www.crn.com Open in urlscan Pro
13.224.96.57 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
Submission: On August 03 via api (August 3rd 2021, 3:54:03 pm UTC) from US

Summary HTTP 147 Redirects Links 66 Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 24 domains to perform 147 HTTP transactions. The main IP is 13.224.96.57, located in United States and belongs to AMAZON-02, US. The main domain is www.crn.com.
TLS certificate: Issued by Amazon on October 2nd 2020. Valid for: a year.

This is the only time www.crn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	13.224.96.57 13.224.96.57	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:470... 2a02:26f0:4700:1a3::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:219... 2600:9000:2190:9400:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	104.108.145.56 104.108.145.56	16625 (AKAMAI-AS) (AKAMAI-AS)
3	23.59.68.114 23.59.68.114	16625 (AKAMAI-AS) (AKAMAI-AS)
2	88.221.60.75 88.221.60.75	16625 (AKAMAI-AS) (AKAMAI-AS)
28	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3	52.31.176.223 52.31.176.223	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:3::714 2a04:4e42:3::714	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::729 2a04:4e42:3::729	54113 (FASTLY) (FASTLY)
2	143.204.93.17 143.204.93.17	16509 (AMAZON-02) (AMAZON-02)
5	35.244.232.184 35.244.232.184	15169 (GOOGLE) (GOOGLE)
1	18.189.240.10 18.189.240.10	16509 (AMAZON-02) (AMAZON-02)
1 1	34.249.249.121 34.249.249.121	16509 (AMAZON-02) (AMAZON-02)
1	104.108.145.172 104.108.145.172	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
16	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
5	13.224.101.146 13.224.101.146	16509 (AMAZON-02) (AMAZON-02)
12	169.61.79.97 169.61.79.97	36351 (SOFTLAYER) (SOFTLAYER)
2	34.226.28.254 34.226.28.254	14618 (AMAZON-AES) (AMAZON-AES)
147	32

24 13.224.96.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-57.zrh50.r.cloudfront.net

www.crn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:4700:1a3::1e80 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:9400:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.145.56 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-56.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.59.68.114 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-59-68-114.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.60.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-75.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.31.176.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tcc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.93.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-17.fra50.r.cloudfront.net

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.232.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com

metrics.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.189.240.10 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-189-240-10.us-east-2.compute.amazonaws.com

data.crn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.249.121 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-249-121.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.145.172 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-172.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

thechannelcompany.d1.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.101.146 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-101-146.zrh50.r.cloudfront.net

cf-images.us-east-1.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 169.61.79.97 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 61.4f.3da9.ip4.static.sl-reverse.com

s1110.visualsteel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.226.28.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-28-254.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	371 KB
25	crn.com www.crn.com data.crn.com	355 KB
20	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	147 KB
12	visualsteel.com s1110.visualsteel.com	292 KB
10	googletagservices.com www.googletagservices.com	350 KB
7	brightcove.com edge.api.brightcove.com metrics.brightcove.com	21 KB
6	google-analytics.com www.google-analytics.com	20 KB
5	boltdns.net cf-images.us-east-1.prod.boltdns.net	161 KB
4	google.com adservice.google.com www.google.com	936 B
3	demdex.net dpm.demdex.net tcc.demdex.net	5 KB
3	chartbeat.com static.chartbeat.com mab.chartbeat.com	24 KB
3	adobedtm.com assets.adobedtm.com	47 KB
2	chartbeat.net ping.chartbeat.net	401 B
2	marketo.net munchkin.marketo.net	7 KB
2	addthis.com s7.addthis.com	190 KB
2	googletagmanager.com www.googletagmanager.com	91 KB
1	omtrdc.net thechannelcompany.d1.sc.omtrdc.net	394 B
1	addthisedge.com v1.addthisedge.com	701 B
1	moatads.com z.moatads.com	1 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	zencdn.net vjs.zencdn.net	7 KB
1	google.de adservice.google.de	165 B
1	brightcove.net players.brightcove.net	224 KB
1	googleapis.com ajax.googleapis.com	30 KB
147	24

	Domain	Requested by
24	www.crn.com	www.crn.com ajax.googleapis.com
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com tpc.googlesyndication.com
19	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.crn.com d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com
12	s1110.visualsteel.com	d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com s1110.visualsteel.com
10	www.googletagservices.com	www.crn.com securepubads.g.doubleclick.net d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com
7	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.crn.com
5	cf-images.us-east-1.prod.boltdns.net	www.crn.com
5	metrics.brightcove.com	www.crn.com
4	d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	assets.adobedtm.com	www.crn.com assets.adobedtm.com
2	ping.chartbeat.net
2	edge.api.brightcove.com	players.brightcove.net
2	dpm.demdex.net	assets.adobedtm.com www.crn.com
2	munchkin.marketo.net	www.crn.com munchkin.marketo.net
2	s7.addthis.com	www.crn.com s7.addthis.com
2	static.chartbeat.com	www.crn.com
2	www.googletagmanager.com	www.crn.com www.googletagmanager.com
1	thechannelcompany.d1.sc.omtrdc.net	www.crn.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	cm.everesttech.net	1 redirects
1	tcc.demdex.net	assets.adobedtm.com
1	data.crn.com	ajax.googleapis.com
1	vjs.zencdn.net	players.brightcove.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	mab.chartbeat.com	static.chartbeat.com
1	players.brightcove.net	www.crn.com
1	ajax.googleapis.com	www.crn.com
147	32

This site contains links to these domains. Also see Links.

Domain
custom.crn.com
closeup.crn.com
www.crnshowcases.com
crntv.crn.com
www.thechannelco.com
wotc.crn.com
www.hpezone.com
www.businesscontinuitycenter.com
www.enterprisetechprovider.com
hitachi.crndigitalnewsroom.com
ibm.crndigitalnewsroom.com
juniper.crndigitalnewsroom.com
www.gochannelfirst.com
www.theiotintegrator.com
www.thedatafabriccenter.com
www.techproviderzone.com
pages.thechannelco.com
i.crn.com
www.area1security.com
www.vmware.com
crnmediakit.thechannelco.com
crnlicensing.com
www.facebook.com
www.linkedin.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
*.crn.com Amazon	`2020-10-02` - `2021-11-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
players.brightcove.net DigiCert SHA2 Secure Server CA	`2020-09-03` - `2021-10-03`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-02-22` - `2022-03-26`	a year	crt.sh
*.api.brightcove.com Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
metrics.brightcove.com GTS CA 1D4	`2021-06-29` - `2021-09-27`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.d1.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-02-28` - `2022-03-04`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.prod.boltdns.net Amazon	`2020-12-08` - `2022-01-06`	a year	crt.sh
s1110.visualsteel.com cPanel, Inc. Certification Authority	`2021-05-21` - `2021-08-19`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
Frame ID: 08111AB5FC6A606E18D58C526216A571
Requests: 80 HTTP requests in this frame

Frame: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5E869CF23B0F07E1A4965696A87C7558
Requests: 1 HTTP requests in this frame

Frame: https://tcc.demdex.net/dest5.html?d_nsid=0
Frame ID: 04079412899FA49B0BC3924B681AA8F5
Requests: 1 HTTP requests in this frame

Frame: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 57664F1BBB1EBEE00C49DE042244EC04
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0a6-ke3zYUiAUF4_D1SrZKokYTVMMG84fDWs5Va1N7IYPjtL1yLosWd8WOYfyZ4HDWzgIPSEM87Qog7QxRBKhFX0sLt0etxIkCC7ByQ807tOhilaF9cqUNwHEC8-ZrZ7urwyDabjwR6sOOBzWEY3_q-nHuSaGqWW7qJba_iYQAy9kDicmIa7yoI7mfPoIRR1fq4Ny-PMWmlwREgPdTGpr4L2O79BgtX6k_aj0HPbP1oeSw4GS4uqpZmYT3zbHet8ocdttdDu0uGrJclgQWgp5JyRs-lYHn75x5O-QrUryMlmT66wfTHutNlHJKw1wko_LQw&sai=AMfl-YSJd6NIG5c_8mDTa24XtrYCqHnJUFT4JjbP4CvZq93eFW2a3tF1tCiAr5QKFMrb2D0gXLD1vASQNxYxXZUiFWn6Orzpi_0YNlJe8wJyRdNhv1vShejXSyCTGczRQ9G_&sig=Cg0ArKJSzPeZ1W8_-hAvEAE&adurl=
Frame ID: 5380589F5BBB887422170A9E5DBEF145
Requests: 8 HTTP requests in this frame

Frame: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6CC90F265C38AABA9BC161B2F91995D2
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvi-LZoJ1-ep62v-0NyJxuBwYA1HRsV6ezEHvQQwW18deD9RevmuDJ2Aoegepwp5OdLCHgwT6Of48ryI8OEgAh5YQ6u1JfkRzeyrhYr7kBBGcODi9wMg7D32KNnnY7d9vlQNPVsmyNbLRemYBxIJqHVc73Bgn0ITEoIT3C5u-H61mGXCwutJT5L6rlTTwtSOF0i6P8ywqzL4GPCjrmRc87e7R-xI8PfCOd1QKzO7gO76z58St4ZLpYJCsH7ChvhToITEnsfw0dGjOmCtoIvnTVq_nHstP87RsrRNVJLQWv8OTp3F4EFr4ykbgVeEJScQHnxU7m2&sai=AMfl-YS54i6Ho2eWzRy9k8ZRJYLPt54PkSoWHnGFiKWqeD0-ksaXd282g5_kiGFehkP7ZFFGc3xND5S5sO32-BMwAwSt1n5hOn9kFDe9PSZfwkP4vRquOr2N86MsG_I8akXd&sig=Cg0ArKJSzAko-DdvsXJTEAE&adurl=
Frame ID: 2D02DE905F8AE57233F2234A692BF876
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMBc4YBu3om8Ta4DOGJfihGqrzwIA_QBUp1SgD1-El5uSLGjkxyCLr8x5ufkiRo4jdkudscL4a10f8g8WHKaWqLut2u6VJwu63k9KulY2r7_McJm1lpm7j6uhvG0x_HTUa7Rg6AHjvFrpnPHIi0mAX9wSN-cnzcAdR_8oODTX4oXe9WqGf5uZ4KxcN-iDNL6AAxfu3agMP7Qsvs2yjHRtlyr56XnLtx7DS79Cp6fPj2HIJuiVlUN0DyJUqJpJaBwRBTyGzPQkCmuG-PWJmNrQtPU-XjImgdM_PsIYsJS89_rePytd6nZdPDbnN2hWG4jk&sai=AMfl-YTvDfwu4C79z4ITB3xsez4bLvxQQSCXDE_YIFyYQfwuPwGypgAltom39iUOqkpz840ZksLBQ9XdmVwVxmzm5HThPuZ3ZevKr0N2AZSYRLGEMdW6y-GGsCqpbEYqwQlb&sig=Cg0ArKJSzM5DMzYEIrfcEAE&adurl=
Frame ID: 3B4AD22A29E6CF80A4A404D8AF55274A
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUkLrTzgnbvMRthACvNE29sjpC86a09t5Jfk_5eJSeR7AWvYSTNyRn5Gici8Qv9llgmzuL6gg10n28JfIL4vWjY9KqfXUf5yp0xUkxFI00UtiWvd5THSDhRpd_us-P9SZuYbmQTfx0q_pGH426Fv-IK32jasZAjbQFexVuAbU7nJ52NGiMLrlSMf347x7Fd5Gi-c4-f-hF2tEGBEOpiwAbyaCtaLRkU-l_WNvDf-2DvtbNsISF2MTs1Je92aL2FbKJbYB1uKSeAIueMPzq-aIgxYu1V0A0SYLm698yOrtF_IUy1cgtG3c_M54wRH9IUDI&sai=AMfl-YQjBS8EdW9S-P7QPFP8mAkGA1hq414E35_dau_NwzBKr2uEVI6ECLfjyy9h96ghRglabiQetOr3arIo9kkDUZ8-5jIylZO8qeQymq_Do_Q0NzdEvWPbDyzUlYXKke3I&sig=Cg0ArKJSzHVuK6fWiEYcEAE&adurl=
Frame ID: F694A4CEA7A9B3B6D67BB76FDE9A64EE
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3kUmZOjzaM1i9wolPToiNmJnFGcJfNxLKLlNoOkb7pzigO1xHEUQ2Z-ErHwzcA3vLd2NYvhICCM3OlB-uGw0MYdlQZh8dlHktH7E1SJBnu89aLIrA0KRpSsUnOX8ufe4BCYkREtBRFza4A3SE_30iyvtrqlmTCstbg_WS26nesxUp-GrT8wCeZUi1nsFHu2uVNjtlNa0gu2Yap_CUAaa2BvDc_2nPWwHXqek8BSZMxGEaOb7lD3QSFkwShqOmnpYqIzrjue911NFiz29aL9BAeZCXkBxrB0syPLh5ETu7fDxJd6OsciKa_lypXhM5ubU&sai=AMfl-YSi3gwO_aFJV3ps2-2x5Cp6TG9yDVCQyJ73XFqbUCxLJ329m9_EOlamZuR14mL6erPPFMX_5PcqJ6IGBLts3nBmCZVDXUhfmEMEbZt7E-zR29sSiUxGM2Io5UR1MlSg&sig=Cg0ArKJSzGGteBdQlwwCEAE&adurl=
Frame ID: 5136D83127C723D2D457DE4EA1D3141E
Requests: 8 HTTP requests in this frame

Frame: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4CB367DD531D15A818A8C667535C43CF
Requests: 6 HTTP requests in this frame

Frame: https://s1110.visualsteel.com/cgi-bin/ac1.pl?d=wp&c=wp_crn_house_wotc&w=crn.com&n=6280060222&vsTt=cr&r=8295
Frame ID: AF79F4425F4E6B15ACA3DA25B6C37966
Requests: 1 HTTP requests in this frame

Frame: https://s1110.visualsteel.com/ela/ela_crn_checkpoint_fr_v_2107/ad.htm?d
Frame ID: F4AB962F05C0BFF44C04E58B54DC984D
Requests: 4 HTTP requests in this frame

Frame: https://s1110.visualsteel.com/cgi-bin/c1.pl?d=ela&c=ela_crn_checkpoint_fr_v_2107&w=crn.com&n=6280060222&vsTt=cr&r=3819
Frame ID: 109D707B3DBC453F504E25019C127856
Requests: 1 HTTP requests in this frame

Frame: https://s1110.visualsteel.com/cgi-bin/ac1.pl?d=wp&c=wp_crn_house_wotc&w=crn.com&n=6280060222&a=v&vsTt=cr&r=8295
Frame ID: 08B3F6AA2406CD08A991B203C81C1038
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: AD42F73132E2E6081DE9401E51D02BFB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3F2C9914A93B37A50F3C3CD85DB8E1E3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

147
Requests

98 %
HTTPS

53 %
IPv6

24
Domains

32
Subdomains

32
IPs

6
Countries

2351 kB
Transfer

5423 kB
Size

5
Cookies

66 Outgoing links

These are links going to different origins than the main page.

URL: https://custom.crn.com/crn360/3rd-party-maintenance/
Title: 3rd Party Maintenance

Search URL Search Domain Scan URL

URL: https://custom.crn.com/crn360/application-integration/
Title: Application Integration

Search URL Search Domain Scan URL

URL: https://custom.crn.com/crn360/sase-cloud-platform/
Title: Cloud SASE Platform

Search URL Search Domain Scan URL

URL: https://custom.crn.com/crn360/cloud-storage/
Title: Cloud Storage

Search URL Search Domain Scan URL

URL: https://custom.crn.com/crn360/digital-security/
Title: Cyber Protection

Search URL Search Domain Scan URL

URL: https://custom.crn.com/crn360/cyber-risk/
Title: Cyber Risk

Search URL Search Domain Scan URL

URL: https://custom.crn.com/crn360/distribution/
Title: Distribution

Search URL Search Domain Scan URL

URL: https://custom.crn.com/crn360/driving-partner-success
Title: Driving Partner Success

Search URL Search Domain Scan URL

URL: https://custom.crn.com/crn360/industry-trends/
Title: Industry Trends

Search URL Search Domain Scan URL

URL: https://custom.crn.com/crn360/managed-detection-and-response/
Title: Managed Detection and Response

Search URL Search Domain Scan URL

URL: https://custom.crn.com/crn360/managed-infrastructure/
Title: Managed Infrastructure

Search URL Search Domain Scan URL

URL: https://custom.crn.com/crn360/modern-distributed-workforce/
Title: Modern Distributed Workforce

Search URL Search Domain Scan URL

URL: https://custom.crn.com/crn360/msp-automation-solutions/
Title: MSP Automation Solutions

Search URL Search Domain Scan URL

URL: https://custom.crn.com/crn360/sase/
Title: SASE & SD-WAN

Search URL Search Domain Scan URL

URL: https://custom.crn.com/crn360/secure-file-sharing/
Title: Secure File Sharing

Search URL Search Domain Scan URL

URL: https://custom.crn.com/crn360/security-auditing/
Title: Security Auditing

Search URL Search Domain Scan URL

URL: https://closeup.crn.com/broadcom-software/
Title: Broadcom Software

Search URL Search Domain Scan URL

URL: https://closeup.crn.com/epos-audio/
Title: EPOS

Search URL Search Domain Scan URL

URL: https://closeup.crn.com/fortinet/
Title: Fortinet

Search URL Search Domain Scan URL

URL: https://closeup.crn.com/hitachi-vantara/
Title: Hitachi Vantara

Search URL Search Domain Scan URL

URL: https://closeup.crn.com/mitel/
Title: Mitel

Search URL Search Domain Scan URL

URL: https://closeup.crn.com/veeam/
Title: Veeam

Search URL Search Domain Scan URL

URL: https://closeup.crn.com/vmware/
Title: VMware

Search URL Search Domain Scan URL

URL: https://closeup.crn.com/vonage/
Title: Vonage

Search URL Search Domain Scan URL

URL: https://closeup.crn.com/wasabi/
Title: Wasabi

Search URL Search Domain Scan URL

URL: https://custom.crn.com/blackberry-cylance-learning-center/
Title: BlackBerry Learning Center

Search URL Search Domain Scan URL

URL: https://www.crnshowcases.com/channelchiefs/
Title: Channel Chief Showcase

Search URL Search Domain Scan URL

URL: https://custom.crn.com/comcast-business-learning-center/
Title: Comcast Business Learning Center

Search URL Search Domain Scan URL

URL: https://www.crnshowcases.com/showcase/
Title: CRN Showcase

Search URL Search Domain Scan URL

URL: https://custom.crn.com/apc-learning-center/
Title: Digital Services for Edge Learning Center

Search URL Search Domain Scan URL

URL: https://custom.crn.com/vertiv-edge-computing-learning-center/
Title: Edge Computing Learning Center

Search URL Search Domain Scan URL

URL: https://www.crnshowcases.com/ppg/
Title: Partner Program Guide Showcase

Search URL Search Domain Scan URL

URL: https://custom.crn.com/sophos-cyber-threat-learning-center/
Title: Sophos Cybersecurity Learning Center

Search URL Search Domain Scan URL

URL: https://custom.crn.com/trend-micro/
Title: Trend Micro Learning Center

Search URL Search Domain Scan URL

URL: https://custom.crn.com/webroot-learning-center/
Title: Webroot Learning Center

Search URL Search Domain Scan URL

URL: https://www.crnshowcases.com/wotc/
Title: Women of the Channel Showcase

Search URL Search Domain Scan URL

URL: https://crntv.crn.com/
Title: CRNtv

Search URL Search Domain Scan URL

URL: https://www.thechannelco.com/events
Title: Events

Search URL Search Domain Scan URL

URL: https://wotc.crn.com/
Title: WOTC

Search URL Search Domain Scan URL

URL: http://www.hpezone.com/
Title: HPE Zone

Search URL Search Domain Scan URL

URL: https://www.businesscontinuitycenter.com/
Title: The Business Continuity Center

Search URL Search Domain Scan URL

URL: https://www.enterprisetechprovider.com/
Title: Enterprise Tech Provider

Search URL Search Domain Scan URL

URL: https://hitachi.crndigitalnewsroom.com/
Title: Hitachi Vantara Digital Newsroom

Search URL Search Domain Scan URL

URL: https://ibm.crndigitalnewsroom.com/
Title: IBM Newsroom

Search URL Search Domain Scan URL

URL: https://juniper.crndigitalnewsroom.com/
Title: Juniper Newsroom

Search URL Search Domain Scan URL

URL: http://www.gochannelfirst.com/
Title: Lenovo GoChannelFirst

Search URL Search Domain Scan URL

URL: https://www.theiotintegrator.com/
Title: The IoT Integrator

Search URL Search Domain Scan URL

URL: http://www.thedatafabriccenter.com/
Title: NetApp Data Fabric

Search URL Search Domain Scan URL

URL: https://www.techproviderzone.com/
Title: Intel Tech Provider Zone

Search URL Search Domain Scan URL

URL: https://pages.thechannelco.com/Subscribe-CRN-Newsletters.html?itc=crn_article

Search URL Search Domain Scan URL

URL: https://i.crn.com/sites/default/files/ckfinderimages/userfiles/images/crn/CRN360/iboss%20Awards%20one%20pager%20%28002%29.pdf
Title: iboss Awards

Search URL Search Domain Scan URL

URL: http://i.crn.com/sites/default/files/ckfinderimages/userfiles/images/crn/custom/2021/Mitel_CloseUp_Asset1_DISCOVER%20MITEL%20SOLUTIONS%20FOR%20THE%20FUTURE%20OF%20COMMUNICATIONS.pdf
Title: DISCOVER MITEL: SOLUTIONS FOR THE FUTURE OF COMMUNICATIONS

Search URL Search Domain Scan URL

URL: https://www.area1security.com/become-a-partner/
Title: Partner with Area 1 Security

Search URL Search Domain Scan URL

URL: http://i.crn.com/sites/default/files/ckfinderimages/userfiles/images/crn/custom/2021/Cato_Networks_Q1_21_CS_MPLS-SD-WAN-Internet-and-SASE.pdf
Title: Understanding The Trade-offs for Your New WAN

Search URL Search Domain Scan URL

URL: https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/partners/vmw-Article_HowPartnershipwithVMwareAcceleratesCloudandAppsBusiness.pdf
Title: How Partnership with VMware Accelerates Your Multi-Cloud and Modern Apps Outcomes

Search URL Search Domain Scan URL

URL: https://crnmediakit.thechannelco.com/
Title: Media Kit

Search URL Search Domain Scan URL

URL: https://www.thechannelco.com/company/contact/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://crnlicensing.com/
Title: Awards & Plaques

Search URL Search Domain Scan URL

URL: https://www.thechannelco.com/

Search URL Search Domain Scan URL

URL: https://www.thechannelco.com/company/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.thechannelco.com/company/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.thechannelco.com/company/terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CRNmag

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/showcase/crn-media/

Search URL Search Domain Scan URL

URL: https://twitter.com/crn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCurcT7T1Eyz9VO6ntt-uZLw

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://cm.everesttech.net/cm/dd?d_uuid=11714915289066570970672614059007127654 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YQlmgwAAADhruAQS

147 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm Show response
www.crn.com/news/security/ 48 KB
14 KB 133ms
53ms Document
text/html 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

9d9470296274f005a8be2018f3abb1213f837ee31acf07eef117161557db4ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.crn.com
:scheme: https
:path: /news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html;charset=UTF-8
date: Tue, 03 Aug 2021 15:43:54 GMT
server: nginx
last-modified: Mon, 02 Aug 2021 23:42:51 CEST
cache-control: max-age=900
x-expired-content-served: false
cloudfront-viewer-country: FR
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: PCb0xD8-zUHZqidjp5_rIwUJ_XniBF075RGvAWLWNhtk7kEkTSJTkA==
age: 584

GET
H2 200 reset.css
www.crn.com/assets/themes/crn/css/ 1 KB
1 KB 49ms
48ms Stylesheet
text/css 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crn.com/assets/themes/crn/css/reset.css

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

e379fbca626327f85d69a698a26f379d6474878dd8f86ac6af498fe9aea78da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/crn/css/reset.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
x-cache: Hit from cloudfront
cloudfront-viewer-country: FR
x-xss-protection: 1; mode=block
last-modified: Wed, 12 Sep 2018 19:40:50 MEST
server: nginx
x-frame-options: SAMEORIGIN
date: Tue, 03 Aug 2021 15:53:38 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
cache-control: max-age=1200
etag: W/"1108-1536774050000"
x-amz-cf-id: g3BDDJmu5qTwlPXg9IgFe8RQMTOHtdUC5WDnwDOBmVmCr5mTfjKXGw==

GET
H2 200 jquery-eu-cookie-law-popup.css
www.crn.com/assets/themes/crn/css/ 2 KB
1 KB 50ms
49ms Stylesheet
text/css 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crn.com/assets/themes/crn/css/jquery-eu-cookie-law-popup.css

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

2581ed2d4bc43877fbd2f16ea5da6db6a3e798f40f79facf61d93d9ced68fb19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/crn/css/jquery-eu-cookie-law-popup.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
x-cache: Hit from cloudfront
cloudfront-viewer-country: FR
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Aug 2018 08:42:27 HST
server: nginx
x-frame-options: SAMEORIGIN
date: Tue, 03 Aug 2021 15:53:38 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
cache-control: max-age=1200
etag: W/"1951-1533580947000"
x-amz-cf-id: pt2MKpA7SJ8b27qytCqY2S6ingdQQGzpK-mAOQIkxqw7aKUPiN-7fA==

GET
H2 200 style.css
www.crn.com/assets/themes/crn/css/ 70 KB
15 KB 49ms
49ms Stylesheet
text/css 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crn.com/assets/themes/crn/css/style.css

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

1ad141785c477237e681e95c045ccfaa3d76ae20687a699c36ee992ab3aa006f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/crn/css/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
x-cache: Hit from cloudfront
cloudfront-viewer-country: FR
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Jul 2021 09:35:15 HST
server: nginx
x-frame-options: SAMEORIGIN
date: Tue, 03 Aug 2021 15:53:38 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
cache-control: max-age=1199
etag: W/"71472-1626464115000"
x-amz-cf-id: 4rlchJhOtZa6wbpxUOoEinRkjTv9xK2GLHf-GbudVmUG0VDdpS6W_w==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 15:47:59 GMT

GET
H2 200 jquery-eu-cookie-law-popup.js Show response
www.crn.com/assets/themes/crn/js/ 9 KB
3 KB 320ms
319ms Script
application/javascript 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crn.com/assets/themes/crn/js/jquery-eu-cookie-law-popup.js

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

e9fa7f00cb2f43c5b2cde8a762c10e52dea6f115a92c331467c3def2347e19cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/crn/js/jquery-eu-cookie-law-popup.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
cloudfront-viewer-country: FR
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Aug 2018 08:59:52 HST
server: nginx
x-frame-options: SAMEORIGIN
date: Tue, 03 Aug 2021 15:53:38 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
cache-control: max-age=1200
etag: W/"8732-1533581992000"
x-amz-cf-id: xA6_aINXLWOLORAh4JEfqdfxYVJ_sD5XsKJa_KJ5r-ApQB0pfyVGeg==

GET
H2 200 nav-scroll.js Show response
www.crn.com/assets/themes/crn/js/ 2 KB
1 KB 320ms
320ms Script
application/javascript 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crn.com/assets/themes/crn/js/nav-scroll.js

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

c5973731ca766220165c6fd89043f692ee231950e68d4c175f0e09bb3712c5c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/crn/js/nav-scroll.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
cloudfront-viewer-country: FR
x-xss-protection: 1; mode=block
last-modified: Tue, 18 Sep 2018 22:35:10 CEST
server: nginx
x-frame-options: SAMEORIGIN
date: Tue, 03 Aug 2021 15:53:38 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
cache-control: max-age=1200
etag: W/"2112-1537302910000"
x-amz-cf-id: sPbnsXx996FA_4jYEEgmqm5yDTiyPuE_Fpm_k1mp1y7cDzdJN1cFOQ==

GET
H2 200 scripts.js Show response
www.crn.com/assets/themes/crn/js/ 6 KB
2 KB 142ms
141ms Script
application/javascript 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crn.com/assets/themes/crn/js/scripts.js

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

6cb57f40d6eefdd3afca4f169659c38e0530854891fbc159d751319e43e4cf14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/crn/js/scripts.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: FR
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 22 May 2021 16:29:10 MEST
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"6347-1621693750000"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript; charset=utf-8
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
cache-control: max-age=1200
x-amz-cf-id: TLoAVpMRYv-OIVcfzXHoJ_ejoZs0Ygn8paGtiref5r72mHaC0zfzQw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
41 KB 19ms
14ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-22149056-1

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

078c681d2298d2948df085feac93ba4f15ab3e9085b5b7acdc5eddf33ce28ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:38 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41646
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:53:38 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 70 KB
24 KB 19ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41184af56782217691e15b72f5672b6c7a6f45af7da021005759d8ff37a47719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "947 / 584 of 1000 / last-modified: 1627988914"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24729
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:53:38 GMT

GET
H2 200 advertisementCode-19.js Show response
www.crn.com/assets/themes/crn/js/tcc_util/ 5 KB
2 KB 321ms
320ms Script
application/javascript 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crn.com/assets/themes/crn/js/tcc_util/advertisementCode-19.js

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

d8eeddef679baedd0e1a223c594d0db4ef47785abacd46c7e1128d3782795624

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/crn/js/tcc_util/advertisementCode-19.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
cloudfront-viewer-country: FR
x-xss-protection: 1; mode=block
last-modified: Tue, 08 Jun 2021 20:44:11 YEKT
server: nginx
x-frame-options: SAMEORIGIN
date: Tue, 03 Aug 2021 15:53:38 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
cache-control: max-age=1200
etag: W/"5203-1623167051000"
x-amz-cf-id: 7w_8ABfbnjDYvfFb9UHQkGaIZX61G17PYkyV1dzVLbxSLqAdpi6llQ==

GET
H2 200 marketo-munchkin.js Show response
www.crn.com/assets/themes/crn/js/ 620 B
1 KB 56ms
55ms Script
application/javascript 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crn.com/assets/themes/crn/js/marketo-munchkin.js

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

facccbabfed74a7ef921bc94ff28f7d06f936adf42639fe8f103034b5e3797f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/crn/js/marketo-munchkin.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 617
x-cache: Hit from cloudfront
cloudfront-viewer-country: FR
content-length: 620
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Nov 2018 16:07:08 CET
server: nginx
date: Tue, 03 Aug 2021 15:43:21 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
etag: W/"620-1541603228000"
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: zhdmCTmaF1W61z8NIhvDXtG8OjRLC52Scar2qYkXrVlp4XfiEsVMbw==

GET
H2 200 launch-826786cb6e10.min.js Show response
assets.adobedtm.com/9cfdfb0dd4d0/2d8aa33fcffa/ 104 KB
33 KB 32ms
8ms Script
application/x-javascript 2a02:26f0:4700:1a3::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9cfdfb0dd4d0/2d8aa33fcffa/launch-826786cb6e10.min.js
Requested by: Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:4700:1a3::1e80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 57fc9bc6f3780bd3a08e6d3af349d932a3c268c26641af980b1fa6f8571dc8dd

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:38 GMT
content-encoding: gzip
last-modified: Fri, 04 Dec 2020 18:34:03 GMT
server: AkamaiNetStorage
etag: "96379fec4c03883b01a60e117520e2c5:1607106843.316337"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crn.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 33522
expires: Tue, 03 Aug 2021 16:53:38 GMT

GET
H2 200 search.svg
www.crn.com/assets/themes/crn/img/ 593 B
1 KB 49ms
45ms Image
image/svg+xml 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crn.com/assets/themes/crn/img/search.svg

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

672f7df2a6027dc68f396b5b498a6f25f47724f8983de8e0b0bd765ffda444c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/crn/img/search.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 38317
x-cache: Hit from cloudfront
cloudfront-viewer-country: FR
content-length: 593
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Aug 2018 19:00:09 EEST
server: nginx
date: Tue, 03 Aug 2021 05:15:01 GMT
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=86400
etag: W/"593-1533225609000"
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: Fi0A0jQNqnoeflWAr6q9m66kj9POhLxpyzHAz_yw-ZCDIj7uxLaoXA==

GET
H2 200 caret-down.svg
www.crn.com/assets/themes/crn/img/ 349 B
837 B 43ms
39ms Image
image/svg+xml 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crn.com/assets/themes/crn/img/caret-down.svg

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

3da2a4ca0bc1634030da03f4f15cbaee51196cffa26b2600aaf9b0f1b4203566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/crn/img/caret-down.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 31323
x-cache: Hit from cloudfront
cloudfront-viewer-country: FR
content-length: 349
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Aug 2018 23:35:39 YEKT
server: nginx
date: Tue, 03 Aug 2021 07:11:35 GMT
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=86400
etag: W/"349-1533234939000"
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: KBbF_unszeldMjVkZxUxnghn31BSqZhbMVh61Y31hPHyDcjpAV83PQ==

GET
H2 200 menu.svg
www.crn.com/assets/themes/crn/img/ 561 B
1 KB 44ms
40ms Image
image/svg+xml 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crn.com/assets/themes/crn/img/menu.svg

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

aaf10881651efc98ffad0338f7c7c5f3a3a2e97ae9616cfb2c086125b23491b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/crn/img/menu.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 31323
x-cache: Hit from cloudfront
cloudfront-viewer-country: FR
content-length: 561
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Aug 2018 05:58:21 HST
server: nginx
date: Tue, 03 Aug 2021 07:11:35 GMT
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=86400
etag: W/"561-1533225501000"
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: T6tEO0PkQOBKuEsw9dZHHe6ih-_SvEF7-1fQm382d1JNuYdMWjpDoQ==

GET
H2 200 CRN_stacked_whiteTCC-Red-bars-RGB_V2.svg
www.crn.com/assets/themes/crn/img/ 5 KB
2 KB 45ms
41ms Image
image/svg+xml 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crn.com/assets/themes/crn/img/CRN_stacked_whiteTCC-Red-bars-RGB_V2.svg

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

d7b794d8a4cf1ba64491c6fc86920964e2493f5e6bb7e0b6e8d7edc649e62635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/crn/img/CRN_stacked_whiteTCC-Red-bars-RGB_V2.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 05:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37713
x-cache: Hit from cloudfront
cloudfront-viewer-country: FR
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Oct 2020 10:49:41 HST
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"4657-1603918181000"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: lHc6l8bjGhl72IXsiWoBPmzIxRPQJ9dz15RcPEyjVEcJxmcT5fk71A==

GET
H2 200 CRN_positive_ED1C24.svg
www.crn.com/assets/themes/crn/img/ 1 KB
1 KB 48ms
44ms Image
image/svg+xml 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crn.com/assets/themes/crn/img/CRN_positive_ED1C24.svg

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

8c92751f271c65053ae42db9be4ce811243ef834b45d1ca8be82342272f5a3fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/crn/img/CRN_positive_ED1C24.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 38317
x-cache: Hit from cloudfront
cloudfront-viewer-country: FR
x-xss-protection: 1; mode=block
last-modified: Tue, 18 May 2021 06:34:08 HST
server: nginx
x-frame-options: SAMEORIGIN
date: Tue, 03 Aug 2021 05:15:01 GMT
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
cache-control: max-age=86400
etag: W/"1311-1621355648000"
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: LaDw1zMXBkYbS2nVtDIEGTtBWXgDKKOOUbz--MY0LccbYLNZEAUpnw==

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 47ms
12ms Script
application/x-javascript 2600:9000:2190:9400:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9400:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8491e6705bdb33a52dce45f3e5299aab11aa555537f6a6e869e4a0bd9af3d7be

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 17:48:51 GMT
content-encoding: gzip
last-modified: Thu, 08 Jul 2021 15:47:37 GMT
server: nginx
age: 79486
etag: W/"60e71e19-5a0d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: H39U4QvxH1Ngs_uf8A7CXIPeUAQ_p8YveX16aL3lAMBN20S21iJPYg==
expires: Tue, 03 Aug 2021 17:48:51 GMT

GET
H2 200 cybersecurity-data-lock-blue.jpg
www.crn.com/resources/026c-12e7dac3f096-4b145d921fe0-1000/ 216 KB
217 KB 57ms
54ms Image
image/jpeg 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crn.com/resources/026c-12e7dac3f096-4b145d921fe0-1000/cybersecurity-data-lock-blue.jpg

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

a0069b0962e1eceff85f9fec2a959502115339acd842081d2b5e5b739c174350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /resources/026c-12e7dac3f096-4b145d921fe0-1000/cybersecurity-data-lock-blue.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 21:47:23 GMT
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 65175
x-cache: Hit from cloudfront
cloudfront-viewer-country: FR
content-length: 221174
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Aug 2021 21:42:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: Cobalt-1970185069
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: GtPttwLJuykhRqC6Z9GQQBEo6kgGei2mcc_MjGmUbzcfT0EhwZ5Tlg==

GET
H2 200 TCC_PDS_CRN_Newsletter_Permanent_Banner-2_320x50.jpg
www.crn.com/assets/themes/crn/img/ 35 KB
36 KB 145ms
142ms Image
image/jpeg 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crn.com/assets/themes/crn/img/TCC_PDS_CRN_Newsletter_Permanent_Banner-2_320x50.jpg

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

92555c375e8211e9f71f8014acbaa1006e789f00dc0add9c83e0fd328af74e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/crn/img/TCC_PDS_CRN_Newsletter_Permanent_Banner-2_320x50.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:39 GMT
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: FR
content-length: 36141
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Jan 2021 09:24:21 YEKT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"36141-1611894261000"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: RUn-_0dIcA8Ba46uGkqghZk71KYyNrKQoB0WUp5Tt8ZDWEbYM_CifQ==

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/1596741612/41ovmUfTl_default/ 847 KB
224 KB 191ms
108ms Script
application/javascript 104.108.145.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/1596741612/41ovmUfTl_default/index.min.js
Requested by: Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.56 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-56.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1aa6c69ef2e5ca3a58f5f59904304940cd42b913ac5e79d58664d298c4053c94

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: FApm_7oGYQwms4LinO7L4MDbzJEUcjjn
Content-Encoding: gzip
ETag: "ff3f63244d5854733dd3b9736e915e36"
x-amz-request-id: DWCXD3Y02KQVMKEJ
x-amz-replication-status: PENDING
Connection: keep-alive
Content-Length: 229027
x-amz-id-2: OquToGu8GKbjsXNyWRQpkyPWGrTEPKIzT7KQ0c1C+LT82tyd+M1ZZed2W+48otmO7vj1CULZ0/I=
X-BCOV-Response-Mode: 1
X-Served-By: cache-ams21066-AMS
Last-Modified: Thu, 15 Jul 2021 17:31:05 GMT
Server: AmazonS3
X-Timer: S1626370447.063787,VS0,VE1
Date: Tue, 03 Aug 2021 15:53:39 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=155
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 2019_CRN_logo.png
www.crn.com/assets/themes/crn/img/footer/ 4 KB
5 KB 49ms
46ms Image
image/png 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crn.com/assets/themes/crn/img/footer/2019_CRN_logo.png

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

1905f261db32de8b588bf0c23cc9a71a9335284bd85e8d2c90015d0f547ca680

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/crn/img/footer/2019_CRN_logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 38317
x-cache: Hit from cloudfront
cloudfront-viewer-country: FR
content-length: 4598
x-xss-protection: 1; mode=block
last-modified: Tue, 18 May 2021 22:48:38 MEST
server: nginx
date: Tue, 03 Aug 2021 05:15:01 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=86400
etag: W/"4598-1621370918000"
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: QF3hu28XShnh0rR7T1cSeIdn_WcK-iwCwfA5Zzpokhq7xa_g4v_Rqw==

GET
H2 200 thechannelco_logo-white-and-red.png
www.crn.com/assets/themes/crn/img/footer/ 7 KB
8 KB 47ms
44ms Image
image/png 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crn.com/assets/themes/crn/img/footer/thechannelco_logo-white-and-red.png

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

6af7d60664b543d410f6840e487ca8c1afc8651ca04a2fe9d4adda046fdd244a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/crn/img/footer/thechannelco_logo-white-and-red.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 19:22:46 GMT
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 73852
x-cache: Hit from cloudfront
cloudfront-viewer-country: FR
content-length: 7450
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Jan 2021 04:56:19 MET
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"7450-1611892579000"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/png
cache-control: max-age=86400
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: 6KEw8XgEY_G4JWk9irgA8si_mvRmcsNygHv3Way-pH3X2YQstZP3NA==

GET
H2 200 logo-facebook.svg
www.crn.com/assets/themes/crn/img/footer/ 10 KB
8 KB 53ms
50ms Image
image/svg+xml 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crn.com/assets/themes/crn/img/footer/logo-facebook.svg

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

2a608d0fe3624337b9a36240c2b78dd436ec3a02f862aa198f272fa61cc0a86c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/crn/img/footer/logo-facebook.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 31323
x-cache: Hit from cloudfront
cloudfront-viewer-country: FR
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Jan 2021 12:56:19 JST
server: nginx
x-frame-options: SAMEORIGIN
date: Tue, 03 Aug 2021 07:11:35 GMT
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
cache-control: max-age=86400
etag: W/"10550-1611892579000"
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: VJEh9nMZVICXTFrqBlNNEuGQjPBGXtbypu6yNV4m8MCCiM8pXl7w5A==

GET
H2 200 logo-linkedin.svg
www.crn.com/assets/themes/crn/img/footer/ 1014 B
1 KB 102ms
99ms Image
image/svg+xml 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crn.com/assets/themes/crn/img/footer/logo-linkedin.svg

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

c742004a6975216e2c3b5e96654f2884dadee579c36e5c8c159ed1ab1009edd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/crn/img/footer/logo-linkedin.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 18:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76525
x-cache: Hit from cloudfront
cloudfront-viewer-country: FR
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 24 May 2021 21:15:08 MEST
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1014-1621883708000"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: Bci__Ikx95iNScZtf8BCrF_sYoGYA-LeK1aAEGU2Luno3U1IovwNjw==

GET
H2 200 logo-twitter.svg
www.crn.com/assets/themes/crn/img/footer/ 16 KB
12 KB 102ms
100ms Image
image/svg+xml 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crn.com/assets/themes/crn/img/footer/logo-twitter.svg

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

e0c66f9dd3a0f99e0bfbc6998cf5ff7b8109443f689716c97956e0ce3c7f57fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/crn/img/footer/logo-twitter.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 01:27:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51957
x-cache: Hit from cloudfront
cloudfront-viewer-country: FR
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 28 Jan 2021 17:56:19 HST
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"16126-1611892579000"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: At34IcL7R-NeHHng8FRIeaUz5Gsp9OLBPOa0_M5OAXmhT1hmKR3Jcw==

GET
H2 200 logo-youtube.svg
www.crn.com/assets/themes/crn/img/footer/ 13 KB
10 KB 102ms
100ms Image
image/svg+xml 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crn.com/assets/themes/crn/img/footer/logo-youtube.svg

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

3724401ad90575f9ad67c249fb8e3007a1678c064e659a8239896adfc2cd9a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/crn/img/footer/logo-youtube.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 31323
x-cache: Hit from cloudfront
cloudfront-viewer-country: FR
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Jan 2021 12:56:19 JST
server: nginx
x-frame-options: SAMEORIGIN
date: Tue, 03 Aug 2021 07:11:35 GMT
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
cache-control: max-age=86400
etag: W/"13074-1611892579000"
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: CewIuq9VY7d2iGLGlgT2JRDaIV4pGnoocr5IbFlGMdKSKRTB88L_Eg==

GET
H2 200 arrow-up.svg
www.crn.com/assets/themes/crn/img/ 482 B
970 B 102ms
100ms Image
image/svg+xml 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crn.com/assets/themes/crn/img/arrow-up.svg

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

8e24de42e507002eb76b13fb40bf0bc6d7d1291ecf2c4a418a73c4fa008cf031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/crn/img/arrow-up.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.crn.com
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 04:13:51 GMT
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 41987
x-cache: Hit from cloudfront
cloudfront-viewer-country: FR
content-length: 482
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Aug 2018 20:35:39 CEST
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"482-1533234939000"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
cache-control: max-age=86400
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: 9Dpu77CbICEQsuWHgK2c3jaxP4nfV2hBneTHL-OMYSDmwKrD9756aw==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 118ms
42ms Script
application/javascript 23.59.68.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.59.68.114 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-59-68-114.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
date: Tue, 03 Aug 2021 15:53:39 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 104ms
41ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.crn.com
URL: https://www.crn.com/assets/themes/crn/js/marketo-munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:53:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 May 2021 01:40:41 GMT
Server: AkamaiNetStorage
ETag: "5379c4a40ff8ae9d2fc6484dd1c57349:1622166041.794746"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H2 200 pubads_impl_2021072901.js Show response
securepubads.g.doubleclick.net/gpt/ 325 KB
114 KB 107ms
40ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Jul 2021 08:44:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116135
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:53:39 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 80 B
739 B 110ms
44ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.crn.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

fed875a7c2182ee95c45abc4496292d4e985ee2c294b7cb2535f83adfd8abd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:53:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:53:39 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 362 B
1 KB 191ms
50ms XHR
application/json 52.31.176.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=67A002BE5332084C0A490D4C%40AdobeOrg&d_nsid=0&ts=1628006019030

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9cfdfb0dd4d0/2d8aa33fcffa/launch-826786cb6e10.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.176.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c0e5684991a5e63d0bf8c00121357df01943661407932b692be65d49d4d9896e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v012-08328c47a.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: kB7r8XGbQ2U=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.crn.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 304
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:4700:1a3::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9cfdfb0dd4d0/2d8aa33fcffa/launch-826786cb6e10.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:4700:1a3::1e80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:39 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crn.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Tue, 03 Aug 2021 16:53:39 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:4700:1a3::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9cfdfb0dd4d0/2d8aa33fcffa/launch-826786cb6e10.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:4700:1a3::1e80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:39 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.crn.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Tue, 03 Aug 2021 16:53:39 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 127 KB
50 KB 25ms
23ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0KGE261KC1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-22149056-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21588b8cbe1a78f1e5721afb069280fd19465300e24c8c9db28e73383f932347

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:39 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51175
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:53:39 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 235 B
529 B 21ms
6ms XHR
application/json 2a04:4e42:3::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=crn.com&domain=crn.com&path=%2Fnews%2Fsecurity%2Fmicrosoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5b0981e9c9fdb989b7af9f4e0aba3d337103b58358a1871bc6c8cc700fc43753

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:39 GMT
content-encoding: gzip
x-cache-hits: 1
age: 1204
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 176
x-served-by: cache-fra19170-FRA
access-control-allow-origin: *
x-timer: S1628006019.071086,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sun, 01 Aug 2021 15:33:35 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/160/ 11 KB
5 KB 37ms
36ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/160/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:53:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Feb 2021 02:54:38 GMT
Server: AkamaiNetStorage
ETag: "19a9335fd71267d56e65bc19390f3100:1613703278.138281"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4811
Expires: Thu, 11 Nov 2021 15:53:39 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
69 B 13ms
13ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-0KGE261KC1&gtm=2oe820&_p=1357721811&sr=1600x1200&ul=en-us&cid=607510855.1628006019&_s=1&dl=https%3A%2F%2Fwww.crn.com%2Fnews%2Fsecurity%2Fmicrosoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm&dt=Microsoft%20Web%20Servers%20Targeted%20By%20Hacker%20%E2%80%98Praying%20Mantis%E2%80%99%3A%20Cybersecurity%20Firm&sid=1628006019&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0KGE261KC1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:53:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.crn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-22149056-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 2398
date: Tue, 03 Aug 2021 15:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Tue, 03 Aug 2021 17:13:41 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1357721811&t=pageview&_s=1&dl=https%3A%2F%2Fwww.crn.com%2Fnews%2Fsecurity%2Fmicrosoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm&ul=en-us&de=UTF-8&dt=Microsoft%20Web%20Servers%20Targeted%20By%20Hacker%20%E2%80%98Praying%20Mantis%E2%80%99%3A%20Cybersecurity%20Firm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDAAUABAAAAAC~&jid=694965479&gjid=1164405452&cid=607510855.1628006019&tid=UA-22149056-1&_gid=11604967.1628006019&_r=1&gtm=2ou820&z=1812975892

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:53:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.crn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=1357721811&t=event&_s=2&dl=https%3A%2F%2Fwww.crn.com%2Fnews%2Fsecurity%2Fmicrosoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm&ul=en-us&de=UTF-8&dt=Microsoft%20Web%20Servers%20Targeted%20By%20Hacker%20%E2%80%98Praying%20Mantis%E2%80%99%3A%20Cybersecurity%20Firm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=set-dimensions&_u=4CDAAUABAAAAAC~&jid=&gjid=&cid=607510855.1628006019&tid=UA-22149056-1&_gid=11604967.1628006019&gtm=2ou820&cd7=0&z=1720918098

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 22:08:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63939
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
82 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-22149056-1&cid=607510855.1628006019&jid=694965479&gjid=1164405452&_gid=11604967.1628006019&_u=4CDAAUAAAAAAAC~&z=1302867011

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 03 Aug 2021 15:53:39 GMT
content-type: text/plain
access-control-allow-origin: https://www.crn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.crn.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:53:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.crn.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:53:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 229 KB
32 KB 229ms
191ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4327623807930060&correlator=3907230595598661&output=ldjh&impl=fifs&eid=21068030%2C31061329%2C20211866&vrg=2021072901&ptt=17&sc=1&sfv=1-0-38&ecs=20210803&iu_parts=21804213519%2Ccrn.com%2Csecurity%2Ctop%2Cribbon%2Ccurtain%2Chalfpage%2Cimu1%2Cimu2%2Cimu3%2Csponsoredposttextlink%2CSponsoredPostArticle%2CSponsoredPostHome%2Csponsoredpostslideshow%2Csponsoredpostnews&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F7%2C%2F0%2F1%2F2%2F8%2C%2F0%2F1%2F2%2F9%2C%2F0%2F1%2F2%2F10%2C%2F0%2F1%2F2%2F11%2C%2F0%2F1%2F2%2F12%2C%2F0%2F1%2F2%2F13%2C%2F0%2F1%2F2%2F14&prev_iu_szs=728x90%2C982x100%2C160x600%2C300x600%2C336x280%2C336x280%2C336x280%2C500x75%2C320x50%2C320x50%2C320x50%2C320x50&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2Cheight%2Cheight%2Cheight&cust_params=URL%3Dnewssecuritymicrosoftwebserverstar&cookie_enabled=1&bc=31&abxe=1&lmt=1628006019&dt=1628006019221&dlt=1628006018629&idt=566&frm=20&biw=1600&bih=1200&oid=3&adxs=446%2C-9%2C-9%2C973%2C973%2C-9%2C-9%2C-9%2C336%2C-9%2C-9%2C-9&adys=71%2C-9%2C-9%2C316%2C887%2C-9%2C-9%2C-9%2C3008%2C-9%2C-9%2C-9&adks=1321448471%2C2427012163%2C1718008798%2C3967207634%2C3149164333%2C2958224333%2C3302017149%2C3944733919%2C904026528%2C1083612878%2C3285247134%2C1791285040&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.crn.com%2Fnews%2Fsecurity%2Fmicrosoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm&vis=1&dmc=8&scr_x=0&scr_y=0&psz=748x120%7C0x-1%7C0x-1%7C300x0%7C300x31%7C0x-1%7C0x-1%7C0x-1%7C597x0%7C0x-1%7C0x-1%7C0x-1&msz=728x0%7C0x-1%7C0x-1%7C300x0%7C300x0%7C0x-1%7C0x-1%7C0x-1%7C597x0%7C0x-1%7C0x-1%7C0x-1&ga_vid=607510855.1628006019&ga_sid=1628006019&ga_hid=1357721811&ga_fc=false&fws=0%2C2%2C2%2C0%2C0%2C2%2C2%2C2%2C0%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C-1%7C-1%7C0%7C0%7C-1%7C-1%7C-1%7C1%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a5fe2416b2094f6f22db21d371007b680bf6b220d9e9c929e611e55ba62a6b2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33190
x-xss-protection: 0
google-lineitem-id: 5737999575,5746882444,5559099113,5614235273,5742878803,5635783132,5742878803,5395305022,5596735430,-2,5596735430,5332823685
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138357244418,138357633103,138342862717,138353726528,138356543130,138341948372,138356543067,138316398993,138351559110,-2,138337962046,138307355866
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.crn.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5E86 6 KB
3 KB 49ms
13ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.crn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.crn.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 03 Aug 2021 15:53:39 GMT
expires: Wed, 03 Aug 2022 15:53:39 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 vtt.global.min.js Show response
vjs.zencdn.net/vttjs/0.12.5/ 20 KB
7 KB 22ms
6ms Script
application/javascript 2a04:4e42:3::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/1596741612/41ovmUfTl_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:39 GMT
content-encoding: gzip
last-modified: Thu, 31 Aug 2017 21:04:55 GMT
etag: "f30dac97e5c2aaa10a7695b93cc66699"
x-served-by: cache-fra19145-FRA
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 7231
x-cache-hits: 132920

OPTIONS
H/1.1 200
Unknown Error 1701477211039538517
edge.api.brightcove.com/playback/v1/accounts/1596741612/playlists/ Frame 0
0 104ms
33ms Preflight 143.204.93.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/1596741612/playlists/1701477211039538517?limit=100
Protocol: HTTP/1.1
Server: 143.204.93.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-17.fra50.r.cloudfront.net
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: accept
Origin: https://www.crn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Length: 0
Connection: keep-alive
Server: Varnish
Retry-After: 0
access-control-max-age: 86400
Accept-Ranges: bytes
Date: Tue, 03 Aug 2021 15:53:39 GMT
Via: 1.1 varnish, 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
X-Served-By: cache-hhn4041-HHN
X-Cache-Hits: 0
X-Timer: S1628006019.446020,VS0,VE0
BCOV-Debug-Cache-Stats: unknown
BCOV-instance: unknown
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Access-Control-Allow-Headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Cache-Control: max-age=0, no-cache, no-store
X-Cache: Miss from cloudfront
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 82ymZlFiNlbuZwhuhnkiIuveEGJdepfBb74FxJwnVjukgr-8w7V9SQ==

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin: https://www.crn.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H/1.1 200
OK 1701477211039538517 Show response
edge.api.brightcove.com/playback/v1/accounts/1596741612/playlists/ 19 KB
20 KB 42ms
41ms XHR
application/json 143.204.93.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/1596741612/playlists/1701477211039538517?limit=100
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/1596741612/41ovmUfTl_default/index.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-17.fra50.r.cloudfront.net
Software: /
Resource Hash: f63ad4cc4741d8c195ed33f4550689e0c70a42ae588447a67a60b607ca226e7b

Request headers

Accept: application/json;pk=BCpkADawqM2NpSuaIa7SKcSUp2KFsUrmuW1EHcaEHyVmHhziiQJPlPn7O3-zIz88yrnbzMi6emF_eRzv2qoU1wxXhB1EAP_Ax_A5FS4e_ntlhzE73-O9n6zh8QU
Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:53:39 GMT
Powered-From: eu-central-1b
Bcov-Request-Id: da2ac6e6-e062-4268-9883-7e2593c72ef1
Age: 217
Policy-Key-Accountid: 1596741612
X-Cache: Miss from cloudfront
Connection: keep-alive
Powered-By: BC
Content-Length: 19489
Via: 1.1 varnish, 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
X-Served-By: cache-hhn4041-HHN
BCOV-instance: unknown
Policy-Key-Raw: BCpkADawqM2NpSuaIa7SKcSUp2KFsUrmuW1EHcaEHyVmHhziiQJPlPn7O3-zIz88yrnbzMi6emF_eRzv2qoU1wxXhB1EAP_Ax_A5FS4e_ntlhzE73-O9n6zh8QU
X-Timer: S1628006019.480593,VS0,VE1
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Cache-Control: max-age=0, no-cache, no-store
Account-Status: APPROVED
BCOV-Debug-Cache-Stats: unknown
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
X-Amz-Cf-Id: 3n1SwEqs7q_pdjU2MjjDBgEHpXQWn4ODykgeWwl0WHxFEqPJ8YdX1Q==
X-Cache-Hits: 1

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 74ms
31ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Tue, 03 Aug 2021 15:53:39 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: clear
content-length: 35
content-type: image/gif

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
175 B 73ms
30ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Tue, 03 Aug 2021 15:53:39 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: clear
content-length: 35
content-type: image/gif

GET
H2 200 chartbeat-output.php Show response
data.crn.com/trending/ 1 KB
1 KB 366ms
114ms XHR
text/html 18.189.240.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.crn.com/trending/chartbeat-output.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.189.240.10 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-189-240-10.us-east-2.compute.amazonaws.com
Software: Apache/2.4.48 (Amazon) PHP/7.3.23 / PHP/7.3.23
Resource Hash: 16f2d52adc20ab497085c66dda729dced9334ad0b3021e76ff56265f5c151fc8

Request headers

Accept: */*
Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 03 Aug 2021 15:53:39 GMT
server: Apache/2.4.48 (Amazon) PHP/7.3.23
x-powered-by: PHP/7.3.23
content-length: 1059
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK dest5.html Show response
tcc.demdex.net/ Frame 0407 7 KB
3 KB 196ms
49ms Document
text/html 52.31.176.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tcc.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/9cfdfb0dd4d0/2d8aa33fcffa/launch-826786cb6e10.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.176.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: tcc.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.crn.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=11714915289066570970672614059007127654
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.crn.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Tue, 3 Aug 2021 15:53:39 GMT
DCS: dcs-prod-irl1-1-v012-01c85cc94.edge-irl1.demdex.com 6.3.1.20210623115127
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 2 Jul 2021 08:33:35 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: qjsewYCQRYM=
Content-Length: 2791
Connection: keep-alive

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YQlmgwAAADhruAQS
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=11714915289066570970672614059007127654
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YQlmgwAAADhruAQS

42 B
958 B

58ms
57ms

Image
image/gif

52.31.176.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YQlmgwAAADhruAQS

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.176.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-176-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-0f1d2efda.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: nxvV+NkITUI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YQlmgwAAADhruAQS
Date: Tue, 03 Aug 2021 15:53:39 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=1357721811&t=event&_s=3&dl=https%3A%2F%2Fwww.crn.com%2Fnews%2Fsecurity%2Fmicrosoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm&ul=en-us&de=UTF-8&dt=Microsoft%20Web%20Servers%20Targeted%20By%20Hacker%20%E2%80%98Praying%20Mantis%E2%80%99%3A%20Cybersecurity%20Firm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=set-dimensions&_u=6CDAAUABAAAAAC~&jid=&gjid=&cid=607510855.1628006019&tid=UA-22149056-1&_gid=11604967.1628006019&gtm=2ou820&cd1=Wade%20Tyler%20Millward&cd2=security&cd3=news&cd4=&z=1458300101

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 22:08:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63939
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 123ms
39ms Script
application/x-javascript 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:39 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 191C384BD08D2989
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=63338
accept-ranges: bytes
content-length: 948
x-amz-id-2: /Y8Yj/DqLNS2pI1SPlp4cWcg3IlspJAynuwPI5L3vSGxaNJQvodByoZJc97qcmeVSMm8xcdrWW0=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5bad2c82a7c84f8c/ 1 KB
701 B 59ms
58ms Script
application/javascript 23.59.68.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5bad2c82a7c84f8c/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.59.68.114 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-59-68-114.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44ab1060b71e222bab05e88e0b0da84743826b2bfd5e159564a3ac2f4bda8cb2

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:39 GMT
content-encoding: gzip
etag: 1435101094--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=45, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 525

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 34ms
31ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=6067ade5b9be55324598eb38&account=1596741612&destination=https%3A%2F%2Fwww.crn.com%2Fnews%2Fsecurity%2Fmicrosoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm&platform_version=6.57.2&player=players.brightcove.com%2F1596741612%2F41ovmUfTl_default&player_name=CRN%20Vertical%20Playlist%20Player%2016&source=&usage=social!3.14.0&usage=bcPlaylistUi!3.8.0&usage=playlistUi!3.8.0&usage=inpage-embed&event=player_load&time=1628006019454&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=10000000&qos.performance.memory.totalJSHeapSize=10000000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=0&qos.performance.timing.loadEventStart=0&qos.performance.timing.domComplete=0&qos.performance.timing.domContentLoadedEventEnd=1628006019449&qos.performance.timing.domContentLoadedEventStart=1628006019438&qos.performance.timing.domInteractive=1628006019438&qos.performance.timing.domLoading=1628006018629&qos.performance.timing.responseEnd=1628006018627&qos.performance.timing.responseStart=1628006018626&qos.performance.timing.requestStart=1628006018573&qos.performance.timing.secureConnectionStart=1628006018512&qos.performance.timing.connectEnd=1628006018573&qos.performance.timing.connectStart=1628006018494&qos.performance.timing.domainLookupEnd=1628006018494&qos.performance.timing.domainLookupStart=1628006018493&qos.performance.timing.fetchStart=1628006018492&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1628006018492&qos.player.dimensions=%5B%5B1628006019454%2C%22300x169%22%2C%22300x169%22%5D%5D&qos.player.pixelratio=%5B%5B1628006019454%2C1%5D%5D&qos.player.screendimensions=%5B%5B1628006019454%2C%221600x1200%22%5D%5D&seq=2

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Tue, 03 Aug 2021 15:53:39 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: clear
content-length: 35
content-type: image/gif

GET
H3-29 200 container.html Show response
d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5766 6 KB
3 KB 22ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.crn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.crn.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 03 Aug 2021 15:53:39 GMT
expires: Wed, 03 Aug 2022 15:53:39 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5380 0
0 69ms
64ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0a6-ke3zYUiAUF4_D1SrZKokYTVMMG84fDWs5Va1N7IYPjtL1yLosWd8WOYfyZ4HDWzgIPSEM87Qog7QxRBKhFX0sLt0etxIkCC7ByQ807tOhilaF9cqUNwHEC8-ZrZ7urwyDabjwR6sOOBzWEY3_q-nHuSaGqWW7qJba_iYQAy9kDicmIa7yoI7mfPoIRR1fq4Ny-PMWmlwREgPdTGpr4L2O79BgtX6k_aj0HPbP1oeSw4GS4uqpZmYT3zbHet8ocdttdDu0uGrJclgQWgp5JyRs-lYHn75x5O-QrUryMlmT66wfTHutNlHJKw1wko_LQw&sai=AMfl-YSJd6NIG5c_8mDTa24XtrYCqHnJUFT4JjbP4CvZq93eFW2a3tF1tCiAr5QKFMrb2D0gXLD1vASQNxYxXZUiFWn6Orzpi_0YNlJe8wJyRdNhv1vShejXSyCTGczRQ9G_&sig=Cg0ArKJSzPeZ1W8_-hAvEAE&adurl=

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:53:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 03 Aug 2021 15:53:39 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame 5380 18 KB
8 KB 10ms
5ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:51:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7610
x-xss-protection: 0
server: cafe
etag: 7847795998687576317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:51:40 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 5380 2 KB
1 KB 16ms
12ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:53:14 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5380 124 KB
37 KB 51ms
48ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:39 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:53:39 GMT

GET
H2 200 6371698345330998537
tpc.googlesyndication.com/simgad/ Frame 5380 22 KB
22 KB 9ms
7ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6371698345330998537

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b884f99a3453daf9885a9e24a8e09a60904fa4e7284cae3903103bcb610bae41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 07:32:51 GMT
x-content-type-options: nosniff
age: 116448
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22775
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 20:45:14 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 07:32:51 GMT

GET
H3-29 200 container.html Show response
d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6CC9 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.crn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.crn.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 03 Aug 2021 15:53:39 GMT
expires: Wed, 03 Aug 2022 15:53:39 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 55ms
55ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

4e3da77a5939fbc06cb620cc93ee888978121a1dcd5cdb746deeb936a4cd92f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:39 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903448373927"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:53:39 GMT

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 29ms
29ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Tue, 03 Aug 2021 15:53:39 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: clear
content-length: 35
content-type: image/gif

GET
H2 200 s14229274281005
thechannelcompany.d1.sc.omtrdc.net/b/ss/cmpcrncom/1/JS-2.22.0-LAWA/ 43 B
394 B 106ms
33ms Image
image/gif 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thechannelcompany.d1.sc.omtrdc.net/b/ss/cmpcrncom/1/JS-2.22.0-LAWA/s14229274281005?AQB=1&ndh=1&pf=1&t=3%2F7%2F2021%2017%3A53%3A39%202%20-120&mid=11735973520117095220674720980348617085&aamlh=6&ce=UTF-8&g=https%3A%2F%2Fwww.crn.com%2Fnews%2Fsecurity%2Fmicrosoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm&cc=USD&ch=%2Fnews&server=www.crn.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=%2Fnews&v2=Microsoft%20Web%20Servers%20Targeted%20By%20Hacker%20%E2%80%98Praying%20Mantis%E2%80%99%3A%20Cybersecurity%20Firm&c4=Microsoft%20Web%20Servers%20Targeted%20By%20Hacker%20%E2%80%98Praying%20Mantis%E2%80%99%3A%20Cybersecurity%20Firm&c5=security&v5=https%3A%2F%2Fwww.crn.com%2Fnews%2Fsecurity%2Fmicrosoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm&c7=Wade%20Tyler%20Millward&c11=news&c12=https%3A%2F%2Fwww.crn.com%2Fnews%2Fsecurity%2Fmicrosoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm&c13=L&c15=Wade%20Tyler%20Millward%20%7C%20Microsoft%20Web%20Servers%20Targeted%20By%20Hacker%20%E2%80%98Praying%20Mantis%E2%80%99%3A%20Cybersecurity%20Firm&c20=2021-08-02&v24=Wade%20Tyler%20Millward%20%7C%20Microsoft%20Web%20Servers%20Targeted%20By%20Hacker%20%E2%80%98Praying%20Mantis%E2%80%99%3A%20Cybersecurity%20Firm&v25=2021-08-02%20%7C%20Wade%20Tyler%20Millward%20%7C%20news%20%7C%20Microsoft%20Web%20Servers%20Targeted%20By%20Hacker%20%E2%80%98Praying%20Mantis%E2%80%99%3A%20Cybersecurity%20Firm&v28=Wade%20Tyler%20Millward&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=67A002BE5332084C0A490D4C%40AdobeOrg&AQE=1

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:39 GMT
x-content-type-options: nosniff
x-c: main-1489.I96e1bb.M0-504
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 04 Aug 2021 15:53:39 GMT
server: jag
xserver: anedge-58944c9887-nhv59
etag: 3496116305328308224-4619634667161957326
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 02 Aug 2021 15:53:39 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2D02 0
0 63ms
63ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvi-LZoJ1-ep62v-0NyJxuBwYA1HRsV6ezEHvQQwW18deD9RevmuDJ2Aoegepwp5OdLCHgwT6Of48ryI8OEgAh5YQ6u1JfkRzeyrhYr7kBBGcODi9wMg7D32KNnnY7d9vlQNPVsmyNbLRemYBxIJqHVc73Bgn0ITEoIT3C5u-H61mGXCwutJT5L6rlTTwtSOF0i6P8ywqzL4GPCjrmRc87e7R-xI8PfCOd1QKzO7gO76z58St4ZLpYJCsH7ChvhToITEnsfw0dGjOmCtoIvnTVq_nHstP87RsrRNVJLQWv8OTp3F4EFr4ykbgVeEJScQHnxU7m2&sai=AMfl-YS54i6Ho2eWzRy9k8ZRJYLPt54PkSoWHnGFiKWqeD0-ksaXd282g5_kiGFehkP7ZFFGc3xND5S5sO32-BMwAwSt1n5hOn9kFDe9PSZfwkP4vRquOr2N86MsG_I8akXd&sig=Cg0ArKJSzAko-DdvsXJTEAE&adurl=

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:53:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame 2D02 18 KB
7 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7610
x-xss-protection: 0
server: cafe
etag: 7847795998687576317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:52:47 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 2D02 2 KB
1 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:52:23 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D02 124 KB
37 KB 40ms
39ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:39 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:53:39 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2D02 0
0 14ms
13ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRMk14O_pAuwtUg_SNXq_V6hb6Q_gJueXGeUaoUon8mXizFMATmOCFFjk88cIuy1UMlTBH2AQ9lM-1dIs96CzYBajMG8A
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 7319519794395796386
tpc.googlesyndication.com/simgad/ Frame 2D02 73 KB
73 KB 25ms
24ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7319519794395796386

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

046465c8194421a22ab096271b0ed162a2bc48b28277e62a4b381e32cdae52f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 03:29:00 GMT
x-content-type-options: nosniff
age: 131079
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75002
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 20:31:37 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 03:29:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3B4A 0
0 75ms
74ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMBc4YBu3om8Ta4DOGJfihGqrzwIA_QBUp1SgD1-El5uSLGjkxyCLr8x5ufkiRo4jdkudscL4a10f8g8WHKaWqLut2u6VJwu63k9KulY2r7_McJm1lpm7j6uhvG0x_HTUa7Rg6AHjvFrpnPHIi0mAX9wSN-cnzcAdR_8oODTX4oXe9WqGf5uZ4KxcN-iDNL6AAxfu3agMP7Qsvs2yjHRtlyr56XnLtx7DS79Cp6fPj2HIJuiVlUN0DyJUqJpJaBwRBTyGzPQkCmuG-PWJmNrQtPU-XjImgdM_PsIYsJS89_rePytd6nZdPDbnN2hWG4jk&sai=AMfl-YTvDfwu4C79z4ITB3xsez4bLvxQQSCXDE_YIFyYQfwuPwGypgAltom39iUOqkpz840ZksLBQ9XdmVwVxmzm5HThPuZ3ZevKr0N2AZSYRLGEMdW6y-GGsCqpbEYqwQlb&sig=Cg0ArKJSzM5DMzYEIrfcEAE&adurl=

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:53:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame 3B4A 18 KB
7 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7610
x-xss-protection: 0
server: cafe
etag: 7847795998687576317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:52:47 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 3B4A 2 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:52:23 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3B4A 124 KB
37 KB 44ms
44ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:39 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:53:39 GMT

GET
H3-29 200 14414698715612414630
tpc.googlesyndication.com/simgad/ Frame 3B4A 59 KB
59 KB 20ms
20ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14414698715612414630

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c50e17d3c2ed4efb72d0d55784ae2691891459f553d35c135740f52f56b0900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 18:39:05 GMT
x-content-type-options: nosniff
age: 76474
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59912
x-xss-protection: 0
last-modified: Fri, 16 Jul 2021 13:49:35 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 18:39:05 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F694 0
0 71ms
70ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUkLrTzgnbvMRthACvNE29sjpC86a09t5Jfk_5eJSeR7AWvYSTNyRn5Gici8Qv9llgmzuL6gg10n28JfIL4vWjY9KqfXUf5yp0xUkxFI00UtiWvd5THSDhRpd_us-P9SZuYbmQTfx0q_pGH426Fv-IK32jasZAjbQFexVuAbU7nJ52NGiMLrlSMf347x7Fd5Gi-c4-f-hF2tEGBEOpiwAbyaCtaLRkU-l_WNvDf-2DvtbNsISF2MTs1Je92aL2FbKJbYB1uKSeAIueMPzq-aIgxYu1V0A0SYLm698yOrtF_IUy1cgtG3c_M54wRH9IUDI&sai=AMfl-YQjBS8EdW9S-P7QPFP8mAkGA1hq414E35_dau_NwzBKr2uEVI6ECLfjyy9h96ghRglabiQetOr3arIo9kkDUZ8-5jIylZO8qeQymq_Do_Q0NzdEvWPbDyzUlYXKke3I&sig=Cg0ArKJSzHVuK6fWiEYcEAE&adurl=

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:53:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame F694 18 KB
7 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7610
x-xss-protection: 0
server: cafe
etag: 7847795998687576317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:52:47 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame F694 2 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:52:23 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F694 124 KB
37 KB 54ms
53ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:39 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:53:39 GMT

GET
H3-29 200 1957131219839129850
tpc.googlesyndication.com/simgad/ Frame F694 40 KB
40 KB 17ms
17ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1957131219839129850

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

150481bcdb6b1a82c4297dfa40623b0278cc54c1ad241d5657bf5416a2cabb2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 14:37:51 GMT
x-content-type-options: nosniff
age: 90948
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40546
x-xss-protection: 0
last-modified: Fri, 05 Mar 2021 21:39:09 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 14:37:51 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5136 0
0 69ms
68ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3kUmZOjzaM1i9wolPToiNmJnFGcJfNxLKLlNoOkb7pzigO1xHEUQ2Z-ErHwzcA3vLd2NYvhICCM3OlB-uGw0MYdlQZh8dlHktH7E1SJBnu89aLIrA0KRpSsUnOX8ufe4BCYkREtBRFza4A3SE_30iyvtrqlmTCstbg_WS26nesxUp-GrT8wCeZUi1nsFHu2uVNjtlNa0gu2Yap_CUAaa2BvDc_2nPWwHXqek8BSZMxGEaOb7lD3QSFkwShqOmnpYqIzrjue911NFiz29aL9BAeZCXkBxrB0syPLh5ETu7fDxJd6OsciKa_lypXhM5ubU&sai=AMfl-YSi3gwO_aFJV3ps2-2x5Cp6TG9yDVCQyJ73XFqbUCxLJ329m9_EOlamZuR14mL6erPPFMX_5PcqJ6IGBLts3nBmCZVDXUhfmEMEbZt7E-zR29sSiUxGM2Io5UR1MlSg&sig=Cg0ArKJSzGGteBdQlwwCEAE&adurl=

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:53:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame 5136 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7610
x-xss-protection: 0
server: cafe
etag: 7847795998687576317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:52:47 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 5136 2 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 15:52:23 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5136 124 KB
37 KB 64ms
64ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:39 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:53:39 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 5136 0
0 24ms
22ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR695t5inG_x0GEsft_2s2x3TYnQ2MmPmWV5jEcOAVdHlQlvqFdPYx6y6phVjnCEFLYKIwjmHVLV9t7mbOCptemv99Tgw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 18205277162782772816
tpc.googlesyndication.com/simgad/ Frame 5136 66 KB
66 KB 12ms
12ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18205277162782772816

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ba506560dda3f518bdf9b032edb8a79de74cfb3fe18ced73e86e8dcdadf4c8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 14:47:39 GMT
x-content-type-options: nosniff
age: 90360
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67780
x-xss-protection: 0
last-modified: Fri, 16 Jul 2021 13:49:19 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 14:47:39 GMT

GET
H3-29 200 container.html Show response
d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4CB3 6 KB
3 KB 8ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.crn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.crn.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 03 Aug 2021 15:53:39 GMT
expires: Wed, 03 Aug 2022 15:53:39 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/1596741612/4d5a92e4-0e88-405d-bb55-3d9aa6b5f8a3/c4f65876-6fc3-4743-a7ae-1c9f22838585/1280x720/match/ 138 KB
139 KB 137ms
49ms Image
image/jpeg 13.224.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/1596741612/4d5a92e4-0e88-405d-bb55-3d9aa6b5f8a3/c4f65876-6fc3-4743-a7ae-1c9f22838585/1280x720/match/image.jpg
Requested by: Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-101-146.zrh50.r.cloudfront.net
Software: / BC
Resource Hash: afa1528c924e6cb6783051b48960b80abc2565e021e172928bbd3bacb4776c52

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Jul 2021 20:53:41 GMT
Via: 1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 327598
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: 8G2Q4LkYTs_5KefhQWxRBpWIHGfVCwBqxQc06n9vyjrmsgXbx05kMw==
Expires: Sat, 30 Jul 2022 20:53:41 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 42ms
42ms Script
application/javascript 23.59.68.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.59.68.114 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-59-68-114.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Tue, 03 Aug 2021 15:53:39 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/1596741612/4d5a92e4-0e88-405d-bb55-3d9aa6b5f8a3/059098b1-1c09-47f6-b274-d31e2712e9a1/160x90/match/ 6 KB
6 KB 127ms
47ms Image
image/jpeg 13.224.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/1596741612/4d5a92e4-0e88-405d-bb55-3d9aa6b5f8a3/059098b1-1c09-47f6-b274-d31e2712e9a1/160x90/match/image.jpg
Requested by: Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-101-146.zrh50.r.cloudfront.net
Software: / BC
Resource Hash: 90f8fab55baa00ed10b21fe8264099700d2c2e49fcb6208ac9dae8580fee284f

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Jul 2021 20:53:41 GMT
Via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 327598
X-Powered-From: gantry
X-Powered-By: BC
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
Content-Length: 5722
X-Amz-Cf-Id: yDqzBZut05tHOg9jKCCwNb_5Sak8E5Lqd-RoN_pfCgsrZ2S7RYEwKQ==
Expires: Sat, 30 Jul 2022 20:53:41 GMT

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/1596741612/d1ba0a3b-09bb-4435-bef1-f72efee726ce/2ad7db1e-937a-4e93-a102-d3944f81ede4/160x90/match/ 5 KB
5 KB 122ms
43ms Image
image/jpeg 13.224.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/1596741612/d1ba0a3b-09bb-4435-bef1-f72efee726ce/2ad7db1e-937a-4e93-a102-d3944f81ede4/160x90/match/image.jpg
Requested by: Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-101-146.zrh50.r.cloudfront.net
Software: / BC
Resource Hash: 8f5200bb9d225173ad3aeffde7ebf953d9792e7d061400d3f73921f32bb088ca

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 22:50:43 GMT
Via: 1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 406976
X-Powered-From: gantry
X-Powered-By: BC
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
Content-Length: 4706
X-Amz-Cf-Id: Et2SjmreOyFaQcFg-OtIKjLcB92ECXttxe_VU_IQyE31P4M8mXPPEw==
Expires: Fri, 29 Jul 2022 22:50:43 GMT

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/1596741612/66107dc0-2b2c-4f98-a943-c2264bfc32cc/c25a9fed-b412-4bc6-a360-3ffe11b3f8e6/160x90/match/ 6 KB
6 KB 121ms
41ms Image
image/jpeg 13.224.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/1596741612/66107dc0-2b2c-4f98-a943-c2264bfc32cc/c25a9fed-b412-4bc6-a360-3ffe11b3f8e6/160x90/match/image.jpg
Requested by: Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-101-146.zrh50.r.cloudfront.net
Software: / BC
Resource Hash: 1b1a5890f8b17ff656ca52d299897a5e53aa088bf037d2e11292dc04e08fd498

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 21:38:11 GMT
Via: 1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 497728
X-Powered-From: gantry
X-Powered-By: BC
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
Content-Length: 5852
X-Amz-Cf-Id: yNbb4qkNpAkioLHOFOfid7Hf_KkAt_IJQkdMzdQHMBiMjFCg_S2WQQ==
Expires: Thu, 28 Jul 2022 21:38:11 GMT

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/1596741612/b0eb62ad-aa03-419c-b8df-3341d7a62d9d/a17e6119-7e6a-411d-917e-cda587ca6f7f/160x90/match/ 4 KB
5 KB 123ms
41ms Image
image/jpeg 13.224.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/1596741612/b0eb62ad-aa03-419c-b8df-3341d7a62d9d/a17e6119-7e6a-411d-917e-cda587ca6f7f/160x90/match/image.jpg
Requested by: Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-101-146.zrh50.r.cloudfront.net
Software: / BC
Resource Hash: 417921cfb2730689b3770121dc0d76e2e67f4f990f133800b2940052f8b328b2

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 16:05:00 GMT
Via: 1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 604119
X-Powered-From: gantry
X-Powered-By: BC
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
Content-Length: 4386
X-Amz-Cf-Id: 0JGOaZG7UteloU1LdDiQb-kcMf7Yu-XanztNG_HQsn97AvVnJp294Q==
Expires: Wed, 27 Jul 2022 16:05:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5380 0
0 103ms
65ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssr3h5ZSJpkvdAFAePP_jpBVZ84mzt1LybnwTlAscIc3IYAZGaDTiUyFL0VUlunmzeJoQoJw5_ek38MUgX5PUhpPPZpcivpfvnaCtp13ThbnFfQ_HV-R4yq6VfyVmmlqV4ufBzpk8MfLrEJ42BrjJQlt7KW-ia_607KkehXcn8K26yapv8ljp5Mp608z6AwRDAsCcDT8fJhhZf_sHf_t0m9nR_WQeAof6tCTdSglaRlaS2k3YjvHI6BCS1wHOBJH8a57v0faYBfkml2DWdJIKEyoM6qncjA_2XotYY4jtngTVRHBT_xvzpvg09n-3VhWrjCwlNF&sai=AMfl-YTfD05gY4EOxgRw31KmstHcUjlXxtYBuyP_LPKeHupM9Ig8dwSfZx9O3QffgJ7nkQ8MfFQkCQ0rCUMp9B0Q8BCbf34AqUGU5n7hfojXczOXRrM_PVwg3T5VWgRl7kKB&sig=Cg0ArKJSzGRPS7mRlBooEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:53:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 03 Aug 2021 15:53:39 GMT

GET
DATA 200
OK truncated
/ Frame 5380 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c066cd9a2afc27b5b43e67fabc6306b294067386476d25cfa3b44703db4306d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 12af1b26-1045-487d-bc88-34ba8015cc80
https://www.crn.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.crn.com/12af1b26-1045-487d-bc88-34ba8015cc80
Requested by: Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfc19252de835e34f1364ec3c113c51783bc612f5e4d1a2f67af8a1614ed1658

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 5914
Content-Type: application/javascript

GET
BLOB 200
OK f75808b0-3af1-4285-a7db-fb4a239c1c58
https://www.crn.com/ 83 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.crn.com/f75808b0-3af1-4285-a7db-fb4a239c1c58
Requested by: Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66a575a0e0b8db8936845291117366ffa68bf06f8d690b6025d756cc35eb1d1b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 84936
Content-Type: application/javascript

GET
BLOB 200
OK 8237ceaf-bb11-4a86-a6f7-fc6ea54ce470
https://www.crn.com/ 83 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.crn.com/8237ceaf-bb11-4a86-a6f7-fc6ea54ce470
Requested by: Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66a575a0e0b8db8936845291117366ffa68bf06f8d690b6025d756cc35eb1d1b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 84936
Content-Type: application/javascript

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5766 22 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com
URL: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:33:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105588
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 10:33:51 GMT

GET
H/1.1 200
OK code.js Show response
s1110.visualsteel.com/ela/ela_crn_checkpoint_fr_v_2107/ Frame 5766 600 B
994 B 415ms
100ms Script
application/javascript 169.61.79.97
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://s1110.visualsteel.com/ela/ela_crn_checkpoint_fr_v_2107/code.js
Requested by: Host: d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com
URL: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 169.61.79.97 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 61.4f.3da9.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 28e91301e8846700a388e694ca99d3483ceb714fbd5b2e485744e40ce1a359c9

Request headers

Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 15:53:40 GMT
Last-Modified: Thu, 29 Jul 2021 19:59:51 GMT
Server: Apache
Vary: User-Agent
Content-Type: application/javascript
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 600
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5766 124 KB
37 KB 66ms
66ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com
URL: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:39 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:53:39 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6CC9 22 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com
URL: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:33:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105588
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 10:33:51 GMT

GET
H/1.1 200
OK code.js Show response
s1110.visualsteel.com/wp/wp_crn_house_wotc_2103/ Frame 6CC9 1 KB
1 KB 414ms
101ms Script
application/javascript 169.61.79.97
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://s1110.visualsteel.com/wp/wp_crn_house_wotc_2103/code.js
Requested by: Host: d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com
URL: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 169.61.79.97 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 61.4f.3da9.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: ca6372f523c356c3edc0e7dbefa0340e985608da8ba5423859b1e4690f398670

Request headers

Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 15:53:40 GMT
Last-Modified: Fri, 30 Jul 2021 02:05:38 GMT
Server: Apache
Vary: User-Agent
Content-Type: application/javascript
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1072
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6CC9 124 KB
37 KB 64ms
64ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com
URL: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:39 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:53:39 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2D02 0
0 70ms
65ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_a0HYwdrkRjE2iGAimKfJk8hWBEhqgxobM65JMJf4M_7TTDgN1GLvrllvJCitgWJS2bR9sMpoE5GAyIyRjGBbsH5N92I-xfXqlCINtCuie31CboGBJzdMaSa3R1_efYGI4z2h8FpvfCxf596mAw0-nDdSyiZCkwtVk_zmk5fZk6rkupZaXVxoLpeKJODEzyCZx2jQzZ4UangzzNlHcb69812Jwsg6gxqrM0848KSLAZyi6CBw6abo9SE4_qqM8MwYbiMjpOmqowzEV1DfoHYiMDxXnhBdbLOP2n39Tb-DVztztv0BLwefs1SJS0jNmAo2rtQHvEQ&sai=AMfl-YSq3X1iXF1lBqPwh183rT7Yaog4IuzwB-cXDIeHJfNLHxSjm1S-hkhGgiNb9KsOkiijGxjNdNNEPrq4RyMeDgxM4qplxMUk0PFh_Qd6xBq3XpDVVePuwq59Bkgf0-61&sig=Cg0ArKJSzG23WzFLSD8lEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:53:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 03 Aug 2021 15:53:39 GMT

GET
DATA 200
OK truncated
/ Frame 2D02 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3197a0d5652771aca1e3bca8e425b71b60e2663eb3e958469bd1b50d7a8d520b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3B4A 0
0 66ms
66ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunj0pt_f1jusnmfEWLncndrdBWFavdjGqoAwSEc_f35534H6j5-9QcuPUyWs5Zsyo81k_C7kG581_36ha8hyfK7c7Q5extQHj35B5B6iwalagWXxM9l29ld6YncfvxmNd8rW1ESnJkZGX1TpZjDlNXmQsRAWZv6BUkDqY8oCJ9hbNkhEutLYSs5lPLbkmSW6-j1vZPGUSRQnJMm4q_pOUH781SZd2fcJ_R2tXVjMlyu7XUj17yVj-0iHXYtkyZqKIoHgEzICZP4OEYRNyo1dMUsSBjLu8fvOG3RayZWImPFBaYQOziNNfMhuRUMlJdFtBD4w&sai=AMfl-YQjkgjGARRabnSKshLLTyy0T7A-KEK9Vr-uhbgPTwZ6ICbAsvXHkg03d0kv4TOmRGl7aS3rUT_yRwg14K03Gxq8ubJWV9H7Icz_c4mFBDL7zQ5xUVDenKzUrcurDT-8&sig=Cg0ArKJSzMfyQLThUhuuEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:53:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 03 Aug 2021 15:53:39 GMT

GET
DATA 200
OK truncated
/ Frame 3B4A 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9d035f2565ff15da10a611e1e755e0042ebe697468672c4d1e6aa07007db63d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F694 0
0 64ms
63ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstX8LI1iNu_9f9Q4Dc2yjDsI_I8Zm4vPSQ_SOhOBdVNdwSLeyHihQP_CAiL1gyHY439PIEJ3tdZOQgba1hVr7WK3xAZVO9sj0H8WjrtaNIg411jhYD33yNqwUK_h2_jXcs8wgdMWYBmaIXcEdjYrbQH2gBfhjptjZBblkFfiRYDOcwavm_R_rLShtDbLCRkG3CT-9BfNRtUOIcMJR9BB0BRGUc2L067JKf9W8jIPYPJ2jCz2q9IUPz3t_LhS5bCRuTntwDSNcUlFIGGZZIAKgOi8IFd-7ciPQCyU-1Qi2Xe4Vwc_y1x1BwiDs9k0kw7uD-AKQ&sai=AMfl-YR7mBTgF-KFqlJEm7luc8iOMELnRXUKn9Wj4SSQ5nfxqCNt5PytITl8vPfjFLX_FoLyNLXAUuiICICApox5CqknbsEVQIM7OeZphsCJ1ERUrh57ERBw_opN8vZuC1MV&sig=Cg0ArKJSzAwAWDHSJSq9EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:53:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 03 Aug 2021 15:53:39 GMT

GET
DATA 200
OK truncated
/ Frame F694 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6488b4575cb6a833cff4dcfa0377b84c52dbf322e481c4f4a20be1952787faef

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5136 0
0 70ms
69ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXbljLNYST1C-Q4v1KGyIbD8AmVPQQFQ9s7fm4wXbxT-jjYoy2e7mdmqjabT0CXt_sIs_khVMS5AqLS1rPz4xTphRgEYfXnF0UQuCNq02T5rGGWZEbMm3Ds-OjuVQY3iWUBNuFosnPJxeQr45eHZRi58H9rjRZx8PMPcXj5OHyJf8AfKcy_MajzpKDsOsYxrV9N4k1BC8bhDpZuOR7hM7H-41pgZaJ4dH578vySAoGnaWwJyQylDuHaEKMdTKpsOXe-exhti9gDyNJecFTvzfeuPT0WO-8jW6qMMIjMcybJQnFEeOfXoukEG7UQBhhPz52dw&sai=AMfl-YTDgXol5K_RrakEcu7ngI0_2YbgvLIZ1jAL1TtC-CKIQwpBMy_HW4RwAkS3Km0DpBsuTW5GB6BTnwldbmcmCNv2ycOVWdBCQ5mGtDEMZ7DIRhR4qlRiDrj7lzKEiCWg&sig=Cg0ArKJSzADAiI8YlIiaEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:53:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 03 Aug 2021 15:53:39 GMT

GET
DATA 200
OK truncated
/ Frame 5136 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ff1dcfa788574a833edd6dbe64f239ecc8c4ca92ba43916fc64a643bba19a07

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4CB3 22 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com
URL: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:33:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105588
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 10:33:51 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4CB3 124 KB
37 KB 51ms
50ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com
URL: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:39 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:53:39 GMT

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 42ms
42ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Tue, 03 Aug 2021 15:53:39 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: clear
content-length: 35
content-type: image/gif

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5766 0
0 64ms
64ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssriS2hvJmjlA_fvfbgW-_G1zS5meWGPAQIQtLihmbNLD7NJ7J58dU6kzgR-nig-wDrUWXx39buj9mqOfJgws6fBijAyGFKnAcFF5KwTM_-k4zdp149zTR4BEMHwWhm_HYTM7GbhDGd6yRoBWHEoenrgo4MJvb8ijo6jIP93oB1uKz3kkKm6M0A4uyfX5R-eRvlAM1V9S6SVu8TsBzHDal2bJ7ihC9HWNw6xzvQrGs0avzpQuQcyP3t6T3KcciNt5t2QKZkh8Na6EnTalhMk047nhYlYIa4Y_82GkgV8bLgVTFnY4NQPox3De4NDDGegQ&sai=AMfl-YTMjZe4N0q0ZdxffoIOdo3OuMHWGodqSIkev43viaCrbgaTGjkuewxtmpJOFkgcS3a-B9nzGn6SOQB2utmfk_oar6rs5Gb2HKG_nK2m_GS8kpeQP5JddTYnBs5L3R4a&sig=Cg0ArKJSzAoOqEMbQf64EAE&urlfix=1&adurl=

Requested by

Host: d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com
URL: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:53:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6CC9 0
0 64ms
64ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstF7KrCD4icuVoQ8YZmRVMOnT-xqZOo6N1IlZzAsVZ6X_VvNUIuu_Vu-TvTsaCEiK7cYXnzm802YixBG945X4wi_b6yrQj6qTkb0lHtj2MPb16-qKiOZR8pNCYKeZKzctvyJlV1s__9u9EO5LV5UvJ9_N-ApPj2K440HiNA32lrhj3_OZNsxVfDzq4GpbogehbRxFjCCuqZjxwIy6h9fUxmlw18WhXbi2INbKmaOV5URW6yDi-Q9SgBjROxZhox0gqx0M6jgJ13kj2DH11wgXNj4FHOyKdxoBgS5pUq365EJ0wjBmCDgFvX7EGp4XVPYXbWsko&sai=AMfl-YQ1oJ8NuK7v8c1fiF_mjs7PqipKmQI2rGbcluRwTJgFHh5i_-DGCoGDi9vRRmqW3IeJNRdNLsYSk0ig4ulpr1Sei4mkznULJsCY6ZNNsFPqSvtgCWZSWdMQLSRfvrPE&sig=Cg0ArKJSzKUcOwHt3vAzEAE&urlfix=1&adurl=

Requested by

Host: d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com
URL: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:53:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4CB3 0
0 63ms
63ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbq8-Y4BTgOXe7MXd9ak6FIcIVrmJ4ZMlXfm5NXNEXlXmtOG4jh41h6fhRGOzQZVJZTYAd3wkft9igvEv-MhnPzOQM-EINumYG-gedbVryqYp5LXfRma08tr7VcWR7rUZDvjdslDrb-u78CjQW97IHbgNYcodW_JGyQ-esGgEJVB3Ej4w3TGrtR3y6CSmMHdAxPbxZhFvgV9oaQwU4oSil334Nspx43dLhnLBPzZ8Ck25XNBeZUqapbugVK5yELusRMjNA5kXMczJiUfSzBp6wMAzXwKTncyoS8GEGLuDWg3cZ3YOSFUpKB8_jDPAjCF2DbOadZELaOUzBD075KMRR1ybl&sai=AMfl-YRbW47rOlHjEN2v8f959VWvAHZy9PRfBkS_d5HjheXOzlDnawlqCmSLrvtVz8Kavcn8rPceE6TZE4dBTvkz4a-ds9t7l0q-au91eI3aM95f5WngsPifF7WX9ANrTx3R&sig=Cg0ArKJSzOLFkB2tTAr3EAE&urlfix=1&adurl=

Requested by

Host: d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com
URL: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:53:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 4CB3 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5530d35153dabd11e7878778b8b6652768f1f91185dc2b1bc722533cd1d981fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4CB3 0
0 63ms
63ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIrSY-tIob6ZmmNa1sI2w1aKMH9sN5dllnDvzxFlUgHciKAL9GuJCVZ1I7qJozeV-4WEyOfKIpXV_XmWOQPxFlvVbhFdv5LYIz20m8jcjGZlNzOMw2OARuv6OK5ntsTpypfEqV4xJ0SawO3TmrCXLws68ZUCJ-pAVEdZYckgOKw9sO0rdOIHZVf12fwXDtWE_rYqfc_M4nkbgHeM3AppGQ98DQjoQ6wCdPdVjjS7D96Wj3u9DZdS0cnSBPNK9q4I0mejbvw5gwVlHbMeljBdMMa1aBhhuu4B2FlqQePU1BXCGVruObztTQIcqK6XOYZ_A-cBPjDktd07tYKDBQbgR_XtdLutI&sai=AMfl-YQ08IUqn1OsLMfjrfBey2JFXNrsqGM5lYlijzxu_zYnEGxquBstYp_3B256Lrb1zzQ6nC161k_wZaY9bHmLbqQHKhAXQGZP9972sR4GdvPG9PEaBnkTIdwmyh54JNF_&sig=Cg0ArKJSzMyFGmli2TQAEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:53:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 03 Aug 2021 15:53:40 GMT

GET
H/1.1 200
OK ela528.jsx Show response
s1110.visualsteel.com/parts/ Frame 5766 15 KB
15 KB 2075ms
2074ms Script
text/javascript 169.61.79.97
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://s1110.visualsteel.com/parts/ela528.jsx?a
Requested by: Host: s1110.visualsteel.com
URL: https://s1110.visualsteel.com/ela/ela_crn_checkpoint_fr_v_2107/code.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 169.61.79.97 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 61.4f.3da9.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 427cbb21cd5b5a80cb11d5b4c5ee516058a9dd4f7dbdffa06cb482e507fdb7a1

Request headers

Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:53:40 GMT
Last-Modified: Wed, 28 Jul 2021 21:08:08 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/javascript
Cache-Control: max-age=2592000, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 15431

GET
DATA 200
OK truncated
/ Frame 5766 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b72ef96281587bcda8773fd4b762e132a89351f79f2bb1ce096b83f57038cd39

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK wp514.jsx Show response
s1110.visualsteel.com/parts/ Frame 6CC9 20 KB
20 KB 2051ms
2051ms Script
text/javascript 169.61.79.97
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://s1110.visualsteel.com/parts/wp514.jsx
Requested by: Host: s1110.visualsteel.com
URL: https://s1110.visualsteel.com/wp/wp_crn_house_wotc_2103/code.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 169.61.79.97 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 61.4f.3da9.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 00088f7198cc9988ffb6f34c35afcd82ebba403aa6fbb5c1e2f8aea727b92a23

Request headers

Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:53:40 GMT
Last-Modified: Wed, 28 Jul 2021 15:43:26 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/javascript
Cache-Control: max-age=2592000, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 20477

GET
DATA 200
OK truncated
/ Frame 6CC9 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6aa43bb2f9d587259a68783844d61e118b3553f7a6a055b8c2fcb619f28b77c2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5380 42 B
518 B 58ms
39ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBCo5T0glggi40nIUraZrVC1Sa_EzDtWsmFKuv-3oIgFVVENHShUxf01r5D9pmg2CquBN05gRwI2lZOyhpQNc1u2K-WNyxPd9Er80uNVyNrktDySZI&sig=Cg0ArKJSzCan0rL58pMMEAE&id=lidar2&mcvt=1000&p=1100,309,1200,1291&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210802&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2427012163&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628006019526&rpt=241&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:53:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2D02 42 B
64 B 48ms
46ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaZW7giprFfZRj80b0iwb2pJ7dAx6f-uJzNldTJ71PW5UVTdkDAf9GKX3B3j5IEgJRjKZbTC_Vbo2mTjW3qNBZJIBqFHe_Y6hRbf40R1wRow4LSzjP&sig=Cg0ArKJSzFWErlVwz5DoEAE&id=lidar2&mcvt=1000&p=316,973,916,1273&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210802&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3967207634&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628006019625&rpt=217&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:53:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ac1.pl Show response
s1110.visualsteel.com/cgi-bin/ Frame AF79 189 B
548 B 122ms
122ms Document
text/plain 169.61.79.97
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://s1110.visualsteel.com/cgi-bin/ac1.pl?d=wp&c=wp_crn_house_wotc&w=crn.com&n=6280060222&vsTt=cr&r=8295
Requested by: Host: s1110.visualsteel.com
URL: https://s1110.visualsteel.com/parts/wp514.jsx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 169.61.79.97 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 61.4f.3da9.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 9bc372ad9525cc842526de4f9d41972514c23046e450e77e0f1bdc4e415deafb

Request headers

Host: s1110.visualsteel.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/

Response headers

Date: Tue, 03 Aug 2021 15:53:42 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Content-Length: 175
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/plain; charset=ISO-8859-1

GET
H/1.1 200
OK art.gif
s1110.visualsteel.com/wp/wp_crn_house_wotc_2105/ Frame 6CC9 57 KB
57 KB 105ms
104ms Image
image/gif 169.61.79.97
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1110.visualsteel.com/wp/wp_crn_house_wotc_2105/art.gif?a
Requested by: Host: d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com
URL: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 169.61.79.97 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 61.4f.3da9.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 74f80202c21be00044a8472fc9e17c4fa7c1dcfdf9ef4d77020670a2a0cadb46

Request headers

Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:53:42 GMT
Last-Modified: Thu, 06 May 2021 02:19:04 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 58248

GET
H/1.1 200
OK ad.htm Show response
s1110.visualsteel.com/ela/ela_crn_checkpoint_fr_v_2107/ Frame F4AB 8 KB
3 KB 221ms
103ms Document
text/html 169.61.79.97
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://s1110.visualsteel.com/ela/ela_crn_checkpoint_fr_v_2107/ad.htm?d
Requested by: Host: s1110.visualsteel.com
URL: https://s1110.visualsteel.com/parts/ela528.jsx?a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 169.61.79.97 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 61.4f.3da9.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 7b3a722d864f6691a3efdee4186ee50cf8835d4827d2c53fe82135885a04f259

Request headers

Host: s1110.visualsteel.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/

Response headers

Date: Tue, 03 Aug 2021 15:53:42 GMT
Server: Apache
Last-Modified: Mon, 02 Aug 2021 18:48:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=2592000, must-revalidate
Content-Length: 3005
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK c1.pl Show response
s1110.visualsteel.com/cgi-bin/ Frame 109D 189 B
549 B 324ms
121ms Document
text/plain 169.61.79.97
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://s1110.visualsteel.com/cgi-bin/c1.pl?d=ela&c=ela_crn_checkpoint_fr_v_2107&w=crn.com&n=6280060222&vsTt=cr&r=3819
Requested by: Host: s1110.visualsteel.com
URL: https://s1110.visualsteel.com/parts/ela528.jsx?a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 169.61.79.97 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 61.4f.3da9.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 9bc372ad9525cc842526de4f9d41972514c23046e450e77e0f1bdc4e415deafb

Request headers

Host: s1110.visualsteel.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/

Response headers

Date: Tue, 03 Aug 2021 15:53:42 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Content-Length: 175
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/plain; charset=ISO-8859-1

GET
H/1.1 200
OK half.gif
s1110.visualsteel.com/ela/ela_crn_checkpoint_fr_v_2107/ Frame 5766 46 KB
46 KB 307ms
103ms Image
image/gif 169.61.79.97
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1110.visualsteel.com/ela/ela_crn_checkpoint_fr_v_2107/half.gif?d
Requested by: Host: d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com
URL: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 169.61.79.97 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 61.4f.3da9.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 2ff6ba852b2b41f8a8d734033ef75ef982f18234f4571b605cd486e587d387d7

Request headers

Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:53:42 GMT
Last-Modified: Thu, 22 Jul 2021 00:51:34 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 47110

GET
H/1.1 200
OK vp560.jsx Show response
s1110.visualsteel.com/parts/ Frame F4AB 10 KB
10 KB 104ms
104ms Script
text/javascript 169.61.79.97
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://s1110.visualsteel.com/parts/vp560.jsx
Requested by: Host: s1110.visualsteel.com
URL: https://s1110.visualsteel.com/ela/ela_crn_checkpoint_fr_v_2107/ad.htm?d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 169.61.79.97 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 61.4f.3da9.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: a4698e5f38c7fcc80f185e8979dd1b03d076ad1906bbfd2132c1c023086180a9

Request headers

Referer: https://s1110.visualsteel.com/ela/ela_crn_checkpoint_fr_v_2107/ad.htm?d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:53:42 GMT
Last-Modified: Mon, 02 Aug 2021 15:53:10 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/javascript
Cache-Control: max-age=2592000, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 10043

GET
DATA 200
OK truncated
/ Frame F4AB 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK tab1.gif
s1110.visualsteel.com/ela/ela_crn_checkpoint_fr_v_2107/ Frame F4AB 136 KB
136 KB 104ms
104ms Image
image/gif 169.61.79.97
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1110.visualsteel.com/ela/ela_crn_checkpoint_fr_v_2107/tab1.gif?f
Requested by: Host: s1110.visualsteel.com
URL: https://s1110.visualsteel.com/ela/ela_crn_checkpoint_fr_v_2107/ad.htm?d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 169.61.79.97 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 61.4f.3da9.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 7b5093442fce431df68f379d12801d395b7fc6794521283d6b361f327d9e5a66

Request headers

Referer: https://s1110.visualsteel.com/ela/ela_crn_checkpoint_fr_v_2107/ad.htm?d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 15:53:42 GMT
Last-Modified: Thu, 22 Jul 2021 00:51:35 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 138808

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6CC9 0
0 65ms
65ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4P4RLxsPD6O74kbbEWveYRPywTUGLgGK8S0EeyQJ_Cag5bcUSmJ-WNLce4OmKpUQewCa4WcIiWhyKY92_rAGDxPPFDtcfnIEnFA2PciZItRC8Kpd5c2wpWFqvmcNio72590Y1oVhtQkObRlyrUKuKj2mqLo3qo8iva2bC2gwlBWC09ezhBd_wIA6cxnl3VZX-n19HKts832682iZVjxILu_bSnX8JyARCEGHi9nHGYRb_H7r7puFvbVXZbcrprWfgvHkkbdutWF10GPPSsgEOMqkJ5hVG718I_EE-u2nzjoD1uO3pnmc4cNF_ZZBY16CXQlZnZQ&sai=AMfl-YSfDS7WJRYYzt5OhTFzv6nfDQQrXwTAGb6T1LjVji16nsk0tStoHfsQQOKZ-fftCFh4cBejuwvkvEHCEu3Sni69kx1_vybwiBEOXik6oEgAa1ux3bxYXOsMirJMFV2r&sig=Cg0ArKJSzKzzP5Qhx3FgEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:53:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 03 Aug 2021 15:53:42 GMT

GET
H/1.1 200
OK ac1.pl Show response
s1110.visualsteel.com/cgi-bin/ Frame 08B3 189 B
548 B 127ms
126ms Document
text/plain 169.61.79.97
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://s1110.visualsteel.com/cgi-bin/ac1.pl?d=wp&c=wp_crn_house_wotc&w=crn.com&n=6280060222&a=v&vsTt=cr&r=8295
Requested by: Host: s1110.visualsteel.com
URL: https://s1110.visualsteel.com/parts/wp514.jsx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 169.61.79.97 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 61.4f.3da9.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 9bc372ad9525cc842526de4f9d41972514c23046e450e77e0f1bdc4e415deafb

Request headers

Host: s1110.visualsteel.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/

Response headers

Date: Tue, 03 Aug 2021 15:53:42 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Content-Length: 175
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/plain; charset=ISO-8859-1

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5766 0
0 63ms
63ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcE2O97DcYsJhew_MiZ3-4MWwEaYZxz9yE2aCNuEaAk9XGD5UZH9t-6QgdgoIfSd8h5V1gZaMNSHC7CpHTFd09Uqgdy5_rk6hJl8ks2PF5eEzPbqUiJkHYOVYKxGmogHHSoDX7LBrHy-TzNJ3RcJfzY3t-oyih-0M_DY9mUF4xo5Uh0mydTuSfWbtMju4HuADTaAoyjnt3HWBqQF4GRwYOyeAQ8mo1A6wnbkJXBizYVNAmePbGTItJsWPEUkf3AopOX32gDwBUr9L2r2vRwFZiY30ogsQJTYI9jMJYsVkxIqkk3esHoRQgMY9MuZXPfOYa&sai=AMfl-YSqHwR5EKYRhZHtTgcGHsGdLvFtjSHiLUEYhCoNdD2WfDWNhX8sP5wDKlUnvW2Yc8LkCrz3gQ-HZmbUFwyeHg8_RILieec6TGaKlAALWAvZAZU8djb2Dot9xEnGxU3Q&sig=Cg0ArKJSzO7Eh2RcILaKEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:53:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 03 Aug 2021 15:53:42 GMT

GET
H2 200 all-sponsored-resources Show response
www.crn.com/query/ 33 KB
8 KB 611ms
610ms XHR
application/json 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crn.com/query/all-sponsored-resources?option.template=sponsored-resources

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-57.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

50efd8ff6ab77f7d6f1fb41eda8bd5c848d1c9d58728fbee7798398f09f4293e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /query/all-sponsored-resources?option.template=sponsored-resources
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.crn.com
x-requested-with: XMLHttpRequest
:scheme: https
sec-fetch-site: same-origin
referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
:method: GET
Accept: */*
Referer: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 03 Aug 2021 16:22:14 MEST
x-expired-content-served: false
x-amz-cf-pop: ZRH50-C1
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-amz-cf-id: z21gf5CtFkAPaKG9vmKpRPco5GgVfnvqe_6SIUB5PnCdEQPxMcsjdg==
x-xss-protection: 1; mode=block
server: nginx

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 13ms
13ms Script
application/x-javascript 2600:9000:2190:9400:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.crn.com
URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9400:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:13:27 GMT
content-encoding: gzip
last-modified: Fri, 09 Jul 2021 00:11:37 GMT
server: nginx
age: 85215
etag: W/"60e79439-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: BoJ6jBpWzuQIjscfGKtOsE15s7-br61uGnfPRlGIUOgnmJy6ZCzbBQ==
expires: Tue, 03 Aug 2021 16:13:27 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 17ms
17ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5a029736c3951c2dc9b71d2a83968f67070683f6b4a22f32b5475857c96f9b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:53:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8543
x-xss-protection: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 298ms
99ms Image
image/gif 34.226.28.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=crn.com&p=%2Fnews%2Fsecurity%2Fmicrosoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm&u=DuX_zyClLjJRBMmUNk&d=crn.com&g=60840&g0=security&g1=Wade%20Tyler%20Millward&n=1&f=00001&c=0&x=0&m=0&y=4470&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=4327&t=BHsgnvDl6aclBRxI8urjNHVC9KpED&V=128&i=Microsoft%20Web%20Servers%20Targeted%20By%20Hacker%20%E2%80%98Praying%20Mantis%E2%80%99%3A%20Cybersecurity%20Firm&tz=-120&sn=1&sv=DcUXvSDbq3MzDnCwOpCx7lHCDRZJla&sd=1&im=067b2ff2&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.28.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-28-254.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:53:43 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:53:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 03 Aug 2021 15:53:42 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame AD42 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.crn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.crn.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 03 Aug 2021 15:44:47 GMT
expires: Wed, 03 Aug 2022 15:44:47 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 535
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3F2C 783 B
771 B 19ms
19ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2175bd2bcbb6ff52ab1cca620e02f5353b85b62b734d546c2998440c051c5d6c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-t3OvH9jBTkxVbg7G89qvVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.crn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.crn.com/

Response headers

expires: Tue, 03 Aug 2021 15:53:42 GMT
date: Tue, 03 Aug 2021 15:53:42 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-t3OvH9jBTkxVbg7G89qvVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js Show response
pagead2.googlesyndication.com/bg/ Frame AD42 35 KB
13 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb87103f40756d26814cb4495c3fcd634c42b6994e19b8b27ce080a39e739b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 06:38:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13261
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Aug 2022 06:38:43 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072901&jk=4327623807930060&bg=!cXKlcjbNAAals0SOpbM7ACkAdvg8WlpCB69JwDA7eX0k_DW8QPMHJ0JEtbvl1vsmariu_eLzZhjn6AIAAABNUgAAAAtoAQcKANfDLAoWzDC6ZbmQ_H52hZVbsBcINCa5sw7f2AdrgYXV7Ca9antGuCmEcrdH84r2nhIGMQg2A1aMoiBukGodPtFQbIJ0ZONxpMLZeJKSNMHrckHgSfXFbRZQu4Kl2EdwmEBXVAlH3dBAuy1o-3xxcAtklpbm6dQAFn_jK_G3MpdfItYmPlj5t2wE783Wdc8X4Eyv4LrZC1-zuJ83lauoyi616NBGPhSZZQfMQdL-H72j-q5W2NKreEFY64zL6nOXBJA13wSwnfZa0m1q1OmwWbMZfpQGEYSFEJkCbOLyhCAZEVCcCVsCOHE3x4NKHhYZlP1-rnGL9gsO73izQxdgKzjKQYslYjTBbPyMtP69wESN-IGLyV-zWIUmitpSic1PlnT_592q4o4jhLmMxiv4TaS0JabXLtHU-OXW8uv6_6O_zyVVCUtk6EBcagyiZRmljKmgVbDCRYbmstgesg9iLZ9ajxDLN56L3ZdppiaoY6GfAGTTxzhyQROwCLoklglQKtjqP3imqz0t8A3EobzvXyqfzi1Neq7TqtJdX3JD7LyhGCXQ9FOoN61XHRPYTKDQFWkeOL2oSPw5ICU3IYidWu2xeqXqO5V7cPwonjf84-THnSk_M3lvN1zvV3y_Z7HW0-yX2ocRJtQcwy3HyzgOzdqiACfxsvPpzaOijt-6J0KPSiFRge1oCXFTARlaL63ovMPOgQS6PWOvUNBDJu18MkH3eQDzpyPLxkjn11HaOuZpk6oCth1y9dnYEDpcPBDqMYBd5F_ZGSPp_CU_7HW8AVIkbb5el2xGVxF5kZuaJNPc3AwyeFuIG-MK6OGynqGCaf_Dqi1NWi6RJxB1gYkrWA98ILxIVTVAhU32xoTFVCifi9xieN2asjCUG9ioehj83DFyifFl52gupQYNb0o3nbKcTYOaC8rhPjihT2PCYotqpkbsVDq0IEpMhECZybzB1pVFDmym4adO2P2D3lIRpY7wJQZcIoBt9wnBGsLRR1s82IPIBV_hBCuJkpg2dOcv0ClWr1nWoznDogP6wKVzVInDoQvX1rAZw5bwmgIxk0E7E0cTHugUiVRE_iUbRMa8jExOthdTch8Ig9bWJSr1KG8_85JbOkbC

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:53:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6CC9 42 B
64 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVWmw3zflRzc-9BCa9lVKMGm0gU1yY1IRLatp7FxDGCYt4w5ExjoInTba1PwQyq8siec3E7xvMTKBl9iuic0X_UgZ_SFhBRvLhLl_tkY9S3tQYYbyf&sig=Cg0ArKJSzIH0l_Nmf0WAEAE&id=lidar2&mcvt=1000&p=0,0,1200,1600&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20210802&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=1718008798&rs=4&met=ce&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628006019526&dlt=23&rpt=670&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:53:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5766 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5m8bJRVMOOeKR3NKqu9rLL7Z0NimLUDqzXd-L4UJ4SInmVkZCv9Y_eK3_TKDjL3mJ_UifkTDD4J626sGfwPbGpLFx5xSE_l8fq_nfCc4_Un8_M7ca&sig=Cg0ArKJSzPLTWyiBvO4-EAE&id=lidar2&mcvt=1001&p=71,446,161,1174&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210802&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=1321448471&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628006019525&dlt=22&rpt=641&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:53:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-0KGE261KC1&gtm=2oe820&_p=1357721811&sr=1600x1200&ul=en-us&cid=607510855.1628006019&dl=https%3A%2F%2Fwww.crn.com%2Fnews%2Fsecurity%2Fmicrosoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm&dt=Microsoft%20Web%20Servers%20Targeted%20By%20Hacker%20%E2%80%98Praying%20Mantis%E2%80%99%3A%20Cybersecurity%20Firm&sid=1628006019&sct=1&seg=0&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0KGE261KC1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:53:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.crn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 99ms
98ms Image
image/gif 34.226.28.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=crn.com&p=%2Fnews%2Fsecurity%2Fmicrosoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm&u=DuX_zyClLjJRBMmUNk&d=crn.com&g=60840&g0=security&g1=Wade%20Tyler%20Millward&n=1&f=00001&c=0.25&x=0&m=0&y=4830&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=4327&t=BHsgnvDl6aclBRxI8urjNHVC9KpED&V=128&tz=-120&sn=2&sv=DcUXvSDbq3MzDnCwOpCx7lHCDRZJla&sd=1&im=067b2ff2&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.28.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-28-254.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.crn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 15:53:57 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.visualsteel.com/	1970-01-19 20:58:11	Name: z Value: 6280060224
www.crn.com/	1970-01-20 05:42:14	Name: _chartbeat2 Value: .1628006022844.1628006022844.1.DcUXvSDbq3MzDnCwOpCx7lHCDRZJla.1
www.crn.com/	1970-01-19 20:13:27	Name: _cb_svref Value: null
www.crn.com/	1970-01-20 05:42:14	Name: _cb Value: DuX_zyClLjJRBMmUNk
www.crn.com/	1970-01-20 05:42:14	Name: _cb_ls Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.crn.com/assets/themes/crn/js/tcc_util/advertisementCode-19.js(Line 17) Message: AdGKeys set: newssecuritymicrosoftwebserverstar
console-api	log	URL: https://www.crn.com/assets/themes/crn/js/tcc_util/advertisementCode-19.js(Line 55) Message: AdPageAlias set: security
console-api	log	URL: https://www.crn.com/news/security/microsoft-web-servers-targeted-by-hacker-praying-mantis-cybersecurity-firm(Line 451) Message: AdBlock Enabled? false
console-api	warning	URL: https://players.brightcove.net/1596741612/41ovmUfTl_default/index.min.js(Line 1) Message: VIDEOJS: WARN: TypeError: Cannot read property 'getItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.adobedtm.com
cf-images.us-east-1.prod.boltdns.net
cm.everesttech.net
d463cf63f3842e9301b33b233c3af60a.safeframe.googlesyndication.com
data.crn.com
dpm.demdex.net
edge.api.brightcove.com
mab.chartbeat.com
metrics.brightcove.com
munchkin.marketo.net
pagead2.googlesyndication.com
ping.chartbeat.net
players.brightcove.net
s1110.visualsteel.com
s7.addthis.com
securepubads.g.doubleclick.net
static.chartbeat.com
stats.g.doubleclick.net
tcc.demdex.net
thechannelcompany.d1.sc.omtrdc.net
tpc.googlesyndication.com
v1.addthisedge.com
vjs.zencdn.net
www.crn.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
z.moatads.com
104.108.145.172
104.108.145.56
13.224.101.146
13.224.96.57
142.250.184.226
143.204.93.17
15.236.176.210
169.61.79.97
18.189.240.10
23.59.68.114
2600:9000:2190:9400:18:1fcd:34f:cdc1
2a00:1450:4001:802::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2001
2a00:1450:400c:c07::9c
2a02:26f0:4700:1a3::1e80
2a04:4e42:3::714
2a04:4e42:3::729
34.226.28.254
34.249.249.121
35.244.232.184
52.31.176.223
88.221.60.75
00088f7198cc9988ffb6f34c35afcd82ebba403aa6fbb5c1e2f8aea727b92a23
026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429
046465c8194421a22ab096271b0ed162a2bc48b28277e62a4b381e32cdae52f7
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
078c681d2298d2948df085feac93ba4f15ab3e9085b5b7acdc5eddf33ce28ce1
0ba506560dda3f518bdf9b032edb8a79de74cfb3fe18ced73e86e8dcdadf4c8b
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
150481bcdb6b1a82c4297dfa40623b0278cc54c1ad241d5657bf5416a2cabb2e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16f2d52adc20ab497085c66dda729dced9334ad0b3021e76ff56265f5c151fc8
1905f261db32de8b588bf0c23cc9a71a9335284bd85e8d2c90015d0f547ca680
1aa6c69ef2e5ca3a58f5f59904304940cd42b913ac5e79d58664d298c4053c94
1ad141785c477237e681e95c045ccfaa3d76ae20687a699c36ee992ab3aa006f
1b1a5890f8b17ff656ca52d299897a5e53aa088bf037d2e11292dc04e08fd498
21588b8cbe1a78f1e5721afb069280fd19465300e24c8c9db28e73383f932347
2175bd2bcbb6ff52ab1cca620e02f5353b85b62b734d546c2998440c051c5d6c
2581ed2d4bc43877fbd2f16ea5da6db6a3e798f40f79facf61d93d9ced68fb19
28e91301e8846700a388e694ca99d3483ceb714fbd5b2e485744e40ce1a359c9
2a608d0fe3624337b9a36240c2b78dd436ec3a02f862aa198f272fa61cc0a86c
2ff6ba852b2b41f8a8d734033ef75ef982f18234f4571b605cd486e587d387d7
3197a0d5652771aca1e3bca8e425b71b60e2663eb3e958469bd1b50d7a8d520b
3724401ad90575f9ad67c249fb8e3007a1678c064e659a8239896adfc2cd9a00
3c066cd9a2afc27b5b43e67fabc6306b294067386476d25cfa3b44703db4306d
3da2a4ca0bc1634030da03f4f15cbaee51196cffa26b2600aaf9b0f1b4203566
41184af56782217691e15b72f5672b6c7a6f45af7da021005759d8ff37a47719
417921cfb2730689b3770121dc0d76e2e67f4f990f133800b2940052f8b328b2
427cbb21cd5b5a80cb11d5b4c5ee516058a9dd4f7dbdffa06cb482e507fdb7a1
44ab1060b71e222bab05e88e0b0da84743826b2bfd5e159564a3ac2f4bda8cb2
4c50e17d3c2ed4efb72d0d55784ae2691891459f553d35c135740f52f56b0900
4e3da77a5939fbc06cb620cc93ee888978121a1dcd5cdb746deeb936a4cd92f0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50efd8ff6ab77f7d6f1fb41eda8bd5c848d1c9d58728fbee7798398f09f4293e
5530d35153dabd11e7878778b8b6652768f1f91185dc2b1bc722533cd1d981fa
57fc9bc6f3780bd3a08e6d3af349d932a3c268c26641af980b1fa6f8571dc8dd
5b0981e9c9fdb989b7af9f4e0aba3d337103b58358a1871bc6c8cc700fc43753
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5
6488b4575cb6a833cff4dcfa0377b84c52dbf322e481c4f4a20be1952787faef
66a575a0e0b8db8936845291117366ffa68bf06f8d690b6025d756cc35eb1d1b
672f7df2a6027dc68f396b5b498a6f25f47724f8983de8e0b0bd765ffda444c2
6aa43bb2f9d587259a68783844d61e118b3553f7a6a055b8c2fcb619f28b77c2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6af7d60664b543d410f6840e487ca8c1afc8651ca04a2fe9d4adda046fdd244a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb57f40d6eefdd3afca4f169659c38e0530854891fbc159d751319e43e4cf14
6ff1dcfa788574a833edd6dbe64f239ecc8c4ca92ba43916fc64a643bba19a07
74f80202c21be00044a8472fc9e17c4fa7c1dcfdf9ef4d77020670a2a0cadb46
7b3a722d864f6691a3efdee4186ee50cf8835d4827d2c53fe82135885a04f259
7b5093442fce431df68f379d12801d395b7fc6794521283d6b361f327d9e5a66
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8491e6705bdb33a52dce45f3e5299aab11aa555537f6a6e869e4a0bd9af3d7be
8c92751f271c65053ae42db9be4ce811243ef834b45d1ca8be82342272f5a3fd
8e24de42e507002eb76b13fb40bf0bc6d7d1291ecf2c4a418a73c4fa008cf031
8f5200bb9d225173ad3aeffde7ebf953d9792e7d061400d3f73921f32bb088ca
90f8fab55baa00ed10b21fe8264099700d2c2e49fcb6208ac9dae8580fee284f
92555c375e8211e9f71f8014acbaa1006e789f00dc0add9c83e0fd328af74e45
93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66
99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1
9bc372ad9525cc842526de4f9d41972514c23046e450e77e0f1bdc4e415deafb
9d9470296274f005a8be2018f3abb1213f837ee31acf07eef117161557db4ce7
a0069b0962e1eceff85f9fec2a959502115339acd842081d2b5e5b739c174350
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a4698e5f38c7fcc80f185e8979dd1b03d076ad1906bbfd2132c1c023086180a9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a5fe2416b2094f6f22db21d371007b680bf6b220d9e9c929e611e55ba62a6b2c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d
aaf10881651efc98ffad0338f7c7c5f3a3a2e97ae9616cfb2c086125b23491b8
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afa1528c924e6cb6783051b48960b80abc2565e021e172928bbd3bacb4776c52
b5a029736c3951c2dc9b71d2a83968f67070683f6b4a22f32b5475857c96f9b6
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b72ef96281587bcda8773fd4b762e132a89351f79f2bb1ce096b83f57038cd39
b884f99a3453daf9885a9e24a8e09a60904fa4e7284cae3903103bcb610bae41
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0e5684991a5e63d0bf8c00121357df01943661407932b692be65d49d4d9896e
c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a
c5973731ca766220165c6fd89043f692ee231950e68d4c175f0e09bb3712c5c9
c742004a6975216e2c3b5e96654f2884dadee579c36e5c8c159ed1ab1009edd9
c9d035f2565ff15da10a611e1e755e0042ebe697468672c4d1e6aa07007db63d
ca6372f523c356c3edc0e7dbefa0340e985608da8ba5423859b1e4690f398670
cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb87103f40756d26814cb4495c3fcd634c42b6994e19b8b27ce080a39e739b2
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d7b794d8a4cf1ba64491c6fc86920964e2493f5e6bb7e0b6e8d7edc649e62635
d8eeddef679baedd0e1a223c594d0db4ef47785abacd46c7e1128d3782795624
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfc19252de835e34f1364ec3c113c51783bc612f5e4d1a2f67af8a1614ed1658
e0c66f9dd3a0f99e0bfbc6998cf5ff7b8109443f689716c97956e0ce3c7f57fb
e379fbca626327f85d69a698a26f379d6474878dd8f86ac6af498fe9aea78da8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e9fa7f00cb2f43c5b2cde8a762c10e52dea6f115a92c331467c3def2347e19cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f63ad4cc4741d8c195ed33f4550689e0c70a42ae588447a67a60b607ca226e7b
facccbabfed74a7ef921bc94ff28f7d06f936adf42639fe8f103034b5e3797f9
fed875a7c2182ee95c45abc4496292d4e985ee2c294b7cb2535f83adfd8abd8b

www.crn.com Open in urlscan Pro 13.224.96.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

147 Requests

98 %HTTPS

53 %IPv6

24 Domains

32 Subdomains

32 IPs

6 Countries

2351 kBTransfer

5423 kBSize

5 Cookies

66 Outgoing links

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.crn.com Open in urlscan Pro
13.224.96.57 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

98 %
HTTPS

53 %
IPv6

24
Domains

32
Subdomains

32
IPs

6
Countries

2351 kB
Transfer

5423 kB
Size

5
Cookies

147 HTTP transactions
11 data transactions