59-vzjw9, cache-wk-sjc3163-WIKIA, cache-fra19171-FRA
x-trace-id: 77e78288-5f23-48b1-a2ae-e7b5d90d44b7
x-backend-response-time: 0.012
x-datacenter: SJC
date: Thu, 05 Mar 2020 17:35:39 GMT
vary: Accept-Encoding, Cookie
content-type: text/html; charset=utf-8
cache-control: public, max-age=600
accept-ranges: bytes
x-timer: S1583429740.769901,VS0,VE157
x-cache-hits: ORIGIN, 3, 0

GET
H2 200 30
static.wikia.nocookie.net/722bf4b0-dc45-4ffe-b231-75719e37be18/scale-to-width-down/ 536 B
1 KB 25ms
23ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wikia.nocookie.net/722bf4b0-dc45-4ffe-b231-75719e37be18/scale-to-width-down/30
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: dff38bf44c0eb18c64765139ec9749fd0069eab30a8d76567ca97bfe21ecfabf

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Dec 2019 18:11:56 GMT
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="%252Ftmp%252Favatar6Onvta.webp"; filename*=UTF-8''%252Ftmp%252Favatar6Onvta.webp
content-length: 536
x-served-by: thumblr-68fc4ccf5-v54xh, wk-cdn-f2, wk-cdn-f5
surrogate-key: 722bf4b0-dc45-4ffe-b231-75719e37be18 thumblr scale-to-width-down
x-thumbnailer: Thumblr
etag: CJXIteGnwuYCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 36098, 0

GET
H2 200 30
static.wikia.nocookie.net/f769a579-bf04-4320-bb20-ca922c56f027/scale-to-width-down/ 492 B
1001 B 25ms
23ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wikia.nocookie.net/f769a579-bf04-4320-bb20-ca922c56f027/scale-to-width-down/30
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 20d0faaff2118bd4aaedd2fa64447d3f14140cf75bc71b1e4761bcd75936fbc5

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 19:47:53 GMT
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="%252Ftmp%252Favatarrf9XmT.webp"; filename*=UTF-8''%252Ftmp%252Favatarrf9XmT.webp
content-length: 492
x-served-by: thumblr-7fbcf7fb9d-z7dxx, wk-cdn-f6, wk-cdn-f5
surrogate-key: f769a579-bf04-4320-bb20-ca922c56f027 thumblr scale-to-width-down
x-thumbnailer: Thumblr
etag: CNOp0/WP4+cCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 681, 0

GET
H2 200 30
vignette.wikia.nocookie.net/messaging/images/1/19/Avatar.jpg/revision/latest/scale-to-width-down/ 196 B
668 B 24ms
22ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/messaging/images/1/19/Avatar.jpg/revision/latest/scale-to-width-down/30
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 196162c798734984782b1a2cccd2668b21c91d2ba6be36ed604db68893841161

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Dec 2019 15:37:15 GMT
x-cacheable: YES
age: 6919104
x-cache: ORIGIN, HIT
status: 200
content-disposition: inline; filename="Avatar.webp"; filename*=UTF-8''Avatar.webp
content-length: 196
x-served-by: thumblr-5fc9978666-f4jz7, wk-cdn-f6
surrogate-key: 9a284b9560d85e849b787eb948562cb778f76fe7 wiki-messaging thumblr scale-to-width-down
x-thumbnailer: Thumblr
etag: CN6Ci+egkOYCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 64752863

GET
H2 200 30
static.wikia.nocookie.net/b6dd4ebf-faff-47f8-b414-fa92d723d04d/scale-to-width-down/ 632 B
1 KB 26ms
24ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wikia.nocookie.net/b6dd4ebf-faff-47f8-b414-fa92d723d04d/scale-to-width-down/30
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: dbfa411df05fcdeb285db3550573c63cd2a039333f88b067ae0890856f9977e8

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 22 Feb 2020 06:48:01 GMT
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="%2Ftmp%2Favatarse7Bi5.webp"; filename*=UTF-8''%2Ftmp%2Favatarse7Bi5.webp
content-length: 632
x-served-by: thumblr-7fbcf7fb9d-twz5x, wk-cdn-f3, wk-cdn-f5
surrogate-key: b6dd4ebf-faff-47f8-b414-fa92d723d04d thumblr scale-to-width-down
x-thumbnailer: Thumblr
etag: CLDI0qHD5OcCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 3632, 0

GET
H2 200 30
static.wikia.nocookie.net/219d2c7e-a658-4696-9df7-7dc2c7e9bfba/scale-to-width-down/ 306 B
817 B 26ms
24ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wikia.nocookie.net/219d2c7e-a658-4696-9df7-7dc2c7e9bfba/scale-to-width-down/30
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 62167de339fc875830a3abfb85a1e1dee28c179ad3517b441c52723d0f52de24

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Dec 2019 19:51:11 GMT
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="%252Ftmp%252FavatarDXoSd9.webp"; filename*=UTF-8''%252Ftmp%252FavatarDXoSd9.webp
content-length: 306
x-served-by: thumblr-5fc9978666-hqm72, wk-cdn-f2, wk-cdn-f5
surrogate-key: 219d2c7e-a658-4696-9df7-7dc2c7e9bfba thumblr scale-to-width-down
x-thumbnailer: Thumblr
etag: CMPjnv/rpeUCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 16306, 0

GET
H2 200 53
vignette.wikia.nocookie.net/malware/images/8/84/%D0%A1%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA_%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0_2014-09-29_%D0%B2_23.36.02.png/revision/latest/smart/width/53/height/ 5 KB
6 KB 27ms
25ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/malware/images/8/84/%D0%A1%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA_%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0_2014-09-29_%D0%B2_23.36.02.png/revision/latest/smart/width/53/height/53?cb=20140929194023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 64c254630624f65b42d554bce9780b58c46225bf100a506938a2baf2a45057ac

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Dec 2019 19:31:04 GMT
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="%253F%253F%253F%253F%253F%253F_%253F%253F%253F%253F%253F%253F_2014-09-29_%253F_23.36.02.webp"; filename*=UTF-8''%253F%253F%253F%253F%253F%253F_%253F%253F%253F%253F%253F%253F_2014-09-29_%253F_23.36.02.webp
content-length: 4954
x-served-by: thumblr-5fc9978666-k22g9, wk-cdn-f5, wk-cdn-f6
surrogate-key: 773d029bf6a28163b6d98e8e829a6b48c3334d26 ad6056c6b202299e91bea8ca36b0351ebf8d6eb9 wiki-malware thumblr smart
x-thumbnailer: Thumblr
etag: CMrUm4WC4eUCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 36104, 0

GET
H2 200 53
vignette.wikia.nocookie.net/malware/images/b/b2/Gbshane_Finecut_1_9-14/revision/latest/smart/width/53/height/ 1 KB
2 KB 28ms
26ms Image
image/jpeg 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/malware/images/b/b2/Gbshane_Finecut_1_9-14/revision/latest/smart/width/53/height/53?cb=20161105083351
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 43ef740799ae12b7d05cd5ee5d60cf57c708c83b1c90c4ed8dcaa3b8c35e0a53

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Dec 2019 19:31:04 GMT
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="Gbshane_Finecut_1_9-14.jpg"; filename*=UTF-8''Gbshane_Finecut_1_9-14.jpg
content-length: 1277
x-served-by: thumblr-5fc9978666-dtz84, wk-cdn-f3, wk-cdn-f6
surrogate-key: 91b764e57bb1f77dd40ab4cb91ff8ab2053590c4 wiki-malware thumblr smart
x-thumbnailer: Thumblr
etag: CIrC9IvU3eUCEAE=
vary: Accept
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 35215, 0

GET
H2 200 53
vignette.wikia.nocookie.net/malware/images/c/ce/MEMZMBR.jpg/revision/latest/smart/width/53/height/ 996 B
1 KB 24ms
23ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/malware/images/c/ce/MEMZMBR.jpg/revision/latest/smart/width/53/height/53?cb=20160925162902
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 18ede43553ee04338aa9adc0266c250a3e8dc519fcaeb51580f8238609f00aae

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Dec 2019 19:31:04 GMT
x-cacheable: YES
age: 6905075
x-cache: ORIGIN, HIT
status: 200
content-disposition: inline; filename="MEMZMBR.webp"; filename*=UTF-8''MEMZMBR.webp
content-length: 996
x-served-by: thumblr-5fc9978666-k9jrs, wk-cdn-f6
surrogate-key: 92dececf31afe7f1c48ba0234422d099555406e9 wiki-malware thumblr smart
x-thumbnailer: Thumblr
etag: COOB0NLo8OUCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 35479

GET
H2 200 53
vignette.wikia.nocookie.net/malware/images/a/a1/Untitled.png/revision/latest/smart/width/53/height/ 1 KB
2 KB 27ms
25ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/malware/images/a/a1/Untitled.png/revision/latest/smart/width/53/height/53?cb=20161220233909
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 3675c53ff71cb1ca23685eef9096d20bed3811cce537911777c81e66b321a008

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Dec 2019 09:03:07 GMT
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="Untitled.webp"; filename*=UTF-8''Untitled.webp
content-length: 1370
x-served-by: thumblr-68fc4ccf5-9ftx8, wk-cdn-f2, wk-cdn-f6
surrogate-key: 5c5b48889f4e3876ef71494635f3f85c6ba3d417 wiki-malware thumblr smart
x-thumbnailer: Thumblr
etag: CKz+9pjNneECEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 27680, 0

GET
H2 200 53
vignette.wikia.nocookie.net/malware/images/9/92/Mrsmajor_exe_computer_virus_by_alinandmlplover-dbk5gov.png/revision/latest/smart/width/53/height/ 1 KB
2 KB 27ms
26ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/malware/images/9/92/Mrsmajor_exe_computer_virus_by_alinandmlplover-dbk5gov.png/revision/latest/smart/width/53/height/53?cb=20180821140017
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: bd30c2ca45be30d43fa2ede56b7fef5f59e7c5d6de616c3f08cb575a7e0fdb28

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 20 Jan 2020 09:15:11 GMT
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="Mrsmajor_exe_computer_virus_by_alinandmlplover-dbk5gov.webp"; filename*=UTF-8''Mrsmajor_exe_computer_virus_by_alinandmlplover-dbk5gov.webp
content-length: 1180
x-served-by: thumblr-f85b76f47-lkv2p, wk-cdn-f2, wk-cdn-f6
surrogate-key: a33d3cb48a91102892bcbb0d877e2877962a6a85 wiki-malware thumblr smart
x-thumbnailer: Thumblr
etag: CNWGuZ/1heYCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 6383, 0

GET
H2 200 load.php Show response
malware.wikia.org/ 5 KB
2 KB 164ms
163ms Script
text/javascript 2a04:4e42:600::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/load.php?debug=false&lang=en&mode=articles&skin=oasis&missingCallback=importNotifications.importArticleMissing&articles=u%3Adev%3AMediaWiki%3AAjaxBatchDelete.js&reviewed=1561936428&only=scripts

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3309441ac20963e8fa7b0687271db8267648acf786349c398bde61cf1cf0e671

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 9a19d4f3-eca2-4e38-a089-483752ba9697
age: 134
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 1758
x-served-by: mediawiki-prod-f8f7c6854-b4ghk, cache-wk-sjc3162-WIKIA, cache-fra19171-FRA
x-trace-id: f03e8e6c-1595-47cf-8751-f3765c4a9cae
last-modified: Fri, 03 Jan 2020 01:46:21 GMT
x-datacenter: SJC
date: Thu, 05 Mar 2020 17:35:40 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1583429740.914395,VS0,VE157
x-backend-response-time: 0.026
x-cache-hits: ORIGIN, 12, 1

GET
H2 200 load.php Show response
malware.wikia.org/ 4 KB
2 KB 160ms
160ms Script
text/javascript 2a04:4e42:600::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cd162049c30fb441c1dff2cb468c9a3a6d6a1b30bc9de803b2253638ad41db60

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 401bfc5e-d08a-4121-a429-27144c643cc1
age: 134
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 1773
x-served-by: mediawiki-prod-f8f7c6854-xv2gw, cache-wk-sjc3163-WIKIA, cache-fra19171-FRA
x-trace-id: 4aac6546-33fc-45b9-a3c2-6ee11e2d1885
last-modified: Sun, 01 Sep 2019 15:34:32 GMT
x-datacenter: SJC
date: Thu, 05 Mar 2020 17:35:40 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1583429740.914436,VS0,VE155
x-backend-response-time: 0.024
x-cache-hits: ORIGIN, 1, 1

GET
H2 200 load.php Show response
malware.wikia.org/ 9 KB
4 KB 161ms
160ms Script
text/javascript 2a04:4e42:600::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b44555490840da5d41cf9c3657c31f39b2e9ccccb1c5d9a622e596fcc1f573ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: d4bc985b-c57d-4ebf-81a2-67018c43d90e
age: 134
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 3524
x-served-by: mediawiki-prod-f8f7c6854-4cgkk, cache-wk-sjc3162-WIKIA, cache-fra19171-FRA
x-trace-id: 642076a3-b503-4992-8d85-9143c745d055
last-modified: Sat, 25 Jan 2020 15:25:25 GMT
x-datacenter: SJC
date: Thu, 05 Mar 2020 17:35:40 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1583429740.914872,VS0,VE154
x-backend-response-time: 0.021
x-cache-hits: ORIGIN, 5, 1

GET
H2 200 mediawiki.api Show response
slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26skin%3Doasis%26version%3D1583402581668-20200305T094500Z/ 2 KB
2 KB 22ms
22ms Script
text/javascript 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to

Full URL

https://slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26skin%3Doasis%26version%3D1583402581668-20200305T094500Z/mediawiki.api

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.120.188.194 , United States, ASN22300 (WIKIA, US),

Reverse DNS

Software

Resource Hash

cc0666860ac6fbfbc23eca7cf4aaa2fddf2744558cf0ea46d8a4546773969818

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 13:00:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES - FORCED
x-span-id: a0b66eb2-02a1-4fb7-b4e4-16a88d8b7cc7
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-length: 1019
x-served-by: mediawiki-prod-ucp-6f645875b7-c6vcg, wk-cdn-f3, wk-cdn-f5
x-trace-id: 5eba3a2e-dbaf-43ff-a3a2-638c7bfa4c94
surrogate-key: wiki-470538 wiki-470538-mediawiki
last-modified: Thu, 05 Mar 2020 09:45:00 GMT
x-datacenter: RES
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-pass-cache-control: public, max-age=2592000, s-maxage=2592000
cache-control: public, max-age=2592000, s-maxage=2592000
accept-ranges: bytes
timing-allow-origin: *
x-backend-response-time: 0.008
x-cache-hits: ORIGIN, 88621, 0

GET
H2 200 load.php
malware.wikia.org/ 438 B
783 B 161ms
160ms Stylesheet
text/css 2a04:4e42:600::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c5aa1d07495f3f2e074471ddc6405705a67ca80f8a8c9b3a9af6285ab0eeceb5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: d164effb-9ba7-45f8-b207-11ecbd2ba74f
age: 134
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, HIT
status: 200
content-length: 266
x-served-by: mediawiki-prod-ucp-88b59dcc7-r4rj9, cache-wk-sjc3162-WIKIA, cache-fra19171-FRA
x-trace-id: 3ba1b156-18e7-497d-98e0-4cc63fdb00f5
last-modified: Mon, 28 Jan 2019 00:05:23 GMT
x-datacenter: SJC
date: Thu, 05 Mar 2020 17:35:40 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-timer: S1583429740.922549,VS0,VE155
x-backend-response-time: 0.078
x-cache-hits: ORIGIN, 5, 1

GET
H2 200 30
static.wikia.nocookie.net/722bf4b0-dc45-4ffe-b231-75719e37be18/scale-to-width-down/ 536 B
1 KB 23ms
22ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wikia.nocookie.net/722bf4b0-dc45-4ffe-b231-75719e37be18/scale-to-width-down/30
Requested by: Host: slot1-images.wikia.nocookie.net
URL: https://slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26only%3Dscripts%26skin%3Doasis%26version%3D1583402581668-20200305T094500Z/jquery,mediawiki
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: dff38bf44c0eb18c64765139ec9749fd0069eab30a8d76567ca97bfe21ecfabf

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Dec 2019 18:11:56 GMT
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="%252Ftmp%252Favatar6Onvta.webp"; filename*=UTF-8''%252Ftmp%252Favatar6Onvta.webp
content-length: 536
x-served-by: thumblr-68fc4ccf5-v54xh, wk-cdn-f2, wk-cdn-f5
surrogate-key: 722bf4b0-dc45-4ffe-b231-75719e37be18 thumblr scale-to-width-down
x-thumbnailer: Thumblr
etag: CJXIteGnwuYCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 36099, 0

GET
H2 200 30
static.wikia.nocookie.net/f769a579-bf04-4320-bb20-ca922c56f027/scale-to-width-down/ 492 B
1001 B 24ms
23ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wikia.nocookie.net/f769a579-bf04-4320-bb20-ca922c56f027/scale-to-width-down/30
Requested by: Host: slot1-images.wikia.nocookie.net
URL: https://slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26only%3Dscripts%26skin%3Doasis%26version%3D1583402581668-20200305T094500Z/jquery,mediawiki
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 20d0faaff2118bd4aaedd2fa64447d3f14140cf75bc71b1e4761bcd75936fbc5

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 19:47:53 GMT
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="%252Ftmp%252Favatarrf9XmT.webp"; filename*=UTF-8''%252Ftmp%252Favatarrf9XmT.webp
content-length: 492
x-served-by: thumblr-7fbcf7fb9d-z7dxx, wk-cdn-f6, wk-cdn-f5
surrogate-key: f769a579-bf04-4320-bb20-ca922c56f027 thumblr scale-to-width-down
x-thumbnailer: Thumblr
etag: CNOp0/WP4+cCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 682, 0

GET
H2 200 30
vignette.wikia.nocookie.net/messaging/images/1/19/Avatar.jpg/revision/latest/scale-to-width-down/ 196 B
668 B 22ms
21ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vignette.wikia.nocookie.net/messaging/images/1/19/Avatar.jpg/revision/latest/scale-to-width-down/30
Requested by: Host: slot1-images.wikia.nocookie.net
URL: https://slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26only%3Dscripts%26skin%3Doasis%26version%3D1583402581668-20200305T094500Z/jquery,mediawiki
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 196162c798734984782b1a2cccd2668b21c91d2ba6be36ed604db68893841161

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Dec 2019 15:37:15 GMT
x-cacheable: YES
age: 6919104
x-cache: ORIGIN, HIT
status: 200
content-disposition: inline; filename="Avatar.webp"; filename*=UTF-8''Avatar.webp
content-length: 196
x-served-by: thumblr-5fc9978666-f4jz7, wk-cdn-f6
surrogate-key: 9a284b9560d85e849b787eb948562cb778f76fe7 wiki-messaging thumblr scale-to-width-down
x-thumbnailer: Thumblr
etag: CN6Ci+egkOYCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 64752866

GET
H2 200 30
static.wikia.nocookie.net/b6dd4ebf-faff-47f8-b414-fa92d723d04d/scale-to-width-down/ 632 B
1 KB 23ms
22ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wikia.nocookie.net/b6dd4ebf-faff-47f8-b414-fa92d723d04d/scale-to-width-down/30
Requested by: Host: slot1-images.wikia.nocookie.net
URL: https://slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26only%3Dscripts%26skin%3Doasis%26version%3D1583402581668-20200305T094500Z/jquery,mediawiki
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: dbfa411df05fcdeb285db3550573c63cd2a039333f88b067ae0890856f9977e8

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 22 Feb 2020 06:48:01 GMT
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="%2Ftmp%2Favatarse7Bi5.webp"; filename*=UTF-8''%2Ftmp%2Favatarse7Bi5.webp
content-length: 632
x-served-by: thumblr-7fbcf7fb9d-twz5x, wk-cdn-f3, wk-cdn-f5
surrogate-key: b6dd4ebf-faff-47f8-b414-fa92d723d04d thumblr scale-to-width-down
x-thumbnailer: Thumblr
etag: CLDI0qHD5OcCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 3633, 0

GET
H2 200 30
static.wikia.nocookie.net/219d2c7e-a658-4696-9df7-7dc2c7e9bfba/scale-to-width-down/ 306 B
817 B 22ms
22ms Image
image/webp 74.120.188.194
WIKIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wikia.nocookie.net/219d2c7e-a658-4696-9df7-7dc2c7e9bfba/scale-to-width-down/30
Requested by: Host: slot1-images.wikia.nocookie.net
URL: https://slot1-images.wikia.nocookie.net/__load/-/debug%3Dfalse%26lang%3Den%26only%3Dscripts%26skin%3Doasis%26version%3D1583402581668-20200305T094500Z/jquery,mediawiki
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.120.188.194 , United States, ASN22300 (WIKIA, US),
Reverse DNS
Software: /
Resource Hash: 62167de339fc875830a3abfb85a1e1dee28c179ad3517b441c52723d0f52de24

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Dec 2019 19:51:11 GMT
x-cacheable: YES - FORCED
age: 0
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="%252Ftmp%252FavatarDXoSd9.webp"; filename*=UTF-8''%252Ftmp%252FavatarDXoSd9.webp
content-length: 306
x-served-by: thumblr-5fc9978666-hqm72, wk-cdn-f2, wk-cdn-f5
surrogate-key: 219d2c7e-a658-4696-9df7-7dc2c7e9bfba thumblr scale-to-width-down
x-thumbnailer: Thumblr
etag: CMPjnv/rpeUCEAE=
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: ORIGIN, 16307, 0

GET
H2 200 api.php Show response
dev.fandom.com/ 3 KB
1 KB 200ms
200ms Script
text/javascript 151.101.0.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.fandom.com/api.php?callback=jQuery18204520672327186235_1583429739616&action=query&format=json&prop=revisions&rvprop=content&titles=MediaWiki%3ACustom-AnchoredRollback%2Fi18n.json&indexpageids=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

098286c742a603264e555a1e661f23e3791000b1ecda8b0ea865532cbe51cf45

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 08e422f0-d659-480d-8c85-9ca5ebef0a40
age: 0
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.fandom.com/csp-logger/csp/app
x-cache: ORIGIN, MISS, MISS
status: 200
content-disposition: inline; filename="api-result.json"
vary: Accept-Encoding, Cookie
content-length: 747
x-served-by: mediawiki-prod-ucp-76f6ffcb59-llbgs, cache-wk-sjc3163-WIKIA, cache-ams21065-AMS
x-trace-id: d056ef70-0c2c-47e1-83ca-06e05b7e42ff
x-backend-response-time: 0.017
x-datacenter: SJC
date: Thu, 05 Mar 2020 17:35:40 GMT
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, s-maxage=3600, public
accept-ranges: bytes
x-timer: S1583429740.082519,VS0,VE183
x-cache-hits: ORIGIN, 0, 0

GET
H2 200 api.php Show response
dev.fandom.com/ 7 KB
2 KB 210ms
209ms Script
text/javascript 151.101.0.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.fandom.com/api.php?callback=jQuery18204520672327186235_1583429739617&action=query&format=json&prop=revisions&rvprop=content&titles=MediaWiki%3ACustom-DiscordIntegrator%2Fi18n.json&indexpageids=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5b44f64315cf16502b5e8bc15b8b4a16bb7c117ef89559e0aaae1f4ed702ebe6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 2d7ff3bd-617f-46d9-8b4f-135230d26310
age: 0
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.fandom.com/csp-logger/csp/app
x-cache: ORIGIN, MISS, MISS
status: 200
content-disposition: inline; filename="api-result.json"
vary: Accept-Encoding, Cookie
content-length: 2053
x-served-by: mediawiki-prod-ucp-76f6ffcb59-t6hww, cache-wk-sjc3162-WIKIA, cache-ams21065-AMS
x-trace-id: 72f92760-5847-4264-b50b-8c9119fa70cd
x-backend-response-time: 0.023
x-datacenter: SJC
date: Thu, 05 Mar 2020 17:35:40 GMT
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, s-maxage=3600, public
accept-ranges: bytes
x-timer: S1583429740.083378,VS0,VE192
x-cache-hits: ORIGIN, 0, 0

GET
H2 200 api.php Show response
dev.fandom.com/ 2 KB
767 B 214ms
214ms Script
text/javascript 151.101.0.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.fandom.com/api.php?callback=jQuery18204520672327186235_1583429739618&action=query&format=json&prop=revisions&rvprop=content&titles=MediaWiki%3ACustom-DupImageList%2Fi18n.json&indexpageids=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.194 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f397338009deaf86023fbfdacabdf913e2a0f9158524fd2f55d7af4f2ea8954f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: c0affd1b-f4a0-4a54-953a-2ad73af48773
age: 0
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.fandom.com/csp-logger/csp/app
x-cache: ORIGIN, MISS, MISS
status: 200
content-disposition: inline; filename="api-result.json"
vary: Accept-Encoding, Cookie
content-length: 574
x-served-by: mediawiki-prod-ucp-76f6ffcb59-vtztb, cache-wk-sjc3163-WIKIA, cache-ams21065-AMS
x-trace-id: 3832391d-0e02-48db-9066-f97383f2fdbf
x-backend-response-time: 0.021
x-datacenter: SJC
date: Thu, 05 Mar 2020 17:35:40 GMT
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, s-maxage=3600, public
accept-ranges: bytes
x-timer: S1583429740.083668,VS0,VE195
x-cache-hits: ORIGIN, 0, 0

GET
H2 200 api.php Show response
malware.wikia.org/ 671 B
524 B 168ms
162ms XHR
application/json 2a04:4e42:600::194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malware.wikia.org/api.php?action=query&format=json&meta=allmessages&ammessages=Custom-DiscordIntegrator-config-id%7CCustom-DiscordIntegrator-config-title%7CCustom-DiscordIntegrator-config-moduleHeight%7CCustom-DiscordIntegrator-config-theme%7CCustom-DiscordIntegrator-config-width%7CCustom-DiscordIntegrator-config-height%7CCustom-DiscordIntegrator-config-text%7CCustom-DiscordIntegrator-config-logged-in%7CCustom-DiscordIntegrator-config-footer%7CCustom-DiscordIntegrator-config-username&amlang=en&smaxage=300&maxage=300

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::194 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dc8c3ca827ed6378a0b6e63457c9c4968951d4a29cd2144f6f49efbbc0349b78

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://malware.wikia.org/wiki/Ryuk
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-span-id: 1640b6b1-7fbc-4619-a92e-680a4222a9da
age: 171
content-security-policy-report-only: default-src https: 'self' data: blob:; script-src https: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'self' 'unsafe-inline' blob:; report-uri https://services.wikia.org/csp-logger/csp/app
x-cache: ORIGIN, HIT, MISS
status: 200
content-disposition: inline; filename="api-result.json"
content-length: 183
x-served-by: mediawiki-prod-ucp-76f6ffcb59-bjg58, cache-wk-sjc3163-WIKIA, cache-fra19171-FRA
x-trace-id: b7f78bb2-0425-4538-82e8-17dc042d9747
x-backend-response-time: 0.016
x-datacenter: SJC
x-frame-options: DENY
date: Thu, 05 Mar 2020 17:35:40 GMT
vary: Accept-Encoding, Cookie
content-type: application/json; charset=utf-8
cache-control: s-maxage=300, max-age=300, public
accept-ranges: bytes
x-timer: S1583429740.299308,VS0,VE155
x-cache-hits: ORIGIN, 4, 0

GET
H2 200 widget
discordapp.com/ Frame 85D3 0
0 347ms
56ms Document
text/html 162.159.135.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discordapp.com/widget?id=538516185516474374&theme=dark&username=null

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.233 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: discordapp.com
:scheme: https
:path: /widget?id=538516185516474374&theme=dark&username=null
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://malware.wikia.org/wiki/Ryuk
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://malware.wikia.org/wiki/Ryuk

Response headers

status: 200
date: Thu, 05 Mar 2020 17:35:40 GMT
content-type: text/html
set-cookie: __cfduid=d40e4a8cd5f297bfdba51c0a6f0c048c71583429740; expires=Sat, 04-Apr-20 17:35:40 GMT; path=/; domain=.discordapp.com; HttpOnly; SameSite=Lax
cf-ray: 56f59847bcc52c16-AMS
cache-control: public, max-age=14400
etag: W/"d8953876016c454833620df170fa0f3c"
last-modified: Sat, 28 Dec 2019 00:42:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-build-id: 7076453
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
0 68ms
22ms Fetch
application/javascript 151.101.14.66
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly-insights.com/b?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5&s=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxNzI3MmNkOC04MmVlLTRlYjUtYjVhMy1iM2NkNTQwM2Y3YzUiLCJleHAiOjE1ODM0Mjk3OTksImlhdCI6MTU4MzQyOTc0MH0._s81V6DBN0NqkRgo_UXLm37Hr5RykAyVTSfJEONwcoI

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.66 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Origin: https://malware.wikia.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 05 Mar 2020 17:35:40 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 43200}
X-Cache: HIT
Access-Control-Allow-Methods: POST, OPTIONS
Connection: keep-alive
X-Served-By: cache-fra19155-FRA
Server: Varnish
X-Timer: S1583429741.789212,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 43200, "endpoints": [{"url": "https://nel.fastly-insights.com/report"}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
sin-v4.pops.fastly-insights.com/ 378 B
1 KB 538ms
179ms Fetch
image/svg+xml 151.101.10.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sin-v4.pops.fastly-insights.com/o.svg?u=4471ef76-ac39-4f07-8f5b-38b16146d0a7

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.10.91 Singapore, Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Origin: https://malware.wikia.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Mar 2020 17:35:41 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 43200}
X-Timer: S1583429741.180095,VS0,VE0
X-Cache: HIT
Connection: close
Content-Length: 378
X-Served-By: cache-sin18046-SIN
Server: Varnish
X-Datacenter: SIN
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 43200, "endpoints": [{"url": "https://nel.fastly-insights.com/report"}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
0 22ms
22ms Fetch
application/javascript 151.101.14.66
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.66 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Origin: https://malware.wikia.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 05 Mar 2020 17:35:41 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 43200}
X-Cache: HIT
Access-Control-Allow-Methods: POST, OPTIONS
Connection: keep-alive
X-Served-By: cache-fra19155-FRA
Server: Varnish
X-Timer: S1583429741.333635,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 43200, "endpoints": [{"url": "https://nel.fastly-insights.com/report"}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
hhn-v4.pops.fastly-insights.com/ 378 B
1 KB 63ms
21ms Fetch
image/svg+xml 151.101.114.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hhn-v4.pops.fastly-insights.com/o.svg?u=4471ef76-ac39-4f07-8f5b-38b16146d0a7

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Origin: https://malware.wikia.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Mar 2020 17:35:41 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 43200}
X-Timer: S1583429741.372892,VS0,VE0
X-Cache: HIT
Connection: close
Content-Length: 378
X-Served-By: cache-hhn4043-HHN
Server: Varnish
X-Datacenter: HHN
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 43200, "endpoints": [{"url": "https://nel.fastly-insights.com/report"}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
0 22ms
22ms Fetch
application/javascript 151.101.14.66
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.66 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Origin: https://malware.wikia.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 05 Mar 2020 17:35:41 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 43200}
X-Cache: HIT
Access-Control-Allow-Methods: POST, OPTIONS
Connection: keep-alive
X-Served-By: cache-fra19155-FRA
Server: Varnish
X-Timer: S1583429741.448025,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 43200, "endpoints": [{"url": "https://nel.fastly-insights.com/report"}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
jnb-v4.pops.fastly-insights.com/ 378 B
1 KB 575ms
191ms Fetch
image/svg+xml 151.101.174.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://jnb-v4.pops.fastly-insights.com/o.svg?u=4471ef76-ac39-4f07-8f5b-38b16146d0a7

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.174.91 Johannesburg, South Africa, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Origin: https://malware.wikia.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Mar 2020 17:35:41 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 43200}
X-Timer: S1583429742.918383,VS0,VE0
X-Cache: HIT
Connection: close
Content-Length: 378
X-Served-By: cache-jnb7027-JNB
Server: Varnish
X-Datacenter: JNB
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 43200, "endpoints": [{"url": "https://nel.fastly-insights.com/report"}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
0 25ms
25ms Fetch
application/javascript 151.101.14.66
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.66 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Origin: https://malware.wikia.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 05 Mar 2020 17:35:42 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 43200}
X-Cache: HIT
Access-Control-Allow-Methods: POST, OPTIONS
Connection: keep-alive
X-Served-By: cache-fra19155-FRA
Server: Varnish
X-Timer: S1583429742.076469,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 43200, "endpoints": [{"url": "https://nel.fastly-insights.com/report"}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
pdata.pops.fastly-insights.com/ 378 B
1 KB 71ms
25ms Fetch
image/svg+xml 151.101.114.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://pdata.pops.fastly-insights.com/o.svg?u=4471ef76-ac39-4f07-8f5b-38b16146d0a7

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Origin: https://malware.wikia.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Mar 2020 17:35:42 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 43200}
X-Timer: S1583429742.123816,VS0,VE0
X-Cache: HIT
Connection: close
Content-Length: 378
X-Served-By: cache-hhn4035-HHN
Server: Varnish
X-Datacenter: HHN
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 43200, "endpoints": [{"url": "https://nel.fastly-insights.com/report"}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
0 23ms
22ms Fetch
application/javascript 151.101.14.66
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.66 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Origin: https://malware.wikia.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 05 Mar 2020 17:35:42 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 43200}
X-Cache: HIT
Access-Control-Allow-Methods: POST, OPTIONS
Connection: keep-alive
X-Served-By: cache-fra19155-FRA
Server: Varnish
X-Timer: S1583429742.198708,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 43200, "endpoints": [{"url": "https://nel.fastly-insights.com/report"}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
any-v4.pops.fastly-insights.com/ 378 B
1 KB 55ms
17ms Fetch
image/svg+xml 151.101.2.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://any-v4.pops.fastly-insights.com/o.svg?u=4471ef76-ac39-4f07-8f5b-38b16146d0a7

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Origin: https://malware.wikia.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Mar 2020 17:35:42 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 43200}
X-Timer: S1583429742.232268,VS0,VE0
X-Cache: HIT
Connection: close
Content-Length: 378
X-Served-By: cache-ams21080-AMS
Server: Varnish
X-Datacenter: AMS
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 43200, "endpoints": [{"url": "https://nel.fastly-insights.com/report"}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
0 22ms
22ms Fetch
application/javascript 151.101.14.66
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.66 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Origin: https://malware.wikia.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 05 Mar 2020 17:35:42 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 43200}
X-Cache: HIT
Access-Control-Allow-Methods: POST, OPTIONS
Connection: keep-alive
X-Served-By: cache-fra19155-FRA
Server: Varnish
X-Timer: S1583429742.305183,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 43200, "endpoints": [{"url": "https://nel.fastly-insights.com/report"}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
fra-v4.pops.fastly-insights.com/ 378 B
1 KB 67ms
21ms Fetch
image/svg+xml 151.101.14.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fra-v4.pops.fastly-insights.com/o.svg?u=4471ef76-ac39-4f07-8f5b-38b16146d0a7

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Origin: https://malware.wikia.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Mar 2020 17:35:42 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 43200}
X-Timer: S1583429742.349613,VS0,VE0
X-Cache: HIT
Connection: close
Content-Length: 378
X-Served-By: cache-fra19182-FRA
Server: Varnish
X-Datacenter: FRA
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 43200, "endpoints": [{"url": "https://nel.fastly-insights.com/report"}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
0 23ms
22ms Fetch
application/javascript 151.101.14.66
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.66 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Origin: https://malware.wikia.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 05 Mar 2020 17:35:42 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 43200}
X-Cache: HIT
Access-Control-Allow-Methods: POST, OPTIONS
Connection: keep-alive
X-Served-By: cache-fra19155-FRA
Server: Varnish
X-Timer: S1583429742.422954,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 43200, "endpoints": [{"url": "https://nel.fastly-insights.com/report"}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
mia-v4.pops.fastly-insights.com/ 378 B
1 KB 369ms
122ms Fetch
image/svg+xml 151.101.6.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mia-v4.pops.fastly-insights.com/o.svg?u=4471ef76-ac39-4f07-8f5b-38b16146d0a7

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.6.91 Miami, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Origin: https://malware.wikia.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Mar 2020 17:35:42 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 43200}
X-Timer: S1583429743.722448,VS0,VE0
X-Cache: HIT
Connection: close
Content-Length: 378
X-Served-By: cache-mia17620-MIA
Server: Varnish
X-Datacenter: MIA
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 43200, "endpoints": [{"url": "https://nel.fastly-insights.com/report"}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
0 24ms
23ms Fetch
application/javascript 151.101.14.66
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.66 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Origin: https://malware.wikia.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 05 Mar 2020 17:35:42 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 43200}
X-Cache: HIT
Access-Control-Allow-Methods: POST, OPTIONS
Connection: keep-alive
X-Served-By: cache-fra19155-FRA
Server: Varnish
X-Timer: S1583429743.845750,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 43200, "endpoints": [{"url": "https://nel.fastly-insights.com/report"}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
lga-v4.pops.fastly-insights.com/ 378 B
1 KB 302ms
89ms Fetch
image/svg+xml 199.232.38.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://lga-v4.pops.fastly-insights.com/o.svg?u=4471ef76-ac39-4f07-8f5b-38b16146d0a7

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.38.91 New York, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Origin: https://malware.wikia.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Mar 2020 17:35:43 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 43200}
X-Timer: S1583429743.090571,VS0,VE0
X-Cache: HIT
Connection: close
Content-Length: 378
X-Served-By: cache-lga21937-LGA
Server: Varnish
X-Datacenter: LGA
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 43200, "endpoints": [{"url": "https://nel.fastly-insights.com/report"}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
0 22ms
22ms Fetch
application/javascript 151.101.14.66
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=17272cd8-82ee-4eb5-b5a3-b3cd5403f7c5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.66 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://malware.wikia.org/wiki/Ryuk
Origin: https://malware.wikia.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 05 Mar 2020 17:35:43 GMT
Via: 1.1 varnish
NEL: {"report_to": "network-errors", "max_age": 43200}
X-Cache: HIT
Access-Control-Allow-Methods: POST, OPTIONS
Connection: keep-alive
X-Served-By: cache-fra19155-FRA
Server: Varnish
X-Timer: S1583429743.198197,VS0,VE0
Strict-Transport-Security: max-age=86400; includeSubDomains
Report-To: {"group": "network-errors", "max_age": 43200, "endpoints": [{"url": "https://nel.fastly-insights.com/report"}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

Verdicts & Comments Add Verdict or Comment

319 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
malware.wikia.org/	1970-01-19 07:50:31	Name: pv_number Value: 1
.wikia.org/	1970-01-25 20:31:23	Name: WikiaLifetimeSource Value:
.wikia.org/	1970-01-19 07:50:31	Name: pv_number_global Value: 1
.wikia.org/	1969-12-31 23:59:59	Name: Geo Value: {%22region%22:%22BY%22%2C%22country%22:%22DE%22%2C%22continent%22:%22EU%22}
.wikia.org/	1970-01-19 07:50:31	Name: tracking_session_id Value: c58c5ad1-ac67-4f3c-8f15-3368ce6cd9a3
.wikia.org/	1969-12-31 23:59:59	Name: WikiaSessionSource Value:
.wikia.org/	1970-01-19 07:50:31	Name: wikia_session_id Value: mv-IFqgeHD
.wikia.org/	1970-01-19 12:09:41	Name: wikia_beacon_id Value: 8jEOWsb_gs

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://slot1-images.wikia.nocookie.net/__am/1583402581668/groups/-/abtesting,oasis_blocking,universal_analytics_js,adengine3_top_js,tracking_opt_in_js,qualaroo_blocking_js(Line 593) Message: CCPA: Installing API stub
console-api	log	URL: https://slot1-images.wikia.nocookie.net/__am/1583402581668/groups/-/abtesting,oasis_blocking,universal_analytics_js,adengine3_top_js,tracking_opt_in_js,qualaroo_blocking_js(Line 592) Message: CCPA: User Signal Mechanism initialized
console-api	log	URL: https://slot1-images.wikia.nocookie.net/__am/1583402581668/groups/-/abtesting,oasis_blocking,universal_analytics_js,adengine3_top_js,tracking_opt_in_js,qualaroo_blocking_js(Line 595) Message: CCPA: Geo does not require API
console-api	log	URL: https://slot1-images.wikia.nocookie.net/__am/1583402581668/groups/-/abtesting,oasis_blocking,universal_analytics_js,adengine3_top_js,tracking_opt_in_js,qualaroo_blocking_js(Line 594) Message: CCPA: User Signal Mechanism installed

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4471ef76-ac39-4f07-8f5b-38b16146d0a7.eu.u.fastly-insights.com
any-v4.pops.fastly-insights.com
beacon.wikia-services.com
dev.fandom.com
dev.wikia.com
discordapp.com
fastly-insights.com
fonts.gstatic.com
fra-v4.pops.fastly-insights.com
hhn-v4.pops.fastly-insights.com
jnb-v4.pops.fastly-insights.com
lga-v4.pops.fastly-insights.com
malware.wikia.org
mia-v4.pops.fastly-insights.com
pdata.pops.fastly-insights.com
puu.sh
services.wikia.org
sin-v4.pops.fastly-insights.com
slot1-images.wikia.nocookie.net
static.wikia.nocookie.net
vignette.wikia.nocookie.net
vignette3.wikia.nocookie.net
vignette4.wikia.nocookie.net
wlg-v4.pops.fastly-insights.com
www.fastly-insights.com
www.google-analytics.com
151.101.0.194
151.101.10.91
151.101.114.91
151.101.130.66
151.101.14.66
151.101.14.91
151.101.174.91
151.101.2.91
151.101.234.91
151.101.6.91
162.159.135.233
199.232.38.91
2606:4700:3038::681f:2b8
2a00:1450:4001:800::2003
2a00:1450:4001:81a::200e
2a04:4e42:600::194
2a04:4e42:600::578
74.120.188.194
74.120.188.204
098286c742a603264e555a1e661f23e3791000b1ecda8b0ea865532cbe51cf45
14c5decb6efee00902ef4d7d56677b0f25f4329c67953694101acae3f64e0d13
182f72be2ac58dda7e2ef9f7c1bc61789c3b6d6c1f86bbe5728251fca1eb1978
18ede43553ee04338aa9adc0266c250a3e8dc519fcaeb51580f8238609f00aae
196162c798734984782b1a2cccd2668b21c91d2ba6be36ed604db68893841161
1acf8be6b79d597643c5f01e781286088113d4575613935b69ade80d53daa49e
20d0faaff2118bd4aaedd2fa64447d3f14140cf75bc71b1e4761bcd75936fbc5
262088cad2064cf472d72c5980b2ccb545097c27edfd55df15576e7338ad5716
2eee0fe36709ae2f7a1d64b51b044e819f34ab498b18338e595bcb8b62b0a354
2f22c3bf1b2af2e5e9c3fbe027dd9ee916439011a3fe32697f178996449b1355
3309441ac20963e8fa7b0687271db8267648acf786349c398bde61cf1cf0e671
3546b0220f3d47dc2a9c7104595f755dbc1e34fd4c8992d2ffaeef98a1815604
3675c53ff71cb1ca23685eef9096d20bed3811cce537911777c81e66b321a008
3c5f70cab1120e323598e6e635b9b53487d4a2bd6957c93b5313ece1818e5ac2
43ef740799ae12b7d05cd5ee5d60cf57c708c83b1c90c4ed8dcaa3b8c35e0a53
456cc2397d11cd9b3d04df6596e4735cc29cb7f9f61b14194e4b4c3ee51350b7
45ce8bc11d2c33dbf0721121a984431a44b9efac43b45af080cd6be271d586f4
45e2e03e0484d8321f7a12e8e94a4552043d7d7a4416dafdf3f0aa23d34ec097
4930aa320d3f55b37a0ad235bf61cf03bb473a52410fce5ab8a19151bcf1c38b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
53224add53de4c20a5db7363faae8b344b9df8281a19d88215feaf9b86a8916a
54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02
5b44f64315cf16502b5e8bc15b8b4a16bb7c117ef89559e0aaae1f4ed702ebe6
5fa158978ebb1c147e7e07aa79182aeb04a9f28e2a9fae5dcd201886f2146fb2
62167de339fc875830a3abfb85a1e1dee28c179ad3517b441c52723d0f52de24
64c254630624f65b42d554bce9780b58c46225bf100a506938a2baf2a45057ac
6cbe19bb7614b9dc5fa43ad77c605281d90e73a83105c627cc29fecf9a3024d8
6eff6f790d0dc40fd6cf7d349e45f258af23cecf12f64dc080b178bb923d1cae
71a1f5d3a553a7cd142c7fddddbeedf17ce81227367ae1ce1f4f903e779d6707
720d598b9873cb6a916464447a44d5bbcac429d826a334c3ec706b1cf035f3e8
725bff9a83f83ba4a96e8256bea8822f49a0c2c821311abcfb39c6b46714beaf
72e1484f8fcfb5aa24effd8caca33a9422dfe40fcdfba0113ff0da9b23da0db8
7443ce38cce3be2d9255509e1727e1b3773341074e4d229ae9aabf8d454281d5
7bbbdf51e13ce20280f501209cdb6bcf941e81d6c856829b94a1a036f01cf2cc
802d62cbcbc0d3634542174027c89e0a82e997d2cae9f5ebf089d04fa35b5f3f
844a500337f35a257ba6ad1956cb481d2cac62c32b06aac23bbc1524f92aa6a4
85b766db5560c269bacaba40acfcea95a70bb2b1ba6056531d9077f0eb92a933
8aa5a03749b87dfded5168574a09605bc1bfda348266dae7f4cacbdc671293c1
8b7ced1bc64700c521def586a51b747f817c0ea0c46a1f53dfb06e93d188cf40
8fed7e12a70de30c9f6110fb97081dba50fd03393500cd351070c26707dd2c89
92e72d19bacb3cbf258b26f619497102b318afa42b4448e03e921cf1b1dc1210
933cd98e932afa3e86311d20912fec831f4830052fed943c43e1aad5a5ee5169
986cb1f502a55391a448235c90316f9d7540b5ab8057eea89f759a7155fcb1d6
9c27cb90f24aa4d9375eecf6b16a0b3f265686a9d2038e7678a8aa3298063283
a277f24bc4db148ce882f14c5b24ad8a7695d48995b218c8cddf5e1697ff0cb6
a27b09b2a54696a932fd5283de93fc6fbba91cf4b6c37bce51cbeb18be6ca325
a2d1ecd10debaaa0876d06584f2a601ad2a3ff76a21c6ca659fc0b131339269a
a7f27d087e80307b219749cae8f26903a41dacd8b86342a906e8a0ef2a03dad8
a8664bee07257b6301083e9625a1a57f951b04bbf20440cfa2033e7175459094
af38ed9df488ca149342b521e7aba9fdece85284a2d518ee05c67ae1084abe73
b0739847044b81584688415978da70a64110bd61d37237c6faf676c0965461f9
b44555490840da5d41cf9c3657c31f39b2e9ccccb1c5d9a622e596fcc1f573ad
b650d53b37001ac7d4de646464e79a580211aa638308f9eb450f21bdf3b226af
b9f0a7c95eafa3f709108d02beb3181bef9c9f7a5ed87552152b9d2bf9a749b3
bd30c2ca45be30d43fa2ede56b7fef5f59e7c5d6de616c3f08cb575a7e0fdb28
be1aea8a2775ef33fad0722e59ef07278322848d336ef5456b35ba7581e0ef67
c5aa1d07495f3f2e074471ddc6405705a67ca80f8a8c9b3a9af6285ab0eeceb5
cc0666860ac6fbfbc23eca7cf4aaa2fddf2744558cf0ea46d8a4546773969818
cd162049c30fb441c1dff2cb468c9a3a6d6a1b30bc9de803b2253638ad41db60
cf3d45227d9b401c48b8841144ba63d92d57948da0814701ff5b998a98d89036
d49e13929ca1c7770ce3ce9599f3ab4c942962a5f2b47a2dd5431795a1d6ed0c
d854798fb3feeb9095d9dd38629f803bf302ef275a948c6622a60c4a54c18b0a
dbfa411df05fcdeb285db3550573c63cd2a039333f88b067ae0890856f9977e8
dc8c3ca827ed6378a0b6e63457c9c4968951d4a29cd2144f6f49efbbc0349b78
dff38bf44c0eb18c64765139ec9749fd0069eab30a8d76567ca97bfe21ecfabf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9d78667d6d670825872a939c9dae6ba9378edd5f0eee312283ca55c73683a9b
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ed6fe953a49b63afc019a173202c3251a6d2146c6a6021f11d00ba25802bb4a1
f186055d271de5b9b6dc96573ac9acad6473353553445ebe819ed983fdc21e1c
f397338009deaf86023fbfdacabdf913e2a0f9158524fd2f55d7af4f2ea8954f
f4b73fff20a625422480f235549bc4ff4b151432ddc556c4c1d37dc53b25a444
f8030ba6c500215322a6c74dec59aae39c0d6be2a2ed09d6042bbbd146a779a5
f997e06f527904ab55b2b1b41f5a500a2fc41e3eec8e2bd52bf5f6d9216036d3

malware.wikia.org Open in urlscan Pro 2a04:4e42:600::194 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

94 Requests

100 %HTTPS

26 %IPv6

10 Domains

26 Subdomains

20 IPs

7 Countries

741 kBTransfer

2350 kBSize

8 Cookies

24 Outgoing links

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

malware.wikia.org Open in urlscan Pro
2a04:4e42:600::194 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

100 %
HTTPS

26 %
IPv6

10
Domains

26
Subdomains

20
IPs

7
Countries

741 kB
Transfer

2350 kB
Size

8
Cookies

94 HTTP transactions
4 data transactions