www.technologyreview.com Open in urlscan Pro
35.173.3.255 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://flip.it/_vcC3S
Effective URL:
https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Submission: On March 06 via manual (March 6th 2019, 4:53:09 am UTC) from SG

Summary HTTP 146 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 51 IPs in 6 countries across 46 domains to perform 146 HTTP transactions. The main IP is 35.173.3.255, located in Seattle, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is www.technologyreview.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 1st 2017. Valid for: 3 years.

This is the only time www.technologyreview.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	107.21.45.247 107.21.45.247	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	35.173.3.255 35.173.3.255	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
21	2606:4700:10:... 2606:4700:10::6814:1cee	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6811:b849	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	152.195.132.202 152.195.132.202	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
7	2606:4700:10:... 2606:4700:10::6814:1bee	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2606:4700::68... 2606:4700::6810:5505	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a02:26f0:eb:... 2a02:26f0:eb:3ab::3adf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	147.75.83.23 147.75.83.23	54825 (PACKET) (PACKET - Packet Host)
1	104.244.46.144 104.244.46.144	13414 (TWITTER) (TWITTER - Twitter Inc.)
2	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	151.101.1.2 151.101.1.2	54113 (FASTLY) (FASTLY - Fastly)
2 6	34.246.247.78 34.246.247.78	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY - Fastly)
1 3	172.227.124.249 172.227.124.249	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	147.75.83.1 147.75.83.1	54825 (PACKET) (PACKET - Packet Host)
1	52.86.72.168 52.86.72.168	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	13.74.252.44 13.74.252.44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2 3	2620:109:c007... 2620:109:c007:102::5be1:f885	197612 (LINKEDIN-1) (LINKEDIN-1)
1 1	2620:109:c002... 2620:109:c002::6cae:a0a	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1	34.231.31.77 34.231.31.77	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2606:4700::68... 2606:4700::6811:e7cc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6811:70b0	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	143.204.98.108 143.204.98.108	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2600:9000:200... 2600:9000:200c:dc00:1f:573d:79c0:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	18.184.103.21 18.184.103.21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.231.114.76 54.231.114.76	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	147.75.32.173 147.75.32.173	54825 (PACKET) (PACKET - Packet Host)
3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:200... 2600:9000:200c:4e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	104.108.51.30 104.108.51.30	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	54.171.224.12 54.171.224.12	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	34.195.208.119 34.195.208.119	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2 2	23.210.249.113 23.210.249.113	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2 2	54.171.7.149 54.171.7.149	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 3	3.120.224.89 3.120.224.89	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	34.199.66.245 34.199.66.245	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	2406:da00:ff0... 2406:da00:ff00::36f3:4889	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
11	172.217.21.98 172.217.21.98	15169 (GOOGLE) (GOOGLE - Google LLC)
1	3.120.80.142 3.120.80.142	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
13	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
25	2.21.38.40 2.21.38.40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2606:4700::68... 2606:4700::6810:fb05	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	34.200.171.196 34.200.171.196	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
146	51

1 107.21.45.247 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-107-21-45-247.compute-1.amazonaws.com

flip.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.173.3.255 (Seattle, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-173-3-255.compute-1.amazonaws.com

www.technologyreview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:10::6814:1cee (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.technologyreview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b849 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.248.44 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.195.132.202 (Ashburn, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6814:1bee (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.technologyreview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:eb:3ab::3adf (European Union)

ASN20940 (AKAMAI-ASN1, US)

sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.83.23 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-21

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.46.144 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.21.200 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.246.247.78 (United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-246-247-78.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.227.124.249 (Cambridge, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a172-227-124-249.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.83.1 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-23

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.72.168 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-86-72-168.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.74.252.44 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:109:c007:102::5be1:f885 (United States) 2 redirects

ASN197612 (LINKEDIN-1, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:109:c002::6cae:a0a (United States) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.31.77 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-231-31-77.compute-1.amazonaws.com

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e7cc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:70b0 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.108 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-108.fra50.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:200c:dc00:1f:573d:79c0:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d8rk54i4mohrb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.103.21 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-184-103-21.eu-central-1.compute.amazonaws.com

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.114.76 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.32.173 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-27

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200c:4e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.51.30 (Amsterdam, Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-51-30.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.224.12 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-224-12.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.195.208.119 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-195-208-119.compute-1.amazonaws.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.113 (Cambridge, United States) 2 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-249-113.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.7.149 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-7-149.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.120.224.89 (Fairfield, United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-120-224-89.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.66.245 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-199-66-245.compute-1.amazonaws.com

srv-2019-03-06-04.config.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:da00:ff00::36f3:4889 (United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)

edge.simplereach.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.21.98 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra07s32-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.80.142 (Fairfield, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-120-80-142.eu-central-1.compute.amazonaws.com

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:81c::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2.21.38.40 (France)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-21-38-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:fb05 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.171.196 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-200-171-196.compute-1.amazonaws.com

srv-2019-03-06-04.pixel.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	technologyreview.com www.technologyreview.com cdn.technologyreview.com	879 KB
25	moatads.com z.moatads.com px.moatads.com	342 KB
15	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	225 KB
11	doubleclick.net securepubads.g.doubleclick.net	125 KB
8	ml314.com 2 redirects ml314.com	15 KB
6	googletagservices.com www.googletagservices.com	153 KB
4	hubspot.com track.hubspot.com forms.hubspot.com	4 KB
4	cloudfront.net d1z2jf7jlzjs58.cloudfront.net d8rk54i4mohrb.cloudfront.net	34 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com	1 KB
3	eyeota.net 2 redirects ps.eyeota.net	875 B
3	facebook.com www.facebook.com	445 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	1 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	86 KB
2	simplereach.com edge.simplereach.com	1 KB
2	parsely.com srv-2019-03-06-04.config.parsely.com srv-2019-03-06-04.pixel.parsely.com	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	mathtag.com 2 redirects pixel.mathtag.com	1 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com	852 B
2	quantserve.com secure.quantserve.com pixel.quantserve.com	6 KB
2	quora.com a.quora.com q.quora.com	6 KB
2	facebook.net connect.facebook.net	60 KB
2	bing.com bat.bing.com	22 KB
2	hsforms.com forms.hsforms.com	2 KB
2	cookielaw.org cdn.cookielaw.org	23 KB
1	hubapi.com api.hubapi.com	597 B
1	twitter.com analytics.twitter.com	264 B
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	bluekai.com 1 redirects tags.bluekai.com	341 B
1	quantcount.com rules.quantcount.com	338 B
1	t.co t.co	166 B
1	amazonaws.com s3.amazonaws.com	3 KB
1	hsadspixel.net js.hsadspixel.net	2 KB
1	hs-analytics.net js.hs-analytics.net	26 KB
1	hsleadflows.net js.hsleadflows.net	60 KB
1	reddit.com alb.reddit.com	316 B
1	addthisedge.com m.addthisedge.com	385 B
1	onetrust.com geolocation.onetrust.com	195 B
1	redditstatic.com www.redditstatic.com	5 KB
1	hs-scripts.com js.hs-scripts.com	969 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	bizographics.com sjs.bizographics.com	5 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
1	addthis.com s7.addthis.com	110 KB
1	hsforms.net js.hsforms.net	114 KB
1	flip.it 1 redirects flip.it	356 B
146	46

	Domain	Requested by
28	cdn.technologyreview.com	www.technologyreview.com www.googletagmanager.com
21	px.moatads.com	www.technologyreview.com
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net
11	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.technologyreview.com
8	ml314.com	2 redirects www.technologyreview.com ml314.com
6	www.googletagservices.com	cdn.technologyreview.com securepubads.g.doubleclick.net
4	z.moatads.com	securepubads.g.doubleclick.net
3	track.hubspot.com
3	ps.eyeota.net	2 redirects www.technologyreview.com
3	www.facebook.com	www.technologyreview.com connect.facebook.net
3	px.ads.linkedin.com	2 redirects www.technologyreview.com
3	sb.scorecardresearch.com	1 redirects www.technologyreview.com www.googletagmanager.com
2	pagead2.googlesyndication.com
2	edge.simplereach.com	d8rk54i4mohrb.cloudfront.net
2	sync.crwdcntrl.net	2 redirects
2	pixel.mathtag.com	2 redirects
2	idsync.rlcdn.com	2 redirects
2	d8rk54i4mohrb.cloudfront.net	www.technologyreview.com d8rk54i4mohrb.cloudfront.net
2	d1z2jf7jlzjs58.cloudfront.net	www.technologyreview.com d1z2jf7jlzjs58.cloudfront.net
2	connect.facebook.net	www.technologyreview.com connect.facebook.net
2	bat.bing.com	www.googletagmanager.com www.technologyreview.com
2	forms.hsforms.com	js.hsforms.net
2	cdn.cookielaw.org	www.technologyreview.com cdn.cookielaw.org
1	srv-2019-03-06-04.pixel.parsely.com
1	forms.hubspot.com	js.hsleadflows.net
1	api.hubapi.com	js.hsadspixel.net
1	analytics.twitter.com	static.ads-twitter.com
1	pixel.quantserve.com	www.technologyreview.com
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	srv-2019-03-06-04.config.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	tags.bluekai.com	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	vars.hotjar.com	static.hotjar.com
1	t.co	www.technologyreview.com
1	s3.amazonaws.com	www.technologyreview.com
1	secure.quantserve.com	www.technologyreview.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	alb.reddit.com	www.technologyreview.com
1	m.addthisedge.com	s7.addthis.com
1	www.linkedin.com	1 redirects
1	geolocation.onetrust.com	cdn.technologyreview.com
1	q.quora.com	www.technologyreview.com
1	script.hotjar.com	static.hotjar.com
1	www.redditstatic.com	www.technologyreview.com
1	a.quora.com	www.technologyreview.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	sjs.bizographics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.technologyreview.com
1	s7.addthis.com	www.technologyreview.com
1	js.hsforms.net	www.technologyreview.com
1	www.technologyreview.com
1	flip.it	1 redirects
146	57

This site contains links to these domains. Also see Links.

Domain
onetrust.com
go.technologyreview.com
events.technologyreview.com
mediakit.technologyreview.com
dragos.com
www.fireeye.com
www.npr.org
alertlogic.qa.hbr.org
twitter.com
www.facebook.com
subscribe.technologyreview.com
www.mitef.org

Subject Issuer	Validity	Valid
*.technologyreview.com DigiCert SHA2 Secure Server CA	`2017-05-01` - `2020-07-08`	3 years	crt.sh
ssl766686.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-01-18` - `2019-07-27`	6 months	crt.sh
odc-prod-01.oracle.com DigiCert ECC Secure Server CA	`2018-05-06` - `2019-08-05`	a year	crt.sh
sa437gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2018-05-17` - `2020-08-19`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
ssl431287.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-02-13` - `2019-08-22`	6 months	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2018-04-13` - `2020-04-17`	2 years	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2019-02-08` - `2019-05-09`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2018-06-28` - `2019-07-03`	a year	crt.sh
www.bing.com Microsoft IT TLS CA 5	`2017-07-20` - `2019-07-10`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-01-21` - `2019-04-21`	3 months	crt.sh
ssl817718.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-05` - `2019-09-11`	6 months	crt.sh
*.quora.com DigiCert SHA2 Secure Server CA	`2018-08-15` - `2019-11-26`	a year	crt.sh
*.ml314.com Amazon	`2018-04-14` - `2019-05-14`	a year	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2018-08-17` - `2020-09-02`	2 years	crt.sh
*.scorecardresearch.com COMODO RSA Organization Validation Secure Server CA	`2018-11-28` - `2019-12-26`	a year	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2019-02-08` - `2019-05-09`	3 months	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2017-06-08` - `2020-06-19`	3 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2017-06-06` - `2019-06-11`	2 years	crt.sh
alb.reddit.com Amazon	`2018-06-18` - `2019-07-18`	a year	crt.sh
ssl817706.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-05` - `2019-09-11`	6 months	crt.sh
ssl803670.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-12-19` - `2019-06-27`	6 months	crt.sh
ssl803643.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-12-19` - `2019-06-27`	6 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2018-10-16` - `2019-10-21`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-12-03` - `2019-10-25`	a year	crt.sh
t.co DigiCert SHA2 Extended Validation Server CA	`2017-01-12` - `2019-04-12`	2 years	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2019-02-08` - `2019-05-09`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
www.eyeota.com COMODO RSA Domain Validation Secure Server CA	`2018-02-12` - `2021-02-11`	3 years	crt.sh
*.config.parsely.com Amazon	`2019-02-27` - `2020-03-27`	a year	crt.sh
*.simplereach.com Amazon	`2019-02-06` - `2020-03-06`	a year	crt.sh
*.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
moatads.com DigiCert ECC Secure Server CA	`2018-11-10` - `2020-02-09`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-01-28` - `2020-01-28`	a year	crt.sh
ssl817724.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-05` - `2019-09-11`	6 months	crt.sh
hubspot.com CloudFlare Inc ECC CA-2	`2019-01-04` - `2020-01-04`	a year	crt.sh
*.pixel.parsely.com Amazon	`2019-02-27` - `2020-03-27`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Frame ID: 3A0CB217C1B167410B910A03AB5D9706
Requests: 118 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-d831eecf6f5411af024c3acd759add17.html
Frame ID: DE532732151CF9788741B6D24A592D40
Requests: 1 HTTP requests in this frame

Frame: https://d8rk54i4mohrb.cloudfront.net/container.html?pid=5579ded9736b79d48fc40100&title=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&date=2019-03-05&authors=Martin%20Giles&channels=Connectivity&url=www.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&ignore_errors=false&tags=undefined&referrer=&ref_url=&page_url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&cb=SPR.API.callbacks.cbhzvzjfsjpt&v=2.18.1&cache_buster=1551847972497
Frame ID: BB3ABB47E3C5F56E405DA4A471E3ED5D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AFA66BF5B80D7F58E31C574D7CAF2EE7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190227/r20110914/abg_lite.js
Frame ID: DFBED0D93AC414DA910A74EFF2CB7692
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190227/r20110914/abg_lite.js
Frame ID: DDE8E66A90D51B779C3ACA82DD3A73A5
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190227/r20110914/abg_lite.js
Frame ID: CB743E893A0590BE19AE1616ED966F34
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190227/r20110914/abg_lite.js
Frame ID: 7478FBA243AD5C32D111BE8D323B5DB1
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://flip.it/_vcC3S HTTP 302
https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/ Page URL

Detected technologies

Erlang (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /Cowboy/i

Cowboy (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /Cowboy/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^React$/i

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^requirejs$/i

AddThis (Widgets) Expand

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i
env /^google_tag_manager$/i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

HubSpot (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

env /^(?:_hsq|hubspot)$/i

Parse.ly (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^PARSELY$/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^quantserve$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Piwik () Expand

Overall confidence: 100%
Detected patterns

env /^_paq$/i

Page Statistics

146
Requests

100 %
HTTPS

43 %
IPv6

46
Domains

57
Subdomains

51
IPs

6
Countries

2354 kB
Transfer

6450 kB
Size

22
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://go.technologyreview.com/insider/pricing/
Title: Subscribe today

Search URL Search Domain Scan URL

URL: https://events.technologyreview.com/
Title: Events

Search URL Search Domain Scan URL

URL: https://go.technologyreview.com/newsletters
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://mediakit.technologyreview.com/
Title: Advertise with Us

Search URL Search Domain Scan URL

URL: https://dragos.com/resource/xenotime/
Title: using some of the same digital tradecraft

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html
Title: was revealed

Search URL Search Domain Scan URL

URL: https://www.npr.org/2018/07/18/630164914/transcript-dan-coats-warns-of-continuing-russian-cyberattacks
Title: a speech last year

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2018/10/triton-attribution-russian-government-owned-lab-most-likely-built-tools.html
Title: published last October

Search URL Search Domain Scan URL

URL: http://alertlogic.qa.hbr.org/2018/04/internet-insecurity
Title: urging companies to revisit all their operations

Search URL Search Domain Scan URL

URL: https://events.technologyreview.com/emtech/digital/19?utm_medium=trsite&utm_source=instory&utm_campaign=emtech_digital_2019.unpaid.acquisition&utm_content=tags&discount=TAGINST#section-register
Title: Register now

Search URL Search Domain Scan URL

URL: https://twitter.com/techreview
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/technologyreview
Title: Facebook

Search URL Search Domain Scan URL

URL: https://subscribe.technologyreview.com/ecom/mtr/app/live/subcustserv?pagemode=start&org=MTR&publ=TR&php=Y
Title: Manage Subscription

Search URL Search Domain Scan URL

URL: http://www.mitef.org/
Title: MIT Enterprise Forum

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://flip.it/_vcC3S HTTP 302
https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://sb.scorecardresearch.com/b?c1=2&c2=16198136&ns__t=1551847971981&ns_c=UTF-8&c8=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&c7=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=16198136&ns__t=1551847971981&ns_c=UTF-8&c8=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&c7=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&c9=

Request Chain 50

https://px.ads.linkedin.com/collect/?time=1551847972255&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&fmt=js&s=1 HTTP 302
https://px.ads.linkedin.com/collect/?time=1551847972255&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&fmt=js&s=1&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1551847972255%26pid%3D8617%26url%3Dhttps%253A%252F%252Fwww.technologyreview.com%252Fs%252F613054%252Fcybersecurity-critical-infrastructure-triton-malware%252F%26fmt%3Djs%26s%3D1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect/?time=1551847972255&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&fmt=js&s=1&cookiesTest=true&liSync=true

Request Chain 68

https://tags.bluekai.com/site/20486?limit=0&id=5978151463181312287&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151463181312287%26eid=50056 HTTP 302
https://ml314.com/csync.ashx?fp=$_BK_UUID&person_id=5978151463181312287&eid=50056

Request Chain 69

https://idsync.rlcdn.com/395886.gif?partner_uid=5978151463181312287 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTNTk3ODE1MTQ2MzE4MTMxMjI4NxAAGg0IpKT94wUSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=9fbe9e9688353914a7f8dc47f2fa7ba7a6816bd6e48485a6bb93d9460282a4a0f4cb09cee1a4f8eb&person_id=5978151463181312287&eid=50082

Request Chain 70

https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151463181312287%26eid=50220 HTTP 302
https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151463181312287%26eid=50220&mm_bnc&mm_bct HTTP 302
https://ml314.com/csync.ashx?fp=2fe35c7f-46a8-4400-ad36-1fc74aa18a10&person_id=5978151463181312287&eid=50220

Request Chain 71

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151463181312287 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151463181312287 HTTP 302
https://ml314.com/csync.ashx?fp=edfe67896c97328a62f6d072f57cca09&eid=50146&person_id=5978151463181312287

Request Chain 72

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2MLcDrafjEYnl8BiXaLwtzR3UkwS2Oet53Hku7z_-eXM&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil HTTP 302
https://ml314.com/csync.ashx?fp=2MLcDrafjEYnl8BiXaLwtzR3UkwS2Oet53Hku7z_-eXM&person_id=5978151463181312287&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil

146 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Redirect Chain

http://flip.it/_vcC3S
https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

95 KB
22 KB

406ms
174ms

Document
text/html

35.173.3.255
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.3.255 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-173-3-255.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 2e1571b57d24b2cb2714891b53bf174fc64c538164a1c21e1efb3b61252a8690

Request headers

Host: www.technologyreview.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: Cowboy
Connection: keep-alive
Vary: origin,accept-encoding
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Date: Wed, 06 Mar 2019 04:52:51 GMT
Transfer-Encoding: chunked
Via: 1.1 vegur

Redirect headers

Date: Wed, 06 Mar 2019 04:52:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 234
Connection: keep-alive
Cache-Control: public, max-age=3600
Location: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Vary: Accept
X-XSS-Protection: 1
X-Content-Type-Options: nosniff

GET
H2 200 article.css
cdn.technologyreview.com/_/dist/css/ 423 KB
57 KB 56ms
11ms Stylesheet
text/css 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8848a01a7391f92e5cb32e0da62f5e7714fd654d1c6558920cb3828b415bea

Request headers

:path: /_/dist/css/article.css?v=6aaa9416
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
:scheme: https
:method: GET
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 04 Mar 2019 16:36:05 GMT
server: cloudflare
etag: "880769cd54a9985ae249f2d7236fc5ec84e7e5f1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin,accept-encoding
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=1209600
set-cookie: __cfduid=d96ddc943a01d4ea9b047ab8a36d50fd21551847971; expires=Thu, 05-Mar-20 04:52:51 GMT; path=/; domain=.technologyreview.com; HttpOnly
cf-ray: 4b31b8ffa912c279-FRA
via: 1.1 vegur
expires: Mon, 18 Mar 2019 16:38:35 GMT

GET
H2 200 stacked-logo-v2.svg
cdn.technologyreview.com/_/img/ 3 KB
2 KB 64ms
19ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/stacked-logo-v2.svg
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d99efcd06c0c2bbd57247ca6c0c231560840ef20cd073c61cef5560d7b0709d

Request headers

:path: /_/img/stacked-logo-v2.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
:scheme: https
:method: GET
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
content-encoding: gzip
cf-cache-status: HIT
status: 200
last-modified: Thu, 14 Feb 2019 15:26:54 GMT
server: cloudflare
etag: "042d3591ca7c821f4c185c53abea8d07d92b4fc2-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin,accept-encoding
content-type: image/svg+xml
via: 1.1 vegur
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
set-cookie: __cfduid=d96ddc943a01d4ea9b047ab8a36d50fd21551847971; expires=Thu, 05-Mar-20 04:52:51 GMT; path=/; domain=.technologyreview.com; HttpOnly
cf-ray: 4b31b8ffa916c279-FRA

GET
H2 200 mitspot1.jpg
cdn.technologyreview.com/i/images/ 76 KB
76 KB 57ms
12ms Image
image/jpeg 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/i/images/mitspot1.jpg?sw=520&cx=33&cy=58&cw=945&ch=887
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13be0fad34aadb206ab194936a25a9979835f3e5551bd436e85125d142b663cc

Request headers

:path: /i/images/mitspot1.jpg?sw=520&cx=33&cy=58&cw=945&ch=887
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
:scheme: https
:method: GET
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
via: 1.1 vegur
cf-cache-status: HIT
cf-polished: degrade=85, origSize=95971
status: 200
content-length: 77882
last-modified: Tue, 05 Mar 2019 18:34:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/jpeg
expires: Tue, 19 Mar 2019 19:37:37 GMT
cache-control: public, max-age=1209600
set-cookie: __cfduid=d96ddc943a01d4ea9b047ab8a36d50fd21551847971; expires=Thu, 05-Mar-20 04:52:51 GMT; path=/; domain=.technologyreview.com; HttpOnly
accept-ranges: bytes
cf-ray: 4b31b8ffa914c279-FRA
cf-bgj: imgq:85

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 412 KB
114 KB 50ms
13ms Script
application/javascript 2606:4700::6811:b849
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b849 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dabc748debcd8b549494961ac0386cc103be580fbe0912511380d46e3a7aa05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
via: 1.1 325d03085430e8fa793924353b3b665b.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
content-type: application/javascript; charset=utf-8
last-modified: Tue, 05 Mar 2019 01:41:23 GMT
server: cloudflare
etag: W/"8ccd7b224b81f53ef81e2d87ee33876b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: H_E6sjKj1b5HUodlKhe4lVW8wligH28.
access-control-allow-origin: *
cache-control: max-age=600
cf-ray: 4b31b90009fbc288-FRA
x-amz-cf-id: biHJ4nmgz27fbj7nJSG7bvT-XHs7F9I7c6rCBtSbKizR5ULU2_lF_g==

GET
H2 200 mitspots2.jpg
cdn.technologyreview.com/i/images/ 80 KB
81 KB 9ms
9ms Image
image/jpeg 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/i/images/mitspots2.jpg?sw=570&cx=26&cy=97&cw=963&ch=881
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 648bde3606e8abcadc6a94dab68193fb00b97a69c7ceeba4ce95daf3a61afe61

Request headers

:path: /i/images/mitspots2.jpg?sw=570&cx=26&cy=97&cw=963&ch=881
pragma: no-cache
cookie: __cfduid=d96ddc943a01d4ea9b047ab8a36d50fd21551847971
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
:scheme: https
:method: GET
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
via: 1.1 vegur
cf-cache-status: HIT
cf-polished: degrade=85, origSize=101822
status: 200
content-length: 82420
last-modified: Mon, 04 Mar 2019 15:43:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/jpeg
expires: Tue, 19 Mar 2019 19:25:40 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 4b31b8ffd96ac279-FRA
cf-bgj: imgq:85

GET
H2 200 mitheaderfinalv4.jpg
cdn.technologyreview.com/i/images/ 220 KB
221 KB 17ms
13ms Image
image/jpeg 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/i/images/mitheaderfinalv4.jpg?sw=1080&cx=0&cy=0&cw=2756&ch=1697
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f20738fd2ecc88cdac45a4ce358fec1ab0b1693d2a1d861aa82872919f528cbc

Request headers

:path: /i/images/mitheaderfinalv4.jpg?sw=1080&cx=0&cy=0&cw=2756&ch=1697
pragma: no-cache
cookie: __cfduid=d96ddc943a01d4ea9b047ab8a36d50fd21551847971
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
:scheme: https
:method: GET
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
via: 1.1 vegur
cf-cache-status: HIT
cf-polished: degrade=85, origSize=279740
status: 200
content-length: 225546
last-modified: Mon, 04 Mar 2019 15:43:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/jpeg
expires: Tue, 19 Mar 2019 19:30:07 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 4b31b8ffe99ec279-FRA
cf-bgj: imgq:85

GET
H2 200 giles.png
cdn.technologyreview.com/i/profiles/avatars/ 6 KB
6 KB 19ms
16ms Image
image/png 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/i/profiles/avatars/giles.png?sw=75
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ec92479b90fa26815b14755ca5645cf8900f7b5df5313f2f8046f9352c76a7a

Request headers

:path: /i/profiles/avatars/giles.png?sw=75
pragma: no-cache
cookie: __cfduid=d96ddc943a01d4ea9b047ab8a36d50fd21551847971
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
:scheme: https
:method: GET
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
via: 1.1 vegur
cf-cache-status: HIT
cf-polished: pngoptimizer, origSize=7773
status: 200
content-length: 5855
last-modified: Tue, 07 Nov 2017 22:12:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/png
expires: Fri, 08 Mar 2019 03:57:39 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 4b31b8ffe9a1c279-FRA
cf-bgj: imgq:85

GET
H2 200 horizontal-logo-v2--white.svg
cdn.technologyreview.com/_/img/ 4 KB
2 KB 19ms
16ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/horizontal-logo-v2--white.svg
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9804319e04965fab520e9c970fbf67c1f08038c26fc8312af3dcaecd815f6515

Request headers

:path: /_/img/horizontal-logo-v2--white.svg
pragma: no-cache
cookie: __cfduid=d96ddc943a01d4ea9b047ab8a36d50fd21551847971
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
:scheme: https
:method: GET
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 06 Feb 2019 16:52:42 GMT
server: cloudflare
etag: "a22e2f24f82d4c30c6b28120a74c355945a45672-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin,accept-encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
cf-ray: 4b31b8ffe9a2c279-FRA
via: 1.1 vegur

GET
H2 200 default.js Show response
cdn.technologyreview.com/_/dist/js/ 453 KB
127 KB 12ms
9ms Script
application/javascript 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/dist/js/default.js?v=6aaa9416
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9a8449ea817b595d911600929b2e75106d15eba1d93becb15a206275ba05a22

Request headers

:path: /_/dist/js/default.js?v=6aaa9416
pragma: no-cache
cookie: __cfduid=d96ddc943a01d4ea9b047ab8a36d50fd21551847971
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
:scheme: https
:method: GET
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 04 Mar 2019 16:36:05 GMT
server: cloudflare
etag: "427556c957b99b3ce3936b6378aff104b60cd80a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin,accept-encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=1209600
cf-ray: 4b31b8ffe9a3c279-FRA
via: 1.1 vegur
expires: Mon, 18 Mar 2019 16:38:35 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/250/ 344 KB
110 KB 83ms
27ms Script
application/javascript 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s7.addthis.com/js/250/addthis_widget.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.210.248.44 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ae3ea387b378c0292d88b248f89469115159836aa628d33862e409f2cc7ba67a

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
content-encoding: gzip
surrogate-key: client_dist
last-modified: Thu, 28 Feb 2019 14:32:49 GMT
etag: "5c77f111-561d6"
vary: Accept-Encoding
x-distribution: 99
cache-tag: client_dist
status: 200
cache-control: public, max-age=600
x-host: s7.addthis.com
accept-ranges: bytes
timing-allow-origin: *
content-type: application/javascript

GET
H2 200 ArticleSubscriptionStump.js Show response
cdn.technologyreview.com/_/dist/js/ 157 KB
41 KB 14ms
12ms Script
application/javascript 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/dist/js/ArticleSubscriptionStump.js?v=6aaa9416
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a2d2f649e733199ee6c1aa3d833188e17355e2a36abf4b5b334e8eaa89c8e8e

Request headers

:path: /_/dist/js/ArticleSubscriptionStump.js?v=6aaa9416
pragma: no-cache
cookie: __cfduid=d96ddc943a01d4ea9b047ab8a36d50fd21551847971
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
:scheme: https
:method: GET
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 04 Mar 2019 16:36:05 GMT
server: cloudflare
etag: "68fc93d0c9bd125ba3ca10acd88ec918774b73bf-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin,accept-encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=1209600
cf-ray: 4b31b8ffe9a4c279-FRA
via: 1.1 vegur
expires: Mon, 18 Mar 2019 16:38:35 GMT

GET
H2 200 article.js Show response
cdn.technologyreview.com/_/dist/js/ 246 KB
69 KB 17ms
15ms Script
application/javascript 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/dist/js/article.js?v=6aaa9416
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 182d055f57d1b0a7aaa410dc800111561ef1af4700e59a54b6f3199e19ce8c0c

Request headers

:path: /_/dist/js/article.js?v=6aaa9416
pragma: no-cache
cookie: __cfduid=d96ddc943a01d4ea9b047ab8a36d50fd21551847971
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
:scheme: https
:method: GET
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 04 Mar 2019 16:36:05 GMT
server: cloudflare
etag: "3d450f1f8d3a8075d841489b64c670df0e4a70fb-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin,accept-encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=1209600
cf-ray: 4b31b8ffe9a5c279-FRA
via: 1.1 vegur
expires: Mon, 18 Mar 2019 16:38:35 GMT

GET
H2 200 a321aa9c-3063-4225-abb6-0285fd5607e6.js Show response
cdn.cookielaw.org/consent/ 90 KB
17 KB 85ms
10ms Script
application/x-javascript 152.195.132.202
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/consent/a321aa9c-3063-4225-abb6-0285fd5607e6.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.202 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F44) /
Resource Hash: fcb266205826d7200403a3b88f415a211e3db0503c6bc7b2b06bef0e1991f11e

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 06 Mar 2019 04:52:51 GMT
content-encoding: gzip
content-md5: aWz4izv6GBiD08dIp4/GGQ==
x-cache: HIT
status: 200
content-length: 17054
x-ms-lease-status: unlocked
last-modified: Tue, 20 Nov 2018 19:08:33 GMT
server: ECAcc (frc/8F44)
etag: 0x8D64F1B90EBF184
vary: Accept-Encoding
content-type: application/x-javascript
x-ms-request-id: 29fe2700-101e-00e8-6ac9-d3251d000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Wed, 06 Mar 2019 08:52:51 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 157 KB
36 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:81d::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN

Requested by

Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

dbc9c3294de3df6442cca9515af12bafadf8146cb14bbc8705da15afeed53fd4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 36941
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2019 04:52:51 GMT

GET
H2 200 angle-arrow.svg
cdn.technologyreview.com/_/img/ 327 B
351 B 13ms
12ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/angle-arrow.svg
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd191ef8796b5d0f92892273e05517556478b9401863b8f69c5550726f24d901

Request headers

:path: /_/img/angle-arrow.svg
pragma: no-cache
cookie: __cfduid=d96ddc943a01d4ea9b047ab8a36d50fd21551847971
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4b31b8fff9bec279-FRA
date: Wed, 06 Mar 2019 04:52:51 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Thu, 14 Feb 2019 15:26:54 GMT
server: cloudflare
etag: W/"15b4d900c5b7a0a7affa4c25ffcca1aa95e18276"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 angle-arrow--red.svg
cdn.technologyreview.com/_/img/ 324 B
349 B 11ms
10ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/angle-arrow--red.svg
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 381505fbbe1274b2f5b58f56e879542b46e7e5af1faa56176e8b437e288d5018

Request headers

:path: /_/img/angle-arrow--red.svg
pragma: no-cache
cookie: __cfduid=d96ddc943a01d4ea9b047ab8a36d50fd21551847971
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4b31b8fff9bfc279-FRA
date: Wed, 06 Mar 2019 04:52:51 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Fri, 08 Feb 2019 18:41:04 GMT
server: cloudflare
etag: W/"dd21ece53e401d9f12e057457506adc637df1d2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 mag-small.svg
cdn.technologyreview.com/_/img/ 706 B
583 B 11ms
11ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/mag-small.svg
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d09eefb45e90f4236f585e2fd604e9270dda2c91c85b3a38a66017c775da334

Request headers

:path: /_/img/mag-small.svg
pragma: no-cache
cookie: __cfduid=d96ddc943a01d4ea9b047ab8a36d50fd21551847971
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4b31b8fff9c0c279-FRA
date: Wed, 06 Mar 2019 04:52:51 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 20 Feb 2019 21:00:09 GMT
server: cloudflare
etag: W/"a4684abbdff24c669f717c37b31082b0a306b316"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 nhaasgroteskdsstd-25th.woff
cdn.technologyreview.com/_/fonts/ 29 KB
29 KB 58ms
18ms Font
font/woff 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/fonts/nhaasgroteskdsstd-25th.woff
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fc61bf0728b3a21438b4539c6fa9cfe549b89a537d375d72dd7c687ac26b41f

Request headers

:path: /_/fonts/nhaasgroteskdsstd-25th.woff
pragma: no-cache
origin: https://www.technologyreview.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
Origin: https://www.technologyreview.com

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
via: 1.1 vegur
cf-cache-status: HIT
status: 200
content-length: 29648
last-modified: Wed, 20 Feb 2019 21:00:09 GMT
server: cloudflare
etag: "8015811674c0d479d73e3af0b0dfc299918a7915"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: font/woff
access-control-allow-origin: https://www.technologyreview.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
set-cookie: __cfduid=d9c3bbec232cd1bb5828d3bb20825848a1551847971; expires=Thu, 05-Mar-20 04:52:51 GMT; path=/; domain=.technologyreview.com; HttpOnly
accept-ranges: bytes
cf-ray: 4b31b9003bbd64e1-FRA

GET
H2 200 nhaasgroteskdsstd-55rg.woff
cdn.technologyreview.com/_/fonts/ 28 KB
28 KB 57ms
17ms Font
font/woff 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/fonts/nhaasgroteskdsstd-55rg.woff
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cab9300f0ecfc026cc2e558aaea117dc5b536c0728deb27e763b27659a093118

Request headers

:path: /_/fonts/nhaasgroteskdsstd-55rg.woff
pragma: no-cache
origin: https://www.technologyreview.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
Origin: https://www.technologyreview.com

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
via: 1.1 vegur
cf-cache-status: HIT
status: 200
content-length: 28680
last-modified: Thu, 21 Feb 2019 22:29:54 GMT
server: cloudflare
etag: "0330073a9ff8526feae0b20a7f0232b3d98c3f45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: font/woff
access-control-allow-origin: https://www.technologyreview.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
set-cookie: __cfduid=d9c3bbec232cd1bb5828d3bb20825848a1551847971; expires=Thu, 05-Mar-20 04:52:51 GMT; path=/; domain=.technologyreview.com; HttpOnly
accept-ranges: bytes
cf-ray: 4b31b9003bbf64e1-FRA

GET
H2 200 nhaasgroteskdsstd-75bd.woff
cdn.technologyreview.com/_/fonts/ 31 KB
31 KB 52ms
12ms Font
font/woff 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/fonts/nhaasgroteskdsstd-75bd.woff
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e3e0c14cd2f2f6c9e3f7f49ca91e0285b0f748c29e82380e2ac77750f613958

Request headers

:path: /_/fonts/nhaasgroteskdsstd-75bd.woff
pragma: no-cache
origin: https://www.technologyreview.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
Origin: https://www.technologyreview.com

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
via: 1.1 vegur
cf-cache-status: HIT
status: 200
content-length: 31496
last-modified: Wed, 20 Feb 2019 21:00:09 GMT
server: cloudflare
etag: "10723ba58aa923a29a4cc4d4d8fd3bc9199915f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: font/woff
access-control-allow-origin: https://www.technologyreview.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
set-cookie: __cfduid=d9c3bbec232cd1bb5828d3bb20825848a1551847971; expires=Thu, 05-Mar-20 04:52:51 GMT; path=/; domain=.technologyreview.com; HttpOnly
accept-ranges: bytes
cf-ray: 4b31b9003bc064e1-FRA

GET
H2 200 nhaasgroteskdsstd-65md.woff
cdn.technologyreview.com/_/fonts/ 29 KB
30 KB 57ms
17ms Font
font/woff 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/fonts/nhaasgroteskdsstd-65md.woff
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 762e5fd7df3e5f35b2b9cf5c5cc01b0e67420fb73a4a9be8eb236184bf6ad763

Request headers

:path: /_/fonts/nhaasgroteskdsstd-65md.woff
pragma: no-cache
origin: https://www.technologyreview.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
Origin: https://www.technologyreview.com

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
via: 1.1 vegur
cf-cache-status: HIT
status: 200
content-length: 30116
last-modified: Wed, 20 Feb 2019 21:00:09 GMT
server: cloudflare
etag: "844894e7fdbbe6f603a9d26e39e5b2ea9139fc21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: font/woff
access-control-allow-origin: https://www.technologyreview.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
set-cookie: __cfduid=d9c3bbec232cd1bb5828d3bb20825848a1551847971; expires=Thu, 05-Mar-20 04:52:51 GMT; path=/; domain=.technologyreview.com; HttpOnly
accept-ranges: bytes
cf-ray: 4b31b9003bbe64e1-FRA

GET
H2 200 ionicons.ttf
cdn.technologyreview.com/_/fonts/ 5 KB
3 KB 57ms
18ms Font
font/ttf 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/fonts/ionicons.ttf?v=3.0.5
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80e0e663ec8e77b09b27581a613982039b6fd7830eb55c6cf6e038fdf9e13e63

Request headers

:path: /_/fonts/ionicons.ttf?v=3.0.5
pragma: no-cache
origin: https://www.technologyreview.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
Origin: https://www.technologyreview.com

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
via: 1.1 vegur
cf-cache-status: HIT
status: 200
content-encoding: gzip
last-modified: Fri, 08 Feb 2019 02:07:07 GMT
server: cloudflare
etag: W/"2a8564c8bb358f64c9588bf8af268edfa7221861"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: font/ttf
access-control-allow-origin: https://www.technologyreview.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
set-cookie: __cfduid=d9c3bbec232cd1bb5828d3bb20825848a1551847971; expires=Thu, 05-Mar-20 04:52:51 GMT; path=/; domain=.technologyreview.com; HttpOnly
cf-ray: 4b31b9003bc264e1-FRA

GET
H2 200 font-bureau-millertext-roman.woff
cdn.technologyreview.com/_/fonts/ 22 KB
22 KB 57ms
18ms Font
font/woff 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/fonts/font-bureau-millertext-roman.woff
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a20f6ee8f0590104e47e29e590d8f2698bf4bc5486b80d5f05e8ea5b4d427df

Request headers

:path: /_/fonts/font-bureau-millertext-roman.woff
pragma: no-cache
origin: https://www.technologyreview.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
Origin: https://www.technologyreview.com

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
via: 1.1 vegur
cf-cache-status: HIT
status: 200
content-length: 22268
last-modified: Wed, 06 Feb 2019 16:52:42 GMT
server: cloudflare
etag: "a14ac2087fe727714eb810a897adbfb482ede712"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: font/woff
access-control-allow-origin: https://www.technologyreview.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
set-cookie: __cfduid=d9c3bbec232cd1bb5828d3bb20825848a1551847971; expires=Thu, 05-Mar-20 04:52:51 GMT; path=/; domain=.technologyreview.com; HttpOnly
accept-ranges: bytes
cf-ray: 4b31b9003bc464e1-FRA

GET
H2 200 nhaasgroteskdsstd-35xlt.woff
cdn.technologyreview.com/_/fonts/ 28 KB
29 KB 56ms
18ms Font
font/woff 2606:4700:10::6814:1bee
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.technologyreview.com/_/fonts/nhaasgroteskdsstd-35xlt.woff
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1bee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 623bbd6e9fc0d231a07dbde18fe91c2f1eccb1aaa13c0a2ca2be0bbb963408bb

Request headers

:path: /_/fonts/nhaasgroteskdsstd-35xlt.woff
pragma: no-cache
origin: https://www.technologyreview.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
Origin: https://www.technologyreview.com

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
via: 1.1 vegur
cf-cache-status: HIT
status: 200
content-length: 29076
last-modified: Tue, 19 Feb 2019 21:58:52 GMT
server: cloudflare
etag: "34eaf53dcd6d0f1be6717e94082cbfbaf930d167"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: font/woff
access-control-allow-origin: https://www.technologyreview.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
set-cookie: __cfduid=d9c3bbec232cd1bb5828d3bb20825848a1551847971; expires=Thu, 05-Mar-20 04:52:51 GMT; path=/; domain=.technologyreview.com; HttpOnly
accept-ranges: bytes
cf-ray: 4b31b9003bc164e1-FRA

GET
H2 200 3e69a4f7-5967-47be-bdc7-4326b12c2581 Show response
forms.hsforms.com/embed/v3/form/4518541/ 3 KB
1 KB 153ms
119ms Script
application/javascript 2606:4700::6810:5505
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/4518541/3e69a4f7-5967-47be-bdc7-4326b12c2581?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

885146a434f5e45637af989ce8e6aeb429a933e6e83bf0031129b54f7b9ba18c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=no-rfd.txt
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 946
server: cloudflare
x-trace: 2BC1BF6114C8215F2027611E0F0F9A3524FA16383E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 4b31b9010c4d97b0-FRA

GET
H/1.1 200
OK insight.min.js Show response
sjs.bizographics.com/ 15 KB
5 KB 10ms
10ms Script
application/x-javascript 2a02:26f0:eb:3ab::3adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:eb:3ab::3adf , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 04:52:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Dec 2018 23:03:30 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=47981
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4571

GET
H2 200 hotjar-531874.js Show response
static.hotjar.com/c/ 2 KB
2 KB 18ms
17ms Script
application/javascript 147.75.83.23
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-531874.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.83.23 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-21

Software

openresty /

Resource Hash

461c982d2ba47cfef27b77b3398da448624ad007e848cf070a401b8b2b025b3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 53
status: 200
section-io-cache: Hit
vary: Accept-Encoding
content-length: 1134
x-cache-hit: 1
server: openresty
x-frame-options: SAMEORIGIN
etag: W/fd53ff231d17fdd575d7048acd559c00
access-control-max-age: 600
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.068
accept-ranges: bytes
section-io-id: ad7fa7ab362297c70952a0805603fdb9

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 22ms
21ms Script
application/javascript 104.244.46.144
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.46.144 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
content-encoding: gzip
age: 17549
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-tw-lon2-cr1-1-TWLON2
last-modified: Tue, 23 Jan 2018 19:05:33 GMT
x-timer: S1551847972.991845,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 bat.js Show response
bat.bing.com/ 22 KB
22 KB 33ms
32ms Script
application/javascript 13.107.21.200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.107.21.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: 9e03d610493a32cfa7a9750ac0c194f807c46926270e565fc8b41ee71053a52d

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:51 GMT
last-modified: Fri, 04 Jan 2019 00:35:47 GMT
x-msedge-ref: Ref A: DE42DAFCB2E54C96B55BC312CC9F9C99 Ref B: FRAEDGE0714 Ref C: 2019-03-06T04:52:52Z
access-control-allow-origin: *
etag: "80b3316fc5a3d41:0"
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 22437

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 52 KB
15 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

6bb981959d783d83df88b9aa48738948c9a8a22c1a31b8cb5305d3e338ebf9a7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 15216
x-xss-protection: 0
pragma: public
x-fb-debug: 6JkUZgHkMB/sfzxG4++LG9AdNlftT+lYsy0KYltwtdI+UNkTBOwMQEGgSaDEqVx4o1O6bhxzpES/eZDfJzxPuw==
date: Wed, 06 Mar 2019 04:52:51 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 4518541.js Show response
js.hs-scripts.com/ 1 KB
969 B 41ms
11ms Script
application/javascript 2606:4700::6811:d3cc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/4518541.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f20887a2df6133856b8d22967cba7aff3a17099536ef185b5db164316c7cdb9

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-polished: origSize=1636
status: 200
access-control-max-age: 3600
cf-bgj: minify
server: cloudflare
x-trace: 2B9C21DC80023AEF3BD6CF6D4EA512CD42224C5564000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 4b31b9012cd0beee-FRA
expires: Wed, 06 Mar 2019 04:53:52 GMT

GET
H2 200 qevents.js Show response
a.quora.com/ 17 KB
6 KB 49ms
7ms Script
text/plain 151.101.1.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f37d74095d27ff0f96a5db6eb5136c477109a18e09d9dc6b94bd9cb5f45fba2

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: YCV7VuLi1FWNdCoW3lEJrFWrz1GWe8vX
content-encoding: gzip
age: 5658
x-cache: HIT
status: 200
date: Wed, 06 Mar 2019 04:52:52 GMT
content-length: 5544
x-amz-id-2: B39JIW/GWrnRUySHwWhlWu4ZOkpHhpCDkL1+19pk7UCj6cz8dY6TM/c4yfHDqi5FZjltKzXsbZM=
x-served-by: cache-hhn1523-HHN
last-modified: Thu, 17 May 2018 01:54:45 GMT
server: AmazonS3
x-timer: S1551847972.032751,VS0,VE0
etag: "ff1694b5052cad982a64fab43387cf6d"
vary: Accept-Encoding
x-amz-request-id: 7757EB3811C7F1B0
via: 1.1 varnish
cache-control: max-age=7200
accept-ranges: bytes
content-type: text/plain; charset=us-ascii
x-cache-hits: 1248

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 26 KB
12 KB 139ms
30ms Script
application/javascript 34.246.247.78
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?62
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.247.78 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-247-78.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3aedaddba6f8d8620ca4df0ce07c6ec688675d124d82d6a3f6da0a618c9932c3

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 04:52:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Mar 2019 07:16:27 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=8614
Connection: keep-alive
Content-Length: 11841
Expires: Wed, 06 Mar 2019 07:16:27 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 14 KB
5 KB 54ms
7ms Script
application/javascript 151.101.1.140
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: snooserv /
Resource Hash: 1772bb9221cb908badb4c99fa3eab2f23b638e14f72125673fe8394681bf4d32

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
content-encoding: gzip
age: 53
x-cache: HIT, HIT
status: 200
content-length: 4675
x-served-by: cache-iad2147-IAD, cache-hhn1541-HHN
last-modified: Mon, 03 Dec 2018 19:24:34 GMT
server: snooserv
x-timer: S1551847972.039148,VS0,VE0
etag: "0400a4e760024d10344d1d0fd0c81ebf"
vary: Accept-Encoding,Origin
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=60
accept-ranges: bytes
x-cache-hits: 1, 3

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=16198136&ns__t=1551847971981&ns_c=UTF-8&c8=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%...
https://sb.scorecardresearch.com/b2?c1=2&c2=16198136&ns__t=1551847971981&ns_c=UTF-8&c8=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT...

0
248 B

10ms
8ms

Image
text/plain

172.227.124.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=16198136&ns__t=1551847971981&ns_c=UTF-8&c8=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&c7=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&c9=
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.227.124.249 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a172-227-124-249.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:52 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=16198136&ns__t=1551847971981&ns_c=UTF-8&c8=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&c7=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&c9=
Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:51 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 arrow--red.svg
cdn.technologyreview.com/_/img/ 313 B
351 B 10ms
9ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/arrow--red.svg
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3145e9b70309578810dd484cbb2f225f87ce90ec15ada2ae3388d9723a20142

Request headers

:path: /_/img/arrow--red.svg
pragma: no-cache
cookie: __cfduid=d96ddc943a01d4ea9b047ab8a36d50fd21551847971; _gcl_au=1.1.1165927455.1551847972
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4b31b9012c46c279-FRA
date: Wed, 06 Mar 2019 04:52:52 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Thu, 14 Feb 2019 15:26:54 GMT
server: cloudflare
etag: W/"36a7819f58d51035686ec4dac851ff7b6c0a32c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 arrow.svg
cdn.technologyreview.com/_/img/ 298 B
343 B 9ms
8ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/arrow.svg
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: da0ec95c7f4beb658ce61a4e6db2d57cbfaf0bcfdbd2bf508506ced773eca16f

Request headers

:path: /_/img/arrow.svg
pragma: no-cache
cookie: __cfduid=d96ddc943a01d4ea9b047ab8a36d50fd21551847971; _gcl_au=1.1.1165927455.1551847972
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4b31b9012c4fc279-FRA
date: Wed, 06 Mar 2019 04:52:52 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Tue, 19 Feb 2019 21:58:52 GMT
server: cloudflare
etag: W/"277a4f1bf37a0256088098400ff79881ed5903e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 x-small--white.svg
cdn.technologyreview.com/_/img/ 617 B
604 B 9ms
9ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/x-small--white.svg
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09a5596268b9389da432f3eced3319e6ec40220e613cdd742517713e431cb40b

Request headers

:path: /_/img/x-small--white.svg
pragma: no-cache
cookie: __cfduid=d96ddc943a01d4ea9b047ab8a36d50fd21551847971; _gcl_au=1.1.1165927455.1551847972
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4b31b9012c53c279-FRA
date: Wed, 06 Mar 2019 04:52:52 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Fri, 08 Feb 2019 18:41:04 GMT
server: cloudflare
etag: W/"78c959d70a02b530cd095d8d957a773343ee79fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 3045c9cb-513f-4fa0-b110-58ef9d14b329 Show response
forms.hsforms.com/embed/v3/form/4518541/ 3 KB
1 KB 118ms
118ms Script
application/javascript 2606:4700::6810:5505
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/4518541/3045c9cb-513f-4fa0-b110-58ef9d14b329?callback=hs_reqwest_1&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf34166df4f4be0d927a3f6ddec9ef46576671f934bc7ace74babd06b8f727c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=no-rfd.txt
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 962
server: cloudflare
x-trace: 2B9D7F0624B0B87D18A52AB97FF0800FA7E4049C8F000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 4b31b9018d1997b0-FRA

GET
H2 200 social-icon--twitter.svg
cdn.technologyreview.com/_/img/ 932 B
647 B 10ms
8ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/social-icon--twitter.svg
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b66eeb4d09255e5f5bfa2fb7f191a342a7c072a6426107fde848b065ba0a9e1

Request headers

:path: /_/img/social-icon--twitter.svg
pragma: no-cache
cookie: __cfduid=d96ddc943a01d4ea9b047ab8a36d50fd21551847971; _gcl_au=1.1.1165927455.1551847972
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4b31b901ad67c279-FRA
date: Wed, 06 Mar 2019 04:52:52 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 20 Feb 2019 21:00:09 GMT
server: cloudflare
etag: W/"bc6339cafb6314cb8e70a70a5ec9ba9a3fa4ff72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 social-icon--facebook.svg
cdn.technologyreview.com/_/img/ 612 B
616 B 12ms
10ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/social-icon--facebook.svg
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f77743f6848ac60f92e05cd59b29fda0e596f579343647f8930254ef996b455

Request headers

:path: /_/img/social-icon--facebook.svg
pragma: no-cache
cookie: __cfduid=d96ddc943a01d4ea9b047ab8a36d50fd21551847971; _gcl_au=1.1.1165927455.1551847972
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4b31b901ad68c279-FRA
date: Wed, 06 Mar 2019 04:52:52 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 06 Feb 2019 16:52:42 GMT
server: cloudflare
etag: W/"9c217868e751a6fde6084b1004a224143b4e396c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 social-icon--rss.svg
cdn.technologyreview.com/_/img/ 826 B
642 B 10ms
9ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/social-icon--rss.svg
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa406a3b680dad647af5fa7aa717580bb12e1b13d6efb7e23f344c751f03cfb3

Request headers

:path: /_/img/social-icon--rss.svg
pragma: no-cache
cookie: __cfduid=d96ddc943a01d4ea9b047ab8a36d50fd21551847971; _gcl_au=1.1.1165927455.1551847972
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4b31b901ad69c279-FRA
date: Wed, 06 Mar 2019 04:52:52 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Fri, 08 Feb 2019 18:41:04 GMT
server: cloudflare
etag: W/"88af12e69f55edde5bfb143dd6766b8f9ba4b7fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 tr-glyph-v2--white.svg
cdn.technologyreview.com/_/img/ 323 B
358 B 9ms
8ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/tr-glyph-v2--white.svg
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b2630fa237b81931335c873da5f889928686854892edb91f1ad9476b955869b

Request headers

:path: /_/img/tr-glyph-v2--white.svg
pragma: no-cache
cookie: __cfduid=d96ddc943a01d4ea9b047ab8a36d50fd21551847971; _gcl_au=1.1.1165927455.1551847972
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4b31b901ad6ac279-FRA
date: Wed, 06 Mar 2019 04:52:52 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Tue, 19 Feb 2019 21:58:52 GMT
server: cloudflare
etag: W/"a7c8206c09373479787a7e827b0ac96372bb228f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 plus--white.svg
cdn.technologyreview.com/_/img/ 571 B
490 B 9ms
9ms Image
image/svg+xml 2606:4700:10::6814:1cee
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.technologyreview.com/_/img/plus--white.svg
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1cee , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 760142cff640e00f8d7cb46efde7e54920be358cc2c095107b006d86c9294110

Request headers

:path: /_/img/plus--white.svg
pragma: no-cache
cookie: __cfduid=d96ddc943a01d4ea9b047ab8a36d50fd21551847971; _gcl_au=1.1.1165927455.1551847972
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.technologyreview.com
referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
:scheme: https
:method: GET
Referer: https://cdn.technologyreview.com/_/dist/css/article.css?v=6aaa9416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4b31b901ad6bc279-FRA
date: Wed, 06 Mar 2019 04:52:52 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 20 Feb 2019 21:00:09 GMT
server: cloudflare
etag: W/"a19302249d5af960725c98bb4fb3f31eb56202c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
content-type: image/svg+xml
status: 200
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: max-age=604800, must-revalidate, public
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 302431540264875 Show response
connect.facebook.net/signals/config/ 186 KB
45 KB 40ms
39ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/302431540264875?v=2.8.42&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

696f31b56da5b1713ffb8b3bbbf7b56a7cec56a34a156ee93e9b59ccf516ca30

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: QkfHJauPGBYuIXNbBUddiYNl1XCEN3cDXnm+3wMHsEjw81SrO0yWrlAr78AY5zV/hNxgFdlk4xRDZoR5LKHTjg==
date: Wed, 06 Mar 2019 04:52:52 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules-5651782fb3fd45882ee662339d069560.js Show response
script.hotjar.com/ 413 KB
85 KB 17ms
17ms Script
application/javascript 147.75.83.1
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules-5651782fb3fd45882ee662339d069560.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-531874.js?sv=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.83.1 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-23

Software

Resource Hash

86c348b979eef41889c5be5344d1da6f38589b8d48f910c0b68b262b6a42b4f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Mar 2019 14:06:15 GMT
access-control-allow-origin: *
etag: W/"5651782fb3fd45882ee662339d069560"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.025
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: 5906d0ac585fa9a0012bae2375b7bf7b
content-length: 86409

GET
H2 204 0
bat.bing.com/action/ 0
148 B 33ms
33ms Image
text/plain 13.107.21.200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=16002556&Ver=2&mid=d54c7057-5c99-628f-d2b9-edce7384dd12&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware,%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&p=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&r=&evt=pageLoad&msclkid=N&rn=879638
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.107.21.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Wed, 06 Mar 2019 04:52:51 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 3F859C602E404C978F2358E73313F4C5 Ref B: FRAEDGE0714 Ref C: 2019-03-06T04:52:52Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/584156a671384c9eabef3ba21775e0d4/ 43 B
312 B 463ms
111ms Image
image/gif 52.86.72.168
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://q.quora.com/_/ad/584156a671384c9eabef3ba21775e0d4/pixel?j=1&u=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&tag=ViewContent&ts=1551847972138
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.72.168 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-86-72-168.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 04:52:52 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 optanon.css
cdn.cookielaw.org/skins/4.1.0/default_flat_top_two_button_black/v2/css/ 23 KB
6 KB 12ms
12ms Stylesheet
text/css 152.195.132.202
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/skins/4.1.0/default_flat_top_two_button_black/v2/css/optanon.css
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/a321aa9c-3063-4225-abb6-0285fd5607e6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.202 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8EA7) /
Resource Hash: eb5f76f7e8c61f6689a73775efaa8b3e58255d2c147e583e363e181e0d0babf9

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 06 Mar 2019 04:52:52 GMT
content-encoding: gzip
content-md5: DlJr9D+wR5jeVV1TK/p8pA==
x-cache: HIT
status: 200
content-length: 5542
x-ms-lease-status: unlocked
last-modified: Wed, 13 Feb 2019 02:46:12 GMT
server: ECAcc (frc/8EA7)
etag: 0x8D6915D6A9BC543
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: cdfa5359-001e-0056-3647-ce3096000000
cache-control: public, max-age=2592000
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Wed, 06 Mar 2019 08:52:52 GMT

GET
H/1.1 200
OK EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
195 B 192ms
32ms Script
application/json 13.74.252.44
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery33108835986218831422_1551847972239&_=1551847972240
Requested by: Host: cdn.technologyreview.com
URL: https://cdn.technologyreview.com/_/dist/js/article.js?v=6aaa9416
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.74.252.44 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 04:52:51 GMT
Content-Length: 32
X-Application-Context: application:8080
Content-Type: application/json;charset=UTF-8

GET
H2

200

/ Show response
px.ads.linkedin.com/collect/
Redirect Chain

https://px.ads.linkedin.com/collect/?time=1551847972255&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&fmt=js&s=1
https://px.ads.linkedin.com/collect/?time=1551847972255&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&fmt=js&s=1&cookies...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1551847972255%26pid%3D8617%26url%3Dhttps%253A%252F%252Fwww.technologyreview.com%252Fs%252F613054...
https://px.ads.linkedin.com/collect/?time=1551847972255&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&fmt=js&s=1&cookies...

0
69 B

160ms
156ms

Script
application/javascript

2620:109:c007:102::5be1:f885
LINKEDIN-1

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/collect/?time=1551847972255&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&fmt=js&s=1&cookiesTest=true&liSync=true
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:109:c007:102::5be1:f885 , United States, ASN197612 (LINKEDIN-1, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
content-encoding: gzip
server: Play
vary: Accept-Encoding
x-li-fabric: prod-ltx1
status: 200
x-li-proto: http/2
x-li-pop: PROD-IDB2
content-type: application/javascript
content-length: 20
x-li-uuid: Os11W4JFiRXAF8E96SoAAA==

Redirect headers

date: Wed, 06 Mar 2019 04:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 302
x-li-pop: prod-edc2
content-length: 20
x-li-uuid: o38hVYJFiRXAqQogvSoAAA==
pragma: no-cache
server: Play
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect/?time=1551847972255&pid=8617&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&fmt=js&s=1&cookiesTest=true&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 _ate.track.config_resp Show response
m.addthisedge.com/live/boost/ra-4df12eda07a410ab/ 166 B
385 B 75ms
50ms Script
application/javascript 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthisedge.com/live/boost/ra-4df12eda07a410ab/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.210.248.44 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.8.v20180619) /
Resource Hash: 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
surrogate-key: ra-4df12eda07a410ab
server: Jetty(9.4.8.v20180619)
etag: 659743217
cache-tag: ra-4df12eda07a410ab
status: 200
cache-control: public, max-age=50, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-type: application/javascript;charset=utf-8
content-length: 166

GET
H/1.1 200
OK rp.gif
alb.reddit.com/ 35 B
316 B 433ms
101ms Image
image/gif 34.231.31.77
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1551847972275&id=t2_25alwh0c&event=PageVisit&s=uetVoDYsUvOGZlHvIqWh2aWm39i3slbUqrNWuAtgW34%3D
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.31.77 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-231-31-77.compute-1.amazonaws.com
Software: /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 04:52:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 370 KB
60 KB 68ms
15ms Script
application/javascript 2606:4700::6811:e7cc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4518541.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e7cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f84bfcca75090eaefd67ecf0eda845cdf5edbc85954991546d97d229eab5431f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Origin: https://www.technologyreview.com

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
via: 1.1 4b0f0fc4315eea23426f6074a7254a8d.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 Mar 2019 02:14:25 GMT
server: cloudflare
etag: W/"413c07a8d206ef8cbdcab882bfed3f67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: nLiz.z9JzJatlVNqByJUjwBXqlmY7.NL
access-control-allow-origin: *
cache-control: max-age=600
cf-ray: 4b31b90318f6bee9-FRA
x-amz-cf-id: nqjT_GSG7hTSF1HxzzAEXc0fjxUxiDwKFjzdi74rc1MLvcfDRcjFLg==

GET
H2 200 4518541.js Show response
js.hs-analytics.net/analytics/1551847800000/ 77 KB
26 KB 55ms
11ms Script
text/javascript 2606:4700::6811:45b0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1551847800000/4518541.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4518541.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a71df67e5bb88eecfc942a174c396668b92a66174f53483a12c684489214d313

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: B0FBE9EAB5F784D5
status: 200
content-type: text/javascript
content-length: 26088
x-amz-id-2: sjVxe5ODRkDlwu79b5JOgLdPP9L6qtFGGOTbRk7Rk8y2L5EBS9x0+E0JTV0J9o1YTzKPwUXgCVM=
last-modified: Tue, 05 Mar 2019 17:37:35 GMT
server: cloudflare
etag: W/"4174823ad4c5fb091eee9647fee555e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 4b31b9030ae464db-FRA
expires: Wed, 06 Mar 2019 04:57:31 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 4 KB
2 KB 68ms
13ms Script
application/javascript 2606:4700::6811:70b0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4518541.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:70b0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83f0568d44d6151864a2921696af9d5460c47e955dbc79c1df5be58097b317ef

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
via: 1.1 a97d638d4e395a6f27b927572cf3bfda.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: gzip
x-amz-version-id: r..JH0ehXuvcXwce9WramFZgEXYgVmJB
last-modified: Fri, 01 Mar 2019 01:16:27 GMT
server: cloudflare
etag: W/"6ac55f60220e99f26ae7ebdc1d99c061"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=600
cf-ray: 4b31b9031fa3978c-FRA
x-amz-cf-id: oq-dyPFem5ddMSthKIX3ZHEEdvkzV_SBeMYTen4WktH_puyFZgqwPg==

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 6 KB
3 KB 90ms
8ms Script
application/x-javascript 143.204.98.108
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.108 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-108.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 725913eab3460e2955a8ac4ec176f902c7d8d2db60757248b735cbf8698b0749

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Tue, 05 Mar 2019 22:20:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Mar 2014 00:45:07 GMT
Server: nginx
Age: 27132
ETag: W/"53191693-19c1"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
Cache-Control: max-age=86400, public
Connection: keep-alive
X-Amz-Cf-Id: 2ZcP_1mn8UGE3_FpZ249prlyR4FZj8w3mYcmGM4DwLt699d-vmadHQ==
Expires: Tue, 05 Mar 2019 21:20:37 GMT

GET
H2 200 reach.js Show response
d8rk54i4mohrb.cloudfront.net/js/ 17 KB
17 KB 88ms
7ms Script
application/javascript 2600:9000:200c:dc00:1f:573d:79c0:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d8rk54i4mohrb.cloudfront.net/js/reach.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:dc00:1f:573d:79c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f98dea37ab9e551aa88a5a52deb87fbf7f9cb6f26c58c21ab50171dbeb9a54aa

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: tkurHF098mFA_klgcE02BOdGcfmR7y5.
via: 1.1 0316586b8fd7e325258707448d98d7cd.cloudfront.net (CloudFront)
last-modified: Thu, 21 Feb 2019 14:48:45 GMT
server: AmazonS3
age: 4771
etag: "9f38200a4b57cb0666d75ec8ae3a36e9"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: no-cache
date: Wed, 06 Mar 2019 04:14:53 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 17021
x-amz-cf-id: xzwC9EEKzYJ5SfVe1gkcWOBrlaEy-yRgzWRvpYBEtSAGT057c2aCyA==

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 12 KB
6 KB 16ms
14ms Script
application/x-javascript 18.184.103.21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.103.21 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-184-103-21.eu-central-1.compute.amazonaws.com
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 04:52:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06-Mar-2019 04:52:52 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Wed, 13 Mar 2019 04:52:52 GMT

GET
H/1.1 200
OK goal.min.js Show response
s3.amazonaws.com/downloads.mailchimp.com/js/ 3 KB
3 KB 407ms
102ms Script
application/javascript 54.231.114.76
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/goal.min.js
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.114.76 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 95988cd724c335017a45083d6113304f8ff09502a3aa961b804f8ae03f4c3ada

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 04:52:53 GMT
Last-Modified: Mon, 20 Aug 2018 17:42:37 GMT
Server: AmazonS3
x-amz-request-id: A334F21BC4EEDE81
ETag: "db78cc3fefd4dc191250a00cf7b530a3"
Content-Type: application/javascript
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
Content-Length: 2699
x-amz-id-2: LkbQLxmsWX1G13Qu72+Qx0tNO38ccNSebDUOMs8lTlfkFFd5LJhp8O1IZF9LpZfHYYp9yfMbuRk=

GET
H2 200 adsct
t.co/i/ 43 B
166 B 145ms
135ms Image
image/gif 104.244.42.69
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nuwy6&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 118
pragma: no-cache
last-modified: Wed, 06 Mar 2019 04:52:52 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 06da4c6eeb99db47ad3d5d6ef66f7892
x-transaction: 00d7a53f007ca60e
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 box-d831eecf6f5411af024c3acd759add17.html
vars.hotjar.com/ Frame DE53 0
0 47ms
13ms Document
text/html 147.75.32.173
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-d831eecf6f5411af024c3acd759add17.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-531874.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.32.173 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-27
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-d831eecf6f5411af024c3acd759add17.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Response headers

status: 200
date: Wed, 06 Mar 2019 04:52:52 GMT
content-type: text/html
content-length: 894
cache-control: max-age=31536000
last-modified: Thu, 28 Feb 2019 08:18:16 GMT
section-io-origin-status: 200
section-io-origin-time-seconds: 0.024
etag: W/"d831eecf6f5411af024c3acd759add17"
content-encoding: gzip
vary: Accept-Encoding
accept-ranges: bytes
section-io-id: 6a3c3cbd21f8aedb4feec3400fe2d313

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 793 B
1 KB 31ms
29ms Script
application/javascript 34.246.247.78
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=67059&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&pv=1551847972403_jphw4qj48&bl=en-us&cb=7211925&return=&ht=&d=&dc=&si=1551847972403_jphw4qj48&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?62
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.247.78 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-247-78.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0d590631ab8c205091758f76c4e11b9cd148a1369cae022d452fdae9eac859fd

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:51 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 484
Expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
246 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=302431540264875&ev=PageView&dl=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&rl=&if=false&ts=1551847972438&sw=1600&sh=1200&v=2.8.42&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1551847972437.1748428763&it=1551847972127&coo=false&rqm=GET
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 06 Mar 2019 04:52:52 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
199 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=302431540264875&ev=ViewContent&dl=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&rl=&if=false&ts=1551847972439&cd[content_ids]=%5B%22613054%22%5D&cd[content_category]=Connectivity&sw=1600&sh=1200&v=2.8.42&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1551847972437.1748428763&it=1551847972127&coo=false&rqm=GET
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 06 Mar 2019 04:52:52 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 33 KB
11 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.technologyreview.com
URL: https://cdn.technologyreview.com/_/dist/js/default.js?v=6aaa9416

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

421840becbef391137ba485c9073f7086af18e012a5c230c05a2da4a6995fd2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "98 / 298 of 1000 / last-modified: 1551813415"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 10880
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2019 04:52:52 GMT

GET
H2 200 rules-p-ffE9vWW7lzZG-.js Show response
rules.quantcount.com/ 3 B
338 B 217ms
216ms Script
application/x-javascript 2600:9000:200c:4e00:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-ffE9vWW7lzZG-.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:4e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 05 Mar 2019 06:25:11 GMT
via: 1.1 c14a347f6edf184d204306cb833d0732.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 21:08:19 GMT
server: AmazonS3
age: 81343
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3
x-amz-cf-id: uLHm4FFwBuwLwm-1sBKuAhAASoW28Ipg6uhYGti-qCinPyiezNklnw==

GET
H2 200 container.html
d8rk54i4mohrb.cloudfront.net/ Frame BB3A 0
0 10ms
7ms Document
text/html 2600:9000:200c:dc00:1f:573d:79c0:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d8rk54i4mohrb.cloudfront.net/container.html?pid=5579ded9736b79d48fc40100&title=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&date=2019-03-05&authors=Martin%20Giles&channels=Connectivity&url=www.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&ignore_errors=false&tags=undefined&referrer=&ref_url=&page_url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&cb=SPR.API.callbacks.cbhzvzjfsjpt&v=2.18.1&cache_buster=1551847972497
Requested by: Host: d8rk54i4mohrb.cloudfront.net
URL: https://d8rk54i4mohrb.cloudfront.net/js/reach.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:dc00:1f:573d:79c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: d8rk54i4mohrb.cloudfront.net
:scheme: https
:path: /container.html?pid=5579ded9736b79d48fc40100&title=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&date=2019-03-05&authors=Martin%20Giles&channels=Connectivity&url=www.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&ignore_errors=false&tags=undefined&referrer=&ref_url=&page_url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&cb=SPR.API.callbacks.cbhzvzjfsjpt&v=2.18.1&cache_buster=1551847972497
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 6523
x-amz-replication-status: COMPLETED
last-modified: Thu, 21 Feb 2019 14:47:06 GMT
x-amz-version-id: ank6M.l62HM7fNTOO3AD_jV02H6I2QCu
accept-ranges: bytes
server: AmazonS3
date: Wed, 06 Mar 2019 04:22:21 GMT
etag: "493134efac4be5677b6b6b332c29a34d"
cache-control: no-cache
age: 2520
x-cache: Hit from cloudfront
via: 1.1 0316586b8fd7e325258707448d98d7cd.cloudfront.net (CloudFront)
x-amz-cf-id: aMUXXMzdx9Er_Z26tnYGu9TtzqvOTVMicL6DFbUe6KR-dPEovqAu3A==

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://tags.bluekai.com/site/20486?limit=0&id=5978151463181312287&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151463181312287%26eid=50056
https://ml314.com/csync.ashx?fp=$_BK_UUID&person_id=5978151463181312287&eid=50056

43 B
312 B

42ms
28ms

Image
image/gif

54.171.224.12
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=$_BK_UUID&person_id=5978151463181312287&eid=50056
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.224.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-171-224-12.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 04:52:52 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 06 Mar 2019 23:52:52 GMT

Redirect headers

Location: https://ml314.com/csync.ashx?fp=$_BK_UUID&person_id=5978151463181312287&eid=50056
Date: Wed, 06 Mar 2019 04:52:52 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 4369
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=5978151463181312287
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTNTk3ODE1MTQ2MzE4MTMxMjI4NxAAGg0IpKT94wUSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=9fbe9e9688353914a7f8dc47f2fa7ba7a6816bd6e48485a6bb93d9460282a4a0f4cb09cee1a4f8eb&person_id=5978151463181312287&eid=50082

43 B
312 B

28ms
28ms

Image
image/gif

54.171.224.12
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=9fbe9e9688353914a7f8dc47f2fa7ba7a6816bd6e48485a6bb93d9460282a4a0f4cb09cee1a4f8eb&person_id=5978151463181312287&eid=50082
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.224.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-171-224-12.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 04:52:52 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 06 Mar 2019 23:52:53 GMT

Redirect headers

status: 307
date: Wed, 06 Mar 2019 04:52:52 GMT
cache-control: no-cache, no-store
timing-allow-origin: *
content-length: 0
location: https://ml314.com/csync.ashx?fp=9fbe9e9688353914a7f8dc47f2fa7ba7a6816bd6e48485a6bb93d9460282a4a0f4cb09cee1a4f8eb&person_id=5978151463181312287&eid=50082
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151463181312287%26eid=50220
https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151463181312287%26eid=50220&mm_bnc&mm_bct
https://ml314.com/csync.ashx?fp=2fe35c7f-46a8-4400-ad36-1fc74aa18a10&person_id=5978151463181312287&eid=50220

43 B
312 B

47ms
28ms

Image
image/gif

34.246.247.78
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=2fe35c7f-46a8-4400-ad36-1fc74aa18a10&person_id=5978151463181312287&eid=50220
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.247.78 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-247-78.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 04:52:51 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 06 Mar 2019 23:52:52 GMT

Redirect headers

Date: Wed, 06 Mar 2019 04:52:52 GMT
Server: MT3 1.31.3.8 02e8715 HEAD zrh-pixel-x21
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://ml314.com/csync.ashx?fp=2fe35c7f-46a8-4400-ad36-1fc74aa18a10&person_id=5978151463181312287&eid=50220
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Wed, 06 Mar 2019 04:52:51 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151463181312287
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151463181312287
https://ml314.com/csync.ashx?fp=edfe67896c97328a62f6d072f57cca09&eid=50146&person_id=5978151463181312287

43 B
312 B

59ms
28ms

Image
image/gif

34.246.247.78
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=edfe67896c97328a62f6d072f57cca09&eid=50146&person_id=5978151463181312287
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.247.78 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-247-78.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 04:52:52 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 06 Mar 2019 23:52:52 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:52 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: https://ml314.com/csync.ashx?fp=edfe67896c97328a62f6d072f57cca09&eid=50146&person_id=5978151463181312287
Cache-Control: no-cache
X-Server: 10.26.30.23
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2MLcDrafjEYnl8BiXaLwtzR3UkwS2Oet53Hku7z_-eXM&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil
https://ml314.com/csync.ashx?fp=2MLcDrafjEYnl8BiXaLwtzR3UkwS2Oet53Hku7z_-eXM&person_id=5978151463181312287&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil

70 B
171 B

9ms
8ms

Image
image/gif

3.120.224.89
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.120.224.89 Fairfield, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-120-224-89.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 04:52:52 GMT
Content-Length: 70
Content-Type: image/gif

Redirect headers

Date: Wed, 06 Mar 2019 04:52:52 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Cache-Control: private
Connection: keep-alive
Content-Length: 168
Expires: Wed, 06 Mar 2019 23:52:52 GMT

GET
H/1.1 200
OK technologyreview.com Show response
srv-2019-03-06-04.config.parsely.com/config/ 386 B
804 B 410ms
97ms Script
text/javascript 34.199.66.245
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://srv-2019-03-06-04.config.parsely.com/config/technologyreview.com
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.66.245 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-199-66-245.compute-1.amazonaws.com
Software: / Express
Resource Hash: 9b15f68d7cbe8c3162c49533bc8cb23ede662c5901a81419c8f9e62d07ea1952

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 04:52:52 GMT
Cache-Control: private, no-cache
Connection: keep-alive
X-Powered-By: Express
ETag: W/"182-6uQBKlHhSj2qY6zZImItfw"
Content-Length: 386
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK n Show response
edge.simplereach.com/ 375 B
967 B 470ms
120ms Script
application/javascript 2406:da00:ff00::36f3:4889
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.simplereach.com/n?pid=5579ded9736b79d48fc40100&title=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&date=2019-03-05&authors=Martin%20Giles&channels=Connectivity&url=www.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&ignore_errors=false&tags=undefined&referrer=&ref_url=&page_url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&cb=SPR.API.callbacks.cbhzvzjfsjpt&v=2.18.1
Requested by: Host: d8rk54i4mohrb.cloudfront.net
URL: https://d8rk54i4mohrb.cloudfront.net/js/reach.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da00:ff00::36f3:4889 , United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: 128830c65ff392a5b0c16f553fda19742d0a4d878737f3f0df88bb6d37d4953a

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 04:52:53 GMT
Server: nginx/1.8.0
Connection: keep-alive
Content-Length: 375
Content-Type: application/javascript

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.technologyreview.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.technologyreview.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl_313.js Show response
securepubads.g.doubleclick.net/gpt/ 175 KB
61 KB 103ms
48ms Script
text/javascript 172.217.21.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_313.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra07s32-in-f98.1e100.net

Software

sffe /

Resource Hash

92ca91e1a7a8e3f20a6cfbe487b20ec716258b98c3ab727c360513664341056d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Feb 2019 23:59:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 61934
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2019 04:52:52 GMT

GET
H/1.1 200
OK pixel;r=1482824767;labels=undefined;rf=0;a=p-ffE9vWW7lzZG-;url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F;fpan=1;fpa=P0-421949562-...
pixel.quantserve.com/ 35 B
479 B 8ms
8ms Image
image/gif 3.120.80.142
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=1482824767;labels=undefined;rf=0;a=p-ffE9vWW7lzZG-;url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F;fpan=1;fpa=P0-421949562-1551847972711;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1551847972710;tzo=0;ogl=url.https%3A%2F%2Fwww%252Etechnologyreview%252Ecom%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-%2Ctitle.Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%252C%20and%20it%E2%80%99s%20spreading%2Ctype.article%2Cupdated_time.2019-03-05T15%3A40%3A18-05%3A00%2Cimage.https%3A%2F%2Fcdn%252Etechnologyreview%252Ecom%2Fi%2Fimages%2Fmitheaderfinalv4%252Ejpg%3Fcx%3D0%26cy%3D109%26cw%3D27%2Cimage%3Aurl.https%3A%2F%2Fcdn%252Etechnologyreview%252Ecom%2Fi%2Fimages%2Fmitheaderfinalv4%252Ejpg%3Fcx%3D0%26cy%3D109%26cw%3D27%2Cimage%3Atype.image%2Fjpeg%2Cimage%3Awidth.2760%2Cimage%3Aheight.1700%2Cdescription.The%20rogue%20code%20can%20disable%20safety%20systems%20designed%20to%20prevent%20catastrophic%20indus%2Csite_name.MIT%20Technology%20Review
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.80.142 Fairfield, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-120-80-142.eu-central-1.compute.amazonaws.com
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:52 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
10 KB 57ms
55ms XHR
text/javascript 172.217.21.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=196867348655372&correlator=506829374188122&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=21062854%2C21062916%2C21063065%2C21063158&vrg=313&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F3293%2F__site%2F__leaderboard&sz=728x90%7C970x90&cust_params=UrlHost%3Dwww.technologyreview.com%26UrlPath%3D%252Fs%252F613054%252Fcybersecurity-critical-infrastructure-triton-malware%26UrlQuery%3D%26page_id%3Dtr_www_613054%26channel%3Dmobile%26topic%3Dconnectivity&cookie_enabled=1&bc=15&abxe=1&lmt=1551847972&dt=1551847972874&dlt=1551847971737&idt=1115&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=150&adk=1283925206&uci=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&dssz=59&icsg=44040192&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x13908&msz=1585x130&blev=1&bisch=1&ga_vid=253000452.1551847973&ga_sid=1551847973&ga_hid=1783592693&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_313.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra07s32-in-f98.1e100.net

Software

cafe /

Resource Hash

5b3b6bc42f3687fadfb4d5650db873ab7d8bd0426a707adbbed0677dc7974dee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Origin: https://www.technologyreview.com

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 9568
x-xss-protection: 1; mode=block
google-lineitem-id: 4874968969
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138252181934
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_313.js Show response
securepubads.g.doubleclick.net/gpt/ 67 KB
25 KB 49ms
48ms Script
text/javascript 172.217.21.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_313.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra07s32-in-f98.1e100.net

Software

sffe /

Resource Hash

36e37aa427c03ec10d908586e67951e999a31e5f9629ced1b79a7d8f10b40aad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Feb 2019 23:59:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 25399
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2019 04:52:52 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ 0
0 20ms
6ms Other
text/html 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_313.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
9 KB 63ms
63ms XHR
text/javascript 172.217.21.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=196867348655372&correlator=506829374188122&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&adsid=NT&eid=21062854%2C21062916%2C21063065%2C21063158&vrg=313&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F3293%2F__site%2F__square-rectangle&sz=300x250&cust_params=UrlQuery%3D%26UrlHost%3Dwww.technologyreview.com%26UrlPath%3D%252Fs%252F613054%252Fcybersecurity-critical-infrastructure-triton-malware%26page_id%3Dtr_www_613054%26channel%3Dmobile%26topic%3Dconnectivity&cookie_enabled=1&bc=15&abxe=1&lmt=1551847972&dt=1551847972895&dlt=1551847971737&idt=1115&frm=20&biw=1585&bih=1200&oid=3&adx=1083&ady=947&adk=3758317059&uci=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&dssz=60&icsg=44040192&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1240x10882&msz=300x270&blev=1&bisch=1&ga_vid=253000452.1551847973&ga_sid=1551847973&ga_hid=1783592693&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_313.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra07s32-in-f98.1e100.net

Software

cafe /

Resource Hash

f053bfb7de47af1c94e436b6990a345fafce516316fdd1fd3316aeb0c48a0237

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Origin: https://www.technologyreview.com

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 9478
x-xss-protection: 1; mode=block
google-lineitem-id: 4652826132
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138231526294
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
10 KB 63ms
63ms XHR
text/javascript 172.217.21.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=196867348655372&correlator=506829374188122&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&adsid=NT&eid=21062854%2C21062916%2C21063065%2C21063158&vrg=313&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F3293%2F__site%2F__square-only&sz=300x250&cust_params=UrlQuery%3D%26UrlHost%3Dwww.technologyreview.com%26UrlPath%3D%252Fs%252F613054%252Fcybersecurity-critical-infrastructure-triton-malware%26page_id%3Dtr_www_613054%26channel%3Dmobile%26topic%3Dconnectivity&cookie_enabled=1&bc=15&abxe=1&lmt=1551847972&dt=1551847972903&dlt=1551847971737&idt=1115&frm=20&biw=1585&bih=1200&oid=3&adx=1083&ady=10931&adk=390207441&uci=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&dssz=60&icsg=44040192&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x300&msz=300x270&blev=1&bisch=1&ga_vid=253000452.1551847973&ga_sid=1551847973&ga_hid=1783592693&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_313.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra07s32-in-f98.1e100.net

Software

cafe /

Resource Hash

1c4131a274503ae0754d508d1a25a95bcd162804c9e9bc228703c953cc65780d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Origin: https://www.technologyreview.com

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 9590
x-xss-protection: 1; mode=block
google-lineitem-id: 4874943574
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138252144996
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
9 KB 69ms
69ms XHR
text/javascript 172.217.21.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=196867348655372&correlator=506829374188122&output=json_html&callback=googletag.impl.pubads.callbackProxy4&impl=fif&adsid=NT&eid=21062854%2C21062916%2C21063065%2C21063158&vrg=313&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F3293%2F__site%2F__fullwidth-interstitial&sz=728x90%7C970x90%7C970x250%7C1440x500&cust_params=UrlQuery%3D%26UrlHost%3Dwww.technologyreview.com%26UrlPath%3D%252Fs%252F613054%252Fcybersecurity-critical-infrastructure-triton-malware%26page_id%3Dtr_www_613054%26channel%3Dmobile%26topic%3Dconnectivity&cookie_enabled=1&bc=15&abxe=1&lmt=1551847972&dt=1551847972908&dlt=1551847971737&idt=1115&frm=20&biw=1585&bih=1200&oid=3&adx=429&ady=11291&adk=3077253026&uci=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&dssz=60&icsg=44040192&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x130&msz=1585x130&blev=1&bisch=1&ga_vid=253000452.1551847973&ga_sid=1551847973&ga_hid=1783592693&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_313.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra07s32-in-f98.1e100.net

Software

cafe /

Resource Hash

c534a001fe431345643f2e3aae5c2692ad7fe041a0568706ef559c18090ffc46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Origin: https://www.technologyreview.com

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 9524
x-xss-protection: 1; mode=block
google-lineitem-id: 4806459025
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138245252651
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 ads Show response
securepubads.g.doubleclick.net/gampad/ 0
175 B 42ms
42ms XHR
text/html 172.217.21.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=196867348655372&correlator=506829374188122&output=json_html&callback=googletag.impl.pubads.callbackProxy5&impl=fif&adsid=NT&eid=21062854%2C21062916%2C21063065%2C21063158&vrg=313&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu=%2F3293%2F__subscriber%2F__roadblock&sz=0x0&cust_params=UrlQuery%3D%26UrlHost%3Dwww.technologyreview.com%26UrlPath%3D%252Fs%252F613054%252Fcybersecurity-critical-infrastructure-triton-malware%26page_id%3Dtr_www_613054%26channel%3Dmobile%26topic%3Dconnectivity&cookie_enabled=1&bc=15&abxe=1&lmt=1551847972&dt=1551847972913&dlt=1551847971737&idt=1115&frm=20&biw=1585&bih=1200&oid=3&adx=793&ady=600&adk=1006213698&uci=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&dssz=60&icsg=44040192&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=253000452.1551847973&ga_sid=1551847973&ga_hid=1783592693&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_313.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra07s32-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Origin: https://www.technologyreview.com

Response headers

date: Wed, 06 Mar 2019 04:52:52 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 400
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ Frame AFA6 0
0 9ms
8ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL: https://www.facebook.com/tr/
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 4601
pragma: no-cache
cache-control: no-cache
origin: https://www.technologyreview.com
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
accept-encoding: gzip, deflate, br
cookie: fr=0idkqJhlM93HkCJmx..Bcf1Ik...1.0.Bcf1Ik.
Origin: https://www.technologyreview.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://www.technologyreview.com
access-control-allow-credentials: true
content-length: 0
server: proxygen-bolt
date: Wed, 06 Mar 2019 04:52:52 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20190227/r20110914/ Frame DFBE 29 KB
11 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190227/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3b84affdec89386da43a9073bbaeea810a7e767aa18fb8357e9a836a66dcdcfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 27 Feb 2019 18:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 10989
x-xss-protection: 1; mode=block
server: cafe
etag: 14172402783244772020
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2019 18:52:15 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190227/r20110914/client/ext/ Frame DFBE 2 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190227/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 27 Feb 2019 18:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2019 18:52:15 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame DFBE 80 KB
29 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

df2be5fbe86cbd752f97773621624a53a901a8440f5040c5eb67faca14f08b05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1551755418740111"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 29284
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2019 04:52:53 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/mittechnologyreviewdfp991240917930/ Frame DFBE 268 KB
83 KB 60ms
11ms Script
application/x-javascript 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/mittechnologyreviewdfp991240917930/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c971c1694ddb3db938966d60dbaa380e17948a93fb6e9879906b859d18547d41

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 04:52:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Feb 2019 16:56:15 GMT
Server: AmazonS3
x-amz-request-id: 9B3FD7FB3A78CCC4
ETag: "15234bb83d3583d3d062d389f218e887"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=23316
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 84804
x-amz-id-2: uPYYae+Any22GxriPrrrCEGg0nrwmwwJ+Zr8h/wg5kuTZU8DZUazxf5SRReqsmPgVPM6gHWKGzo=

GET
H2 200 16300077031919849314
tpc.googlesyndication.com/simgad/ Frame DFBE 33 KB
33 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16300077031919849314

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2e7e1fca7f4846f57829e36cd256a1b1a787cd9e3556f34a0394b220f9c038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 12 Feb 2019 05:36:44 GMT
x-content-type-options: nosniff
age: 1898169
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 33727
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Nov 2018 17:09:22 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2020 05:36:44 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 77 KB
27 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_313.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d3560b68e5292e2cc96ac56dfa5eef3f8f7ac1a434c7ff4b545cc662dcb7a188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1551755418740111"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 28040
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2019 04:52:53 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame DFBE 0
291 B 52ms
51ms Image
image/gif 172.217.21.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7DV9brJbJDbOVCcjecr0p5WBs1N9v5mssYtOT8wXa2-smaowKo9hyhlNEnajvAltyWmavnbx2yqbPTHyr5damuO_eJDDrC8Y6YkrUZyfDWnxTMwoWgGXXfndKmTDnMrQLzFo0O_E27YUiUSUOjFmEymmjbHnMOD0wEYbhVgE5KNngZup7zfiYZPwpeXqGHg9qS_dd1ixjHHbunkl1dssN7CxHFJ9kZDEuAToRKZGZC1hqwxWaIvaucXdqQ5p7GTeWukrpHsh9M6SmRdM&sai=AMfl-YRbjrQTf6BHX2AbX3MNTGJoHNsWEIDLDYIq1ol0QDP4DujFpU_FMdLNB_zD50HeNKKy7jL-GviQzk9MhoRup_9t39iyX3gfvOljAO0p&sig=Cg0ArKJSzGbNIyw7pPK3EAE&adurl=

Requested by

Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra07s32-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:53 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2019 04:52:53 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20190227/r20110914/ Frame DDE8 29 KB
11 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190227/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3b84affdec89386da43a9073bbaeea810a7e767aa18fb8357e9a836a66dcdcfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 27 Feb 2019 18:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 10989
x-xss-protection: 1; mode=block
server: cafe
etag: 14172402783244772020
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2019 18:52:15 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190227/r20110914/client/ext/ Frame DDE8 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190227/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 27 Feb 2019 18:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2019 18:52:15 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame DDE8 80 KB
29 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

df2be5fbe86cbd752f97773621624a53a901a8440f5040c5eb67faca14f08b05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1551755418740111"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 29284
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2019 04:52:53 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/mittechnologyreviewdfp991240917930/ Frame DDE8 268 KB
83 KB 44ms
12ms Script
application/x-javascript 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/mittechnologyreviewdfp991240917930/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c971c1694ddb3db938966d60dbaa380e17948a93fb6e9879906b859d18547d41

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 04:52:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Feb 2019 16:56:15 GMT
Server: AmazonS3
x-amz-request-id: 9B3FD7FB3A78CCC4
ETag: "15234bb83d3583d3d062d389f218e887"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=23316
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 84804
x-amz-id-2: uPYYae+Any22GxriPrrrCEGg0nrwmwwJ+Zr8h/wg5kuTZU8DZUazxf5SRReqsmPgVPM6gHWKGzo=

GET
H2 200 8043241790053843568
tpc.googlesyndication.com/simgad/ Frame DDE8 46 KB
46 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8043241790053843568

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

812919ca83bf113696dd460f078f66e4d442b7179341cf8459dd5f6270d41bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 11 Feb 2019 21:08:09 GMT
x-content-type-options: nosniff
age: 1928684
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 47226
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Apr 2018 17:16:48 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Feb 2020 21:08:09 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame DDE8 0
254 B 53ms
52ms Image
image/gif 172.217.21.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9hr-xxE_ej2fGJwTmpPRDDkh09U2ZsT7PUqYkQ_LywAMVpkkCKAppp1hNs3MQC5wxPRmYUX8a5KVRbMn-DHaiKMppPUZZgF4vp_MvsusaFNGvpd0_5UWERUlJ3jj4HnD7EmPysEBkf-Rz_Zx_EnX-LtgyY-fZZjM4xQWFYHHTEFK4KlUqSI8hbiSJZwEf-MRX7_97lyGIVdtcRRlUghVrQx55KwAHs5E2hNNpJVzzI9sU1jlO6OI-TTXJWuBVRQykEf5xrGvV7kJpu9-KcqeFzA&sai=AMfl-YRV_zv18AF14_hwZZleVsP7wChTg98vxi4Zas_LIbxfMeDsQuEhfO0Z-uJvjhgcdD5XOPhgo6Fj2MyWnuZCqK1DUf9hNVGZWAi-piwXUg&sig=Cg0ArKJSzHUZFXE_5s_HEAE&adurl=

Requested by

Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra07s32-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:53 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2019 04:52:53 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20190227/r20110914/ Frame CB74 29 KB
11 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190227/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3b84affdec89386da43a9073bbaeea810a7e767aa18fb8357e9a836a66dcdcfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 27 Feb 2019 18:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 10989
x-xss-protection: 1; mode=block
server: cafe
etag: 14172402783244772020
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2019 18:52:15 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190227/r20110914/client/ext/ Frame CB74 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190227/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 27 Feb 2019 18:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2019 18:52:15 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB74 80 KB
29 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

df2be5fbe86cbd752f97773621624a53a901a8440f5040c5eb67faca14f08b05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1551755418740111"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 29284
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2019 04:52:53 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/mittechnologyreviewdfp991240917930/ Frame CB74 268 KB
83 KB 38ms
9ms Script
application/x-javascript 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/mittechnologyreviewdfp991240917930/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c971c1694ddb3db938966d60dbaa380e17948a93fb6e9879906b859d18547d41

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 04:52:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Feb 2019 16:56:15 GMT
Server: AmazonS3
x-amz-request-id: 9B3FD7FB3A78CCC4
ETag: "15234bb83d3583d3d062d389f218e887"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=23316
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 84804
x-amz-id-2: uPYYae+Any22GxriPrrrCEGg0nrwmwwJ+Zr8h/wg5kuTZU8DZUazxf5SRReqsmPgVPM6gHWKGzo=

GET
H2 200 3848017339927353716
tpc.googlesyndication.com/simgad/ Frame CB74 59 KB
59 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3848017339927353716

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c6624373ca3bde0a4dfc2b92d20c4b4cfc7c062e544a1a3c3ecd15f94fe7d426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 15:41:23 GMT
x-content-type-options: nosniff
age: 2207490
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 59981
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Nov 2018 16:53:19 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2020 15:41:23 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame CB74 0
254 B 57ms
51ms Image
image/gif 172.217.21.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvD4qyEmIvCfx9ySTj3YJo_QLfQs1Chp08NT0R7xiUPV4ucu97ZmyQ0pU3GdCwfT5-Gnd_jWcYeOevacS44Ayktvm5dVVoYt_GSMAw7OjLMLZ81AicCKCdEz4GFV0Yrxym9iHHgycBParkA2MDXQRSVSn9t5crukeTAUEqGYmNh-16Zldi-bQvvxbuHykWv3HR-rdbqyjOGyhR0jXAN1bKCeFv4bwv-2wJr-r_C9753euhtP0GI_yimPRXK1Qw4xO2M2ahSOtkljPfLvM&sai=AMfl-YQJdmFI49WBFSIokDkS1t4RArE53Bujy91xMBvqOzGrbpdXh8qUkamO-GD4zZlnANY3IwQzAVwX3fsEDM8-qszPDbz-EDRcLQtHejNXsQ&sig=Cg0ArKJSzEd1FjFxRVIyEAE&adurl=

Requested by

Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra07s32-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:53 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2019 04:52:53 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20190227/r20110914/ Frame 7478 29 KB
11 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190227/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3b84affdec89386da43a9073bbaeea810a7e767aa18fb8357e9a836a66dcdcfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 27 Feb 2019 18:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 10989
x-xss-protection: 1; mode=block
server: cafe
etag: 14172402783244772020
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2019 18:52:15 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190227/r20110914/client/ext/ Frame 7478 2 KB
1 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190227/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 27 Feb 2019 18:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2019 18:52:15 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7478 80 KB
29 KB 43ms
39ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

df2be5fbe86cbd752f97773621624a53a901a8440f5040c5eb67faca14f08b05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1551755418740111"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 29284
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2019 04:52:53 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/mittechnologyreviewdfp991240917930/ Frame 7478 268 KB
83 KB 73ms
38ms Script
application/x-javascript 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/mittechnologyreviewdfp991240917930/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c971c1694ddb3db938966d60dbaa380e17948a93fb6e9879906b859d18547d41

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 04:52:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Feb 2019 16:56:15 GMT
Server: AmazonS3
x-amz-request-id: 9B3FD7FB3A78CCC4
ETag: "15234bb83d3583d3d062d389f218e887"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=23316
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 84804
x-amz-id-2: uPYYae+Any22GxriPrrrCEGg0nrwmwwJ+Zr8h/wg5kuTZU8DZUazxf5SRReqsmPgVPM6gHWKGzo=

GET
H2 200 9344191922415697473
tpc.googlesyndication.com/simgad/ Frame 7478 39 KB
39 KB 11ms
8ms Image
image/jpeg 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9344191922415697473

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

32410e6e557412d5aba2062fe780eeb4ae3aabe7391c43f88d3296c1e8f18bc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 12 Feb 2019 05:54:44 GMT
x-content-type-options: nosniff
age: 1897089
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 39514
x-xss-protection: 1; mode=block
last-modified: Wed, 26 Sep 2018 20:10:24 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2020 05:54:44 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7478 0
254 B 53ms
50ms Image
image/gif 172.217.21.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvh5rhdh_hLe_DzT_M5vOICyV9AQN-nygaxDn8oLIM7mDPudfZCczGjESkXq1Lat6ZMbALgqEUM-qJ8lZofTBl662SmANJ0IxPhzXdn63NiZDDQMpWAy-QXFAM57FIa72c8Bp4ww_msxw0O5tArw-Hld-wS09Jo6vJTYSXR6hgZFtSR1ZwpgejzYpgl4EEJs09kzb-CpzQEW4F51nrBXYOkrmCtmp0IB0WP6VtljWvqXBUNa9MdOiykNsrMuITRZBVaq6QtNYyuTYI4yegfyDPLX9rC0eO2cA&sai=AMfl-YR2wBIS1Grqjv0Pte-WiQda0GCquIANuPy0YmuslRvd5wE6QL3DiC8IY8URX1z5v3QSO8r1VCKhjnm0XvAbbS6sDJUtGazi8hao0Ihj&sig=Cg0ArKJSzM_4CWm0oAbPEAE&adurl=

Requested by

Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.21.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra07s32-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:53 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2019 04:52:53 GMT

GET
DATA 200
OK truncated
/ Frame DDE8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37292f128496d3ad27a2f46d76b6e0851157130f5f7227d9d654fcca96467aa

Request headers

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ptrack-v1.1.1-engagedtime.js Show response
d1z2jf7jlzjs58.cloudfront.net/code/ 35 KB
14 KB 13ms
8ms Script
application/x-javascript 143.204.98.108
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/code/ptrack-v1.1.1-engagedtime.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.108 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-108.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: f17090be520764660accb76f6b0afd46a86fc3ee5c84d5e2a6849459a2d005af

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Tue, 05 Feb 2019 21:14:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Jun 2018 22:20:16 GMT
Server: nginx
Age: 2446674
ETag: W/"5b32bc20-8b46"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
Cache-Control: max-age=315360000, public
Connection: keep-alive
X-Amz-Cf-Id: 42ENtRgvMMQpCcoBe02Hmx6S355E6dAFiooSeyQb2OPQd39XRpr3kg==
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame DFBE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7193548a5caa145a9b5f392446850f15051c370feb0a670e49310edde9113ed2

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CB74 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d691bc48edabe24bf623091afd9f1acd23de50d67085dc8499c49f37f647e02

Request headers

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 66ms
8ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=MITTECHREVIEWDFP1&hp=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&o=3&t=1551847973157&de=352135170069&m=0&ar=ab37179-clean&q=2&cb=0&cu=1551847973157&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4451373307%3A2294459736%3A4652826132%3A138231526294&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&bo=32883227&bd=32886587&gw=mittechnologyreviewdfp991240917930&fd=1&ac=1&it=500&fs=159716&na=193780587&cs=0
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:53 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 06 Mar 2019 04:52:53 GMT

GET
DATA 200
OK truncated
/ Frame 7478 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f90c96c4d58eef07d599bb2b95093a998bce7c4b98cf076b89975f9c21b9d9e0

Request headers

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 9ms
8ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F8043241790053843568&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1551847973157&de=352135170069&cu=1551847973157&m=72&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=13990&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&as=0&ag=21&an=0&gf=21&gg=0&ix=21&ic=21&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=21&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=42&cd=0&ah=42&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4451373307%3A2294459736%3A4652826132%3A138231526294&bo=32883227&bd=32886587&gw=mittechnologyreviewdfp991240917930&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=572308265&cs=0
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:53 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 06 Mar 2019 04:52:53 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 11ms
10ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=MITTECHREVIEWDFP1&hp=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&o=3&t=1551847973282&de=621205133016&m=0&ar=ab37179-clean&q=5&cb=0&cu=1551847973282&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=15497267%3A2438678787%3A4874943574%3A138252144996&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&bo=32883227&bd=32886827&gw=mittechnologyreviewdfp991240917930&fd=1&ac=1&it=500&fs=159716&na=1763823000&cs=0
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:53 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 06 Mar 2019 04:52:53 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 16ms
10ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F3848017339927353716&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1551847973282&de=621205133016&cu=1551847973282&m=82&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=13990&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=0&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=26&cd=0&ah=26&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=15497267%3A2438678787%3A4874943574%3A138252144996&bo=32883227&bd=32886827&gw=mittechnologyreviewdfp991240917930&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=2%3A&tc=0&fs=159716&na=91722511&cs=0
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:53 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 06 Mar 2019 04:52:53 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 8ms
7ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=MITTECHREVIEWDFP1&hp=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&o=3&t=1551847973408&de=516924682821&m=0&ar=ab37179-clean&q=8&cb=0&cu=1551847973408&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=15497267%3A2438678787%3A4874968969%3A138252181934&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&bo=32883227&bd=32883347&gw=mittechnologyreviewdfp991240917930&fd=1&ac=1&it=500&fs=159716&na=1257489287&cs=0
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:53 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 06 Mar 2019 04:52:53 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 8ms
7ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F16300077031919849314&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1551847973408&de=516924682821&cu=1551847973408&m=41&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=13990&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&as=0&ag=16&an=0&gf=16&gg=0&ix=16&ic=16&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=16&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=31&cd=0&ah=31&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=15497267%3A2438678787%3A4874968969%3A138252181934&bo=32883227&bd=32883347&gw=mittechnologyreviewdfp991240917930&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=37653218&cs=0
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:53 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 06 Mar 2019 04:52:53 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 8ms
7ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=MITTECHREVIEWDFP1&hp=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&o=3&t=1551847973486&de=607017524530&m=0&ar=ab37179-clean&q=11&cb=0&cu=1551847973486&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4451373307%3A2395541419%3A4806459025%3A138245252651&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&bo=32883227&bd=32886107&gw=mittechnologyreviewdfp991240917930&fd=1&ac=1&it=500&fs=159716&na=1841458679&cs=0
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:53 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 06 Mar 2019 04:52:53 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 12ms
11ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F9344191922415697473&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1551847973486&de=607017524530&cu=1551847973486&m=47&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=13990&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=0&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15&cd=0&ah=15&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4451373307%3A2395541419%3A4806459025%3A138245252651&bo=32883227&bd=32886107&gw=mittechnologyreviewdfp991240917930&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=2%3A&tc=0&fs=159716&na=488539521&cs=0
Requested by: Host: www.technologyreview.com
URL: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:53 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 06 Mar 2019 04:52:53 GMT

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/16198136/ 0
400 B 984ms
983ms Script
application/x-javascript 172.227.124.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/16198136/cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRBQMN
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.227.124.249 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a172-227-124-249.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 04:52:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Sat, 09 Mar 2019 04:52:54 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4

Request headers

Response headers

Content-Type: image/svg+xml

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
264 B 145ms
145ms Script
application/javascript 104.244.42.195
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nuwy6&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 04:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 120
pragma: no-cache
last-modified: Wed, 06 Mar 2019 04:52:53 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 461d93cbde7964352c21d04e0ae7ada1
x-transaction: 0079beba008e3df5
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/ 32 B
597 B 136ms
102ms XHR
application/json 2606:4700::6811:cbcc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/json?portalId=4518541

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c318f7e927701be1a5cb370e210b91c26df66249b47ed0d331c9550452221d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Origin: https://www.technologyreview.com

Response headers

date: Wed, 06 Mar 2019 04:52:53 GMT
content-encoding: br
status: 200
server: cloudflare
x-trace: 2B1150D3C75E53468EB1B5F8BFF1C3922098C4BB22000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.technologyreview.com
access-control-max-age: 180
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 4b31b90b88c9c2d3-FRA
access-control-allow-headers: *

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
103 B 50ms
20ms Image
image/gif 2606:4700::6810:fb05
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=3e69a4f7-5967-47be-bdc7-4326b12c2581&fci=da8296b4-33a7-4e3a-aac9-e069baffb2bb&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1332804328&v=1.1&a=4518541&rcu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&pu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&t=Triton+is+the+world%E2%80%99s+most+murderous+malware%2C+and+it%E2%80%99s+spreading+-+MIT+Technology+Review&cts=1551847973647&vi=a5cad3b41564939c7cecaa79f9be32a2&nc=true&u=12316075.a5cad3b41564939c7cecaa79f9be32a2.1551847973644.1551847973644.1551847973644.1&b=12316075.1.1551847973644

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fb05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4b31b90b890a973e-FRA
date: Wed, 06 Mar 2019 04:52:53 GMT
via: 1.1 google
content-type: image/gif
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none
alt-svc: clear

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
468 B 47ms
18ms Image
image/gif 2606:4700::6810:fb05
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=3045c9cb-513f-4fa0-b110-58ef9d14b329&fci=2f1143d9-4b05-400e-a0c4-96f4188cf50d&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1332804328&v=1.1&a=4518541&rcu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&pu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&t=Triton+is+the+world%E2%80%99s+most+murderous+malware%2C+and+it%E2%80%99s+spreading+-+MIT+Technology+Review&cts=1551847973648&vi=a5cad3b41564939c7cecaa79f9be32a2&nc=true&u=12316075.a5cad3b41564939c7cecaa79f9be32a2.1551847973644.1551847973644.1551847973644.1&b=12316075.1.1551847973644

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fb05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4b31b90b890d973e-FRA
date: Wed, 06 Mar 2019 04:52:53 GMT
via: 1.1 google
content-type: image/gif
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none
alt-svc: clear

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
102 B 48ms
19ms Image
image/gif 2606:4700::6810:fb05
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1332804328&v=1.1&a=4518541&rcu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&pu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&t=Triton+is+the+world%E2%80%99s+most+murderous+malware%2C+and+it%E2%80%99s+spreading+-+MIT+Technology+Review&cts=1551847973650&vi=a5cad3b41564939c7cecaa79f9be32a2&nc=true&u=12316075.a5cad3b41564939c7cecaa79f9be32a2.1551847973644.1551847973644.1551847973644.1&b=12316075.1.1551847973644

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fb05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray: 4b31b90b890c973e-FRA
date: Wed, 06 Mar 2019 04:52:53 GMT
via: 1.1 google
content-type: image/gif
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none
alt-svc: clear

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 38 KB
4 KB 166ms
114ms XHR
application/json 2606:4700::6810:fb05
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=4518541&utk=a5cad3b41564939c7cecaa79f9be32a2&__hstc=12316075.a5cad3b41564939c7cecaa79f9be32a2.1551847973644.1551847973644.1551847973644.1&__hssc=12316075.1.1551847973644&currentUrl=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fb05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f7f7895608a96820979d4ab197745bbee4ff5d196caa62be9dfa69efda3f86a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
Origin: https://www.technologyreview.com

Response headers

date: Wed, 06 Mar 2019 04:52:53 GMT
content-encoding: br
x-robots-tag: none
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.technologyreview.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 4b31b90bec14bead-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 8ms
7ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1551847973157&de=352135170069&cu=1551847973157&m=1054&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=72&vx=72%3A73%3A-&as=1&ag=1012&an=21&gf=510&gg=21&ix=510&ic=510&ez=1&ck=1012&kw=832&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1012&bx=21&ci=1012&jz=832&dj=1&aa=0&ad=898&cn=0&gk=396&gl=0&ik=396&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=832&cd=42&ah=832&am=42&rf=0&re=1&ft=898&fv=0&fw=898&wb=1&cl=0&at=0&d=4451373307%3A2294459736%3A4652826132%3A138231526294&bo=32883227&bd=32886587&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=1362486260&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:54 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 06 Mar 2019 04:52:54 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DDE8 42 B
291 B 14ms
13ms Image
image/gif 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbIjbqWE9xmVX6853sh1BXsmYyJVyYzu-KRMlPzuT2qFPkZjIULOxghySQ-SNAgl4M5k3cYjtJAjJ7piBXhJiIu1n6kqlfDUHyU7Q&sig=Cg0ArKJSzCG_R9H1tN3QEAE&adk=3758317059&tt=539&bs=1585%2C1200&mtos=406,406,1017,1017,1017&tos=406,0,611,0,0&p=1020,1083,1270,1383&mcvt=1017&rs=3&ht=0&tfs=37&tls=1054&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1551847973013&rpt=257&isd=0&msd=0&lm=2&oseid=3&xdi=0&ps=1585%2C13990&ss=1600%2C1200&pt=516&deb=1-4-4-11-11-42-59-9&tvt=1022&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=5&clc=1&cac=0&cd=300x250&v=20190304

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2019 04:52:54 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 11ms
11ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1551847973157&de=352135170069&cu=1551847973157&m=1255&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=72&vx=72%3A73%3A-&as=1&ag=1214&an=1012&gf=510&gg=510&ix=510&ic=510&ez=1&ck=1012&kw=832&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1214&bx=1012&ci=1012&jz=832&dj=1&aa=1&ad=1100&cn=898&gk=396&gl=396&ik=396&co=1100&cp=1033&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1033&cd=832&ah=1033&am=832&rf=0&re=1&ft=1100&fv=898&fw=898&wb=1&cl=0&at=0&d=4451373307%3A2294459736%3A4652826132%3A138231526294&bo=32883227&bd=32886587&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=912197947&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:54 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 06 Mar 2019 04:52:54 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DFBE 42 B
110 B 14ms
14ms Image
image/gif 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvg5-mFJf0Ej9uvm1Zf513-n3lWXIceujInO-VuHsp0iEltMYeS7uKqxskpbCmTNvg4wDuc9buBOQ61SKuTUon_bRZjpByHdJpvmo4&sig=Cg0ArKJSzJhFQmw_WX-2EAE&adk=1283925206&tt=741&bs=1585%2C1200&mtos=1035,1035,1035,1035,1035&tos=1035,0,0,0,0&p=223,429,313,1157&mcvt=1035&rs=3&ht=0&tfs=222&tls=1257&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1551847972997&rpt=453&isd=0&msd=0&lm=2&oseid=3&xdi=0&ps=1585%2C13990&ss=1600%2C1200&pt=516&deb=1-4-4-12-13-42-67-11&tvt=1224&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=5&clc=1&cac=0&cd=728x90&v=20190304

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2019 04:52:54 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 9ms
8ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1551847973408&de=516924682821&cu=1551847973408&m=1209&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1187&an=16&gi=1&gf=1187&gg=16&ix=1187&ic=1187&ez=1&ck=1187&kw=1002&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1187&bx=16&ci=1187&jz=1002&dj=1&aa=1&ad=1088&cn=0&gn=1&gk=1088&gl=0&ik=1088&co=1088&cp=1002&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1002&cd=31&ah=1002&am=31&rf=0&re=1&ft=1088&fv=0&fw=1088&wb=1&cl=0&at=0&d=15497267%3A2438678787%3A4874968969%3A138252181934&bo=32883227&bd=32883347&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=1929824276&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:54 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 06 Mar 2019 04:52:54 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 8ms
7ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1551847973408&de=516924682821&cu=1551847973408&m=1211&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1187&an=1187&gi=1&gf=1187&gg=1187&ix=1187&ic=1187&ez=1&ck=1187&kw=1002&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1187&bx=1187&ci=1187&jz=1002&dj=1&aa=1&ad=1088&cn=1088&gn=1&gk=1088&gl=1088&ik=1088&co=1088&cp=1002&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1002&cd=1002&ah=1002&am=1002&rf=0&re=1&ft=1088&fv=1088&fw=1088&wb=1&cl=0&at=0&d=15497267%3A2438678787%3A4874968969%3A138252181934&bo=32883227&bd=32883347&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=1355989578&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:54 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 06 Mar 2019 04:52:54 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 8ms
7ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1551847973408&de=516924682821&cu=1551847973408&m=1211&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1187&an=1187&gi=1&gf=1187&gg=1187&ix=1187&ic=1187&ez=1&ck=1187&kw=1002&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1187&bx=1187&ci=1187&jz=1002&dj=1&aa=1&ad=1088&cn=1088&gn=1&gk=1088&gl=1088&ik=1088&co=1088&cp=1002&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1002&cd=1002&ah=1002&am=1002&rf=0&re=1&ft=1088&fv=1088&fw=1088&wb=1&cl=0&at=0&d=15497267%3A2438678787%3A4874968969%3A138252181934&bo=32883227&bd=32883347&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=995508809&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:54 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 06 Mar 2019 04:52:54 GMT

GET
H/1.1 200
OK t Show response
edge.simplereach.com/ 106 B
266 B 121ms
120ms Script
application/javascript 2406:da00:ff00::36f3:4889
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.simplereach.com/t?pid=5579ded9736b79d48fc40100&title=Triton%20is%20the%20world%E2%80%99s%20most%20murderous%20malware%2C%20and%20it%E2%80%99s%20spreading%20-%20MIT%20Technology%20Review&date=2019-03-05&authors=Martin%20Giles&channels=Connectivity&url=www.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&ignore_errors=false&tags=undefined&referrer=&ref_url=&page_url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&cb=SPR.API.callbacks.cbyonbvaxbl&v=2.18.1&cache_buster=1551847972497&t=5000&e=5000&s=0
Requested by: Host: d8rk54i4mohrb.cloudfront.net
URL: https://d8rk54i4mohrb.cloudfront.net/js/reach.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da00:ff00::36f3:4889 , United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: 931af02926b1005abd8efde890ecbc56177cd96a2b6d7b4861034806026c05a8

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 04:52:57 GMT
Server: nginx/1.8.0
Connection: keep-alive
Content-Length: 106
Content-Type: application/javascript

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 8ms
7ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1551847973157&de=352135170069&cu=1551847973157&m=5073&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=72&vx=72%3A73%3A-&as=1&ag=5031&an=1214&gf=510&gg=510&ix=510&ic=510&ez=1&ck=1012&kw=832&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5031&bx=1214&ci=1012&jz=832&dj=1&aa=1&ad=4917&cn=1100&gk=396&gl=396&ik=396&co=1100&cp=1033&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4851&cd=1033&ah=4851&am=1033&rf=0&re=1&ft=4917&fv=1100&fw=898&wb=1&cl=0&at=0&d=4451373307%3A2294459736%3A4652826132%3A138231526294&bo=32883227&bd=32886587&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=926855911&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:58 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 06 Mar 2019 04:52:58 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 8ms
8ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1551847973408&de=516924682821&cu=1551847973408&m=5025&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=5003&an=1187&gi=1&gf=5003&gg=1187&ix=5003&ic=5003&ez=1&ck=1187&kw=1002&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5003&bx=1187&ci=1187&jz=1002&dj=1&aa=1&ad=4904&cn=1088&gn=1&gk=4904&gl=1088&ik=4904&co=1088&cp=1002&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4818&cd=1002&ah=4818&am=1002&rf=0&re=1&ft=4904&fv=1088&fw=1088&wb=2&cl=0&at=0&d=15497267%3A2438678787%3A4874968969%3A138252181934&bo=32883227&bd=32883347&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=236124587&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:58 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 06 Mar 2019 04:52:58 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 10ms
10ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1551847973282&de=621205133016&cu=1551847973282&m=5281&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5075&cd=26&ah=5075&am=26&rf=0&re=1&wb=1&cl=0&at=0&d=15497267%3A2438678787%3A4874943574%3A138252144996&bo=32883227&bd=32886827&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=2%3A&tc=0&fs=159716&na=1603369185&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:58 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 06 Mar 2019 04:52:58 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 9ms
8ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1551847973486&de=607017524530&cu=1551847973486&m=5237&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5030&cd=15&ah=5030&am=15&rf=0&re=0&wb=1&cl=0&at=0&d=4451373307%3A2395541419%3A4806459025%3A138245252651&bo=32883227&bd=32886107&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=2%3A&tc=0&fs=159716&na=369810243&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:52:58 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 06 Mar 2019 04:52:58 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 9ms
8ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1551847973157&de=352135170069&cu=1551847973157&m=10097&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=72&vx=72%3A73%3A-&as=1&ag=10056&an=5031&gf=510&gg=510&ix=510&ic=510&ez=1&ck=1012&kw=832&aj=1&pg=100&pf=100&ib=1&cc=1&bw=10056&bx=5031&ci=1012&jz=832&dj=1&aa=1&ad=9942&cn=4917&gk=396&gl=396&ik=396&co=1100&cp=1033&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9876&cd=4851&ah=9876&am=4851&rf=0&re=1&ft=5018&fv=4917&fw=898&wb=1&cl=0&at=0&d=4451373307%3A2294459736%3A4652826132%3A138231526294&bo=32883227&bd=32886587&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=987967177&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:53:03 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 06 Mar 2019 04:53:03 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 8ms
8ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1551847973408&de=516924682821&cu=1551847973408&m=10049&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=10027&an=5003&gi=1&gf=10027&gg=5003&ix=10027&ic=10027&ez=1&ck=1187&kw=1002&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10027&bx=5003&ci=1187&jz=1002&dj=1&aa=1&ad=9928&cn=4904&gn=1&gk=9928&gl=4904&ik=9928&co=1088&cp=1002&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9841&cd=4818&ah=9841&am=4818&rf=0&re=1&ft=5006&fv=4904&fw=1088&wb=2&cl=0&at=0&d=15497267%3A2438678787%3A4874968969%3A138252181934&bo=32883227&bd=32883347&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=159716&na=1920895847&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:53:03 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 06 Mar 2019 04:53:03 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 10ms
9ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1551847973282&de=621205133016&cu=1551847973282&m=10308&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10102&cd=5075&ah=10102&am=5075&rf=0&re=1&wb=1&cl=0&at=0&d=15497267%3A2438678787%3A4874943574%3A138252144996&bo=32883227&bd=32886827&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=2%3A&tc=0&fs=159716&na=526047019&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:53:03 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 06 Mar 2019 04:53:03 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 8ms
7ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&kq=1&lo=0&ua=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=MITTECHREVIEWDFP1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBnyBBBNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF7HfC7Kn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002100&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&om=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&f=0&j=&o=3&t=1551847973486&de=607017524530&cu=1551847973486&m=10262&ar=ab37179-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14063&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10056&cd=5030&ah=10056&am=5030&rf=0&re=0&wb=1&cl=0&at=0&d=4451373307%3A2395541419%3A4806459025%3A138245252651&bo=32883227&bd=32886107&gw=mittechnologyreviewdfp991240917930&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=2%3A&tc=0&fs=159716&na=1192791885&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Mar 2019 04:53:03 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 06 Mar 2019 04:53:03 GMT

GET
H/1.1 200
OK /
srv-2019-03-06-04.pixel.parsely.com/plogger/ 43 B
229 B 443ms
104ms Image
image/gif 34.200.171.196
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-2019-03-06-04.pixel.parsely.com/plogger/?rand=1551847983961&plid=45668201&idsite=technologyreview.com&url=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely_uuid%22%3A%22f2caa5f4-1374-4da0-af4d-619a0f138257%22%2C%22parsely_site_uuid%22%3A%224aa7f9d5-12d9-4be4-a8d2-a96b077b90df%22%7D&sid=1&surl=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&sref=&sts=1551847983961&slts=0&date=Wed+Mar+06+2019+04%3A53%3A03+GMT%2B0000+(Coordinated+Universal+Time)&action=heartbeat&inc=5&tt=4900&u=4aa7f9d5-12d9-4be4-a8d2-a96b077b90df
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.171.196 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-200-171-196.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 04:53:04 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
edge.simplereach.com/	1970-01-18 23:04:09	Name: __srss Value: b3543420-3fcb-11e9-a7dd-22000ae5290f
.simplereach.com/	1970-01-18 23:04:09	Name: __srss Value: b3543420-3fcb-11e9-a7dd-22000ae5290f
edge.simplereach.com/	1970-01-19 07:51:10	Name: __srui Value: b354342b-3fcb-11e9-a7dd-22000ae5290f
.simplereach.com/	1970-01-19 07:51:10	Name: __srui Value: b354342b-3fcb-11e9-a7dd-22000ae5290f
.technologyreview.com/	1970-01-18 23:04:09	Name: __hssc Value: 12316075.1.1551847973644
.technologyreview.com/	1970-01-19 08:25:43	Name: hubspotutk Value: a5cad3b41564939c7cecaa79f9be32a2
.technologyreview.com/	1970-01-19 08:25:43	Name: __hstc Value: 12316075.a5cad3b41564939c7cecaa79f9be32a2.1551847973644.1551847973644.1551847973644.1
.technologyreview.com/	1970-01-18 23:04:09	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/%22%2C%22sref%22:%22%22%2C%22sts%22:1551847973458%2C%22slts%22:0}
.technologyreview.com/	1970-01-19 16:35:19	Name: __gads Value: ID=05eb6aabe7006c03:T=1551847972:S=ALNI_MbpWjoDME-fmwxg9nYXWmKpe9R2wg
.technologyreview.com/	1970-01-19 08:28:36	Name: __qca Value: P0-421949562-1551847972711
.technologyreview.com/	1970-01-19 07:49:43	Name: __cfduid Value: d96ddc943a01d4ea9b047ab8a36d50fd21551847971
www.technologyreview.com/	1970-01-22 14:40:07	Name: _ccmaid Value: 5978151463181312287
.technologyreview.com/	1970-01-19 01:13:43	Name: _fbp Value: fb.1.1551847972437.1748428763
www.technologyreview.com/	1970-01-22 14:40:07	Name: _ccmsi Value: 1551847972403_jphw4qj48\|1551847972403
www.technologyreview.com/	1970-01-19 08:35:48	Name: __atuvc Value: 1%7C10
www.technologyreview.com/	1970-01-27 11:03:50	Name: __srret Value: 1
www.technologyreview.com/	1970-01-18 23:04:09	Name: __atuvs Value: 5c7f5224ef2631f3000
.technologyreview.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.technologyreview.com/	1970-01-19 08:33:31	Name: _parsely_visitor Value: {%22id%22:%224aa7f9d5-12d9-4be4-a8d2-a96b077b90df%22%2C%22session_count%22:1%2C%22last_session_ts%22:1551847973458}
www.technologyreview.com/	1970-01-27 11:03:50	Name: __srui Value: b354342b-3fcb-11e9-a7dd-22000ae5290f
.www.technologyreview.com/	1970-01-19 07:49:43	Name: OptanonConsent Value: landingPath=https%3A%2F%2Fwww.technologyreview.com%2Fs%2F613054%2Fcybersecurity-critical-infrastructure-triton-malware%2F&datestamp=Wed+Mar+06+2019+04%3A52%3A53+GMT%2B0000+(Coordinated+Universal+Time)&version=4.1.0&EU=true&groups=112%3A1%2C1%3A1%2C105%3A1%2C106%3A1%2C116%3A1%2C2%3A1%2C118%3A1%2C3%3A1%2C107%3A1%2C104%3A1%2C108%3A1%2C4%3A1%2C126%3A1%2C109%3A1%2C110%3A1%2C129%3A1%2C111%3A1%2C113%3A1%2C114%3A1%2C115%3A1%2C117%3A1%2C119%3A1%2C120%3A1%2C121%3A1%2C122%3A1%2C123%3A1%2C124%3A1%2C125%3A1%2C127%3A1%2C128%3A1%2C130%3A1%2C101%3A1%2C102%3A1%2C131%3A1%2C103%3A1%2C0_100147%3A1%2C0_121150%3A1%2C0_121119%3A1
.technologyreview.com/	1970-01-19 01:13:43	Name: _gcl_au Value: 1.1.1165927455.1551847972

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://cdn.technologyreview.com/_/dist/js/article.js?v=6aaa9416(Line 60) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 25) Message: [Facebook Pixel] - Duplicate Pixel ID: 302431540264875.
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 25) Message: [Facebook Pixel] - Invalid PixelID: function(b){return this.filter(function(e){return 0>b.indexOf(e)})}.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.quora.com
adservice.google.com
adservice.google.de
alb.reddit.com
analytics.twitter.com
api.hubapi.com
bat.bing.com
cdn.cookielaw.org
cdn.technologyreview.com
connect.facebook.net
d1z2jf7jlzjs58.cloudfront.net
d8rk54i4mohrb.cloudfront.net
edge.simplereach.com
flip.it
forms.hsforms.com
forms.hubspot.com
geolocation.onetrust.com
idsync.rlcdn.com
js.hs-analytics.net
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
js.hsleadflows.net
m.addthisedge.com
ml314.com
pagead2.googlesyndication.com
pixel.mathtag.com
pixel.quantserve.com
ps.eyeota.net
px.ads.linkedin.com
px.moatads.com
q.quora.com
rules.quantcount.com
s3.amazonaws.com
s7.addthis.com
sb.scorecardresearch.com
script.hotjar.com
secure.quantserve.com
securepubads.g.doubleclick.net
sjs.bizographics.com
srv-2019-03-06-04.config.parsely.com
srv-2019-03-06-04.pixel.parsely.com
static.ads-twitter.com
static.hotjar.com
sync.crwdcntrl.net
t.co
tags.bluekai.com
tpc.googlesyndication.com
track.hubspot.com
vars.hotjar.com
www.facebook.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.redditstatic.com
www.technologyreview.com
z.moatads.com
104.108.51.30
104.244.42.195
104.244.42.69
104.244.46.144
107.21.45.247
13.107.21.200
13.74.252.44
143.204.98.108
147.75.32.173
147.75.83.1
147.75.83.23
151.101.1.140
151.101.1.2
152.195.132.202
172.217.21.98
172.227.124.249
18.184.103.21
2.21.38.40
23.210.248.44
23.210.249.113
2406:da00:ff00::36f3:4889
2600:9000:200c:4e00:6:44e3:f8c0:93a1
2600:9000:200c:dc00:1f:573d:79c0:21
2606:4700:10::6814:1bee
2606:4700:10::6814:1cee
2606:4700::6810:5505
2606:4700::6810:fb05
2606:4700::6811:45b0
2606:4700::6811:70b0
2606:4700::6811:b849
2606:4700::6811:cbcc
2606:4700::6811:d3cc
2606:4700::6811:e7cc
2620:109:c002::6cae:a0a
2620:109:c007:102::5be1:f885
2a00:1450:4001:808::2002
2a00:1450:4001:816::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81b::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81d::2008
2a02:26f0:eb:3ab::3adf
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.120.224.89
3.120.80.142
34.195.208.119
34.199.66.245
34.200.171.196
34.231.31.77
34.246.247.78
35.173.3.255
52.86.72.168
54.171.224.12
54.171.7.149
54.231.114.76
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
09a5596268b9389da432f3eced3319e6ec40220e613cdd742517713e431cb40b
0d09eefb45e90f4236f585e2fd604e9270dda2c91c85b3a38a66017c775da334
0d590631ab8c205091758f76c4e11b9cd148a1369cae022d452fdae9eac859fd
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
128830c65ff392a5b0c16f553fda19742d0a4d878737f3f0df88bb6d37d4953a
12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4
13be0fad34aadb206ab194936a25a9979835f3e5551bd436e85125d142b663cc
1772bb9221cb908badb4c99fa3eab2f23b638e14f72125673fe8394681bf4d32
182d055f57d1b0a7aaa410dc800111561ef1af4700e59a54b6f3199e19ce8c0c
1a20f6ee8f0590104e47e29e590d8f2698bf4bc5486b80d5f05e8ea5b4d427df
1c4131a274503ae0754d508d1a25a95bcd162804c9e9bc228703c953cc65780d
1f20887a2df6133856b8d22967cba7aff3a17099536ef185b5db164316c7cdb9
2b66eeb4d09255e5f5bfa2fb7f191a342a7c072a6426107fde848b065ba0a9e1
2d99efcd06c0c2bbd57247ca6c0c231560840ef20cd073c61cef5560d7b0709d
2dabc748debcd8b549494961ac0386cc103be580fbe0912511380d46e3a7aa05
2e1571b57d24b2cb2714891b53bf174fc64c538164a1c21e1efb3b61252a8690
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
32410e6e557412d5aba2062fe780eeb4ae3aabe7391c43f88d3296c1e8f18bc3
36e37aa427c03ec10d908586e67951e999a31e5f9629ced1b79a7d8f10b40aad
381505fbbe1274b2f5b58f56e879542b46e7e5af1faa56176e8b437e288d5018
3aedaddba6f8d8620ca4df0ce07c6ec688675d124d82d6a3f6da0a618c9932c3
3b84affdec89386da43a9073bbaeea810a7e767aa18fb8357e9a836a66dcdcfc
3f37d74095d27ff0f96a5db6eb5136c477109a18e09d9dc6b94bd9cb5f45fba2
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
421840becbef391137ba485c9073f7086af18e012a5c230c05a2da4a6995fd2d
461c982d2ba47cfef27b77b3398da448624ad007e848cf070a401b8b2b025b3a
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a2d2f649e733199ee6c1aa3d833188e17355e2a36abf4b5b334e8eaa89c8e8e
5b3b6bc42f3687fadfb4d5650db873ab7d8bd0426a707adbbed0677dc7974dee
5ec92479b90fa26815b14755ca5645cf8900f7b5df5313f2f8046f9352c76a7a
5fc61bf0728b3a21438b4539c6fa9cfe549b89a537d375d72dd7c687ac26b41f
623bbd6e9fc0d231a07dbde18fe91c2f1eccb1aaa13c0a2ca2be0bbb963408bb
648bde3606e8abcadc6a94dab68193fb00b97a69c7ceeba4ce95daf3a61afe61
696f31b56da5b1713ffb8b3bbbf7b56a7cec56a34a156ee93e9b59ccf516ca30
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6bb981959d783d83df88b9aa48738948c9a8a22c1a31b8cb5305d3e338ebf9a7
6d691bc48edabe24bf623091afd9f1acd23de50d67085dc8499c49f37f647e02
6e3e0c14cd2f2f6c9e3f7f49ca91e0285b0f748c29e82380e2ac77750f613958
7193548a5caa145a9b5f392446850f15051c370feb0a670e49310edde9113ed2
725913eab3460e2955a8ac4ec176f902c7d8d2db60757248b735cbf8698b0749
760142cff640e00f8d7cb46efde7e54920be358cc2c095107b006d86c9294110
762e5fd7df3e5f35b2b9cf5c5cc01b0e67420fb73a4a9be8eb236184bf6ad763
80e0e663ec8e77b09b27581a613982039b6fd7830eb55c6cf6e038fdf9e13e63
812919ca83bf113696dd460f078f66e4d442b7179341cf8459dd5f6270d41bad
83f0568d44d6151864a2921696af9d5460c47e955dbc79c1df5be58097b317ef
86c348b979eef41889c5be5344d1da6f38589b8d48f910c0b68b262b6a42b4f9
885146a434f5e45637af989ce8e6aeb429a933e6e83bf0031129b54f7b9ba18c
8a2e7e1fca7f4846f57829e36cd256a1b1a787cd9e3556f34a0394b220f9c038
8b2630fa237b81931335c873da5f889928686854892edb91f1ad9476b955869b
92ca91e1a7a8e3f20a6cfbe487b20ec716258b98c3ab727c360513664341056d
931af02926b1005abd8efde890ecbc56177cd96a2b6d7b4861034806026c05a8
95988cd724c335017a45083d6113304f8ff09502a3aa961b804f8ae03f4c3ada
9804319e04965fab520e9c970fbf67c1f08038c26fc8312af3dcaecd815f6515
9b15f68d7cbe8c3162c49533bc8cb23ede662c5901a81419c8f9e62d07ea1952
9c318f7e927701be1a5cb370e210b91c26df66249b47ed0d331c9550452221d8
9e03d610493a32cfa7a9750ac0c194f807c46926270e565fc8b41ee71053a52d
9f77743f6848ac60f92e05cd59b29fda0e596f579343647f8930254ef996b455
9f7f7895608a96820979d4ab197745bbee4ff5d196caa62be9dfa69efda3f86a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a71df67e5bb88eecfc942a174c396668b92a66174f53483a12c684489214d313
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae3ea387b378c0292d88b248f89469115159836aa628d33862e409f2cc7ba67a
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
bf34166df4f4be0d927a3f6ddec9ef46576671f934bc7ace74babd06b8f727c7
c534a001fe431345643f2e3aae5c2692ad7fe041a0568706ef559c18090ffc46
c6624373ca3bde0a4dfc2b92d20c4b4cfc7c062e544a1a3c3ecd15f94fe7d426
c971c1694ddb3db938966d60dbaa380e17948a93fb6e9879906b859d18547d41
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cab9300f0ecfc026cc2e558aaea117dc5b536c0728deb27e763b27659a093118
cd191ef8796b5d0f92892273e05517556478b9401863b8f69c5550726f24d901
ce8848a01a7391f92e5cb32e0da62f5e7714fd654d1c6558920cb3828b415bea
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3145e9b70309578810dd484cbb2f225f87ce90ec15ada2ae3388d9723a20142
d3560b68e5292e2cc96ac56dfa5eef3f8f7ac1a434c7ff4b545cc662dcb7a188
da0ec95c7f4beb658ce61a4e6db2d57cbfaf0bcfdbd2bf508506ced773eca16f
dbc9c3294de3df6442cca9515af12bafadf8146cb14bbc8705da15afeed53fd4
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df2be5fbe86cbd752f97773621624a53a901a8440f5040c5eb67faca14f08b05
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e37292f128496d3ad27a2f46d76b6e0851157130f5f7227d9d654fcca96467aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9a8449ea817b595d911600929b2e75106d15eba1d93becb15a206275ba05a22
eb5f76f7e8c61f6689a73775efaa8b3e58255d2c147e583e363e181e0d0babf9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f053bfb7de47af1c94e436b6990a345fafce516316fdd1fd3316aeb0c48a0237
f17090be520764660accb76f6b0afd46a86fc3ee5c84d5e2a6849459a2d005af
f20738fd2ecc88cdac45a4ce358fec1ab0b1693d2a1d861aa82872919f528cbc
f84bfcca75090eaefd67ecf0eda845cdf5edbc85954991546d97d229eab5431f
f90c96c4d58eef07d599bb2b95093a998bce7c4b98cf076b89975f9c21b9d9e0
f98dea37ab9e551aa88a5a52deb87fbf7f9cb6f26c58c21ab50171dbeb9a54aa
fa406a3b680dad647af5fa7aa717580bb12e1b13d6efb7e23f344c751f03cfb3
fcb266205826d7200403a3b88f415a211e3db0503c6bc7b2b06bef0e1991f11e

www.technologyreview.com Open in urlscan Pro 35.173.3.255 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

146 Requests

100 %HTTPS

43 %IPv6

46 Domains

57 Subdomains

51 IPs

6 Countries

2354 kBTransfer

6450 kBSize

22 Cookies

15 Outgoing links

Page URL History

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.technologyreview.com Open in urlscan Pro
35.173.3.255 Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

100 %
HTTPS

43 %
IPv6

46
Domains

57
Subdomains

51
IPs

6
Countries

2354 kB
Transfer

6450 kB
Size

22
Cookies

146 HTTP transactions
5 data transactions