www.insurancebusinessmag.com Open in urlscan Pro
2606:4700:3037::681f:5ebc Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Submission: On December 08 via api (December 8th 2020, 1:00:25 am UTC) from DE

Summary HTTP 129 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 40 IPs in 6 countries across 37 domains to perform 129 HTTP transactions. The main IP is 2606:4700:3037::681f:5ebc, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.insurancebusinessmag.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 21st 2020. Valid for: a year.

This is the only time www.insurancebusinessmag.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:303... 2606:4700:3037::681f:5ebc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
4	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
6	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 16	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:170... 2a02:26f0:1700:d::1737:6e8f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
3	104.75.88.112 104.75.88.112	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.190.50.98 35.190.50.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1 5	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:73b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eecc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
1 2	3.248.28.111 3.248.28.111	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:a913	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.21.175.83 52.21.175.83	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:816::2013	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:cacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
129	40

10 2606:4700:3037::681f:5ebc (United States)

ASN13335 (CLOUDFLARENET, US)

www.insurancebusinessmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 216.58.206.2 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:1700:d::1737:6e8f (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

cdn-res.keymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.75.88.112 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.50.98 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 98.50.190.35.bc.googleusercontent.com

cdn.sajari.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.sajari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

insurance-business.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.40 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:73b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.28.111 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7f43a9b3597f6093158f9acd53df2006.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:a913 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.175.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-175-83.compute-1.amazonaws.com

nextroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

re.sajari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cacc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com 7f43a9b3597f6093158f9acd53df2006.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	330 KB
18	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	135 KB
10	insurancebusinessmag.com www.insurancebusinessmag.com	83 KB
7	googletagservices.com www.googletagservices.com	201 KB
6	facebook.com www.facebook.com	1021 B
6	adroll.com 1 redirects s.adroll.com d.adroll.com	71 KB
6	cloudflare.com cdnjs.cloudflare.com	23 KB
5	disquscdn.com c.disquscdn.com	230 KB
4	google.com www.google.com adservice.google.com	957 B
4	facebook.net connect.facebook.net	231 KB
4	fontawesome.com use.fontawesome.com	184 KB
3	hubspot.com api.hubspot.com track.hubspot.com	712 B
3	disqus.com insurance-business.disqus.com disqus.com	33 KB
3	keymedia.com cdn-res.keymedia.com	251 KB
2	sajari.com cdn.sajari.com re.sajari.com	23 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	gstatic.com fonts.gstatic.com	22 KB
2	addthis.com s7.addthis.com	190 KB
2	jquery.com code.jquery.com	96 KB
1	hubapi.com api.hubapi.com	706 B
1	addthisedge.com v1.addthisedge.com	762 B
1	moatads.com z.moatads.com	1 KB
1	nextroll.com nextroll.com	2 KB
1	google.at adservice.google.at	803 B
1	google.de www.google.de	154 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	hs-banner.com js.hs-banner.com	12 KB
1	usemessages.com js.usemessages.com	19 KB
1	hsadspixel.net js.hsadspixel.net	2 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	zoominfo.com ws.zoominfo.com	726 B
1	hs-scripts.com js.hs-scripts.com	931 B
1	googleadservices.com www.googleadservices.com	13 KB
1	googletagmanager.com www.googletagmanager.com	45 KB
1	sajari.net cdn.sajari.net	200 KB
1	googleapis.com fonts.googleapis.com	724 B
0	bootstrapcdn.com Failed maxcdn.bootstrapcdn.com Failed
129	37

	Domain	Requested by
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.insurancebusinessmag.com tpc.googlesyndication.com
16	securepubads.g.doubleclick.net	1 redirects www.insurancebusinessmag.com securepubads.g.doubleclick.net
10	www.insurancebusinessmag.com	www.insurancebusinessmag.com
8	pagead2.googlesyndication.com	www.insurancebusinessmag.com securepubads.g.doubleclick.net
7	www.googletagservices.com	securepubads.g.doubleclick.net
6	www.facebook.com	www.insurancebusinessmag.com connect.facebook.net
6	cdnjs.cloudflare.com	www.insurancebusinessmag.com
5	c.disquscdn.com	insurance-business.disqus.com
5	s.adroll.com	1 redirects www.googletagmanager.com www.insurancebusinessmag.com s.adroll.com
4	connect.facebook.net	www.insurancebusinessmag.com connect.facebook.net
4	use.fontawesome.com	www.insurancebusinessmag.com use.fontawesome.com
3	www.google.com	www.insurancebusinessmag.com securepubads.g.doubleclick.net
3	cdn-res.keymedia.com	www.insurancebusinessmag.com
2	api.hubspot.com	js.usemessages.com
2	disqus.com	insurance-business.disqus.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	s7.addthis.com	www.insurancebusinessmag.com s7.addthis.com
2	code.jquery.com	www.insurancebusinessmag.com
1	track.hubspot.com
1	api.hubapi.com	js.hsadspixel.net
1	re.sajari.com	www.insurancebusinessmag.com
1	v1.addthisedge.com	s7.addthis.com
1	cdn.sajari.com	www.insurancebusinessmag.com
1	z.moatads.com	s7.addthis.com
1	nextroll.com	www.insurancebusinessmag.com
1	7f43a9b3597f6093158f9acd53df2006.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.at	securepubads.g.doubleclick.net
1	www.google.de	www.insurancebusinessmag.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	d.adroll.com	www.insurancebusinessmag.com
1	d.adroll.mgr.consensu.org	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	ws.zoominfo.com	www.insurancebusinessmag.com
1	js.hs-scripts.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	insurance-business.disqus.com	www.insurancebusinessmag.com
1	www.googletagmanager.com	www.insurancebusinessmag.com
1	cdn.sajari.net	www.insurancebusinessmag.com
1	fonts.googleapis.com	www.insurancebusinessmag.com
0	maxcdn.bootstrapcdn.com Failed	www.insurancebusinessmag.com
129	46

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.lifehealthpro.ca
learn.insurancebusinessmag.com
kmi.magazinemanager.com
shop.kmimedia.ca
bpaww.com
www.keymedia.com
www.wealthprofessional.ca

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-21` - `2021-07-21`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
cert00041-azurecdn.akamaized.net R3	`2020-12-06` - `2021-03-06`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.sajari.net AlphaSSL CA - SHA256 - G2	`2020-08-03` - `2022-09-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.at GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
nextroll.com Let's Encrypt Authority X3	`2020-11-20` - `2021-02-18`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.sajari.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-03` - `2022-06-11`	2 years	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
re.sajari.com GTS CA 1D2	`2020-11-26` - `2021-02-24`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Frame ID: 83F8A08E9591CD739040196197B12C5E
Requests: 86 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwylC9vE38DxG1VMghH551TfExv9qQ_CiEiGUvOEQBo0XfCEaNBOPqxtSEd3QN69RmaKf0iOocFh-f0aGi8C3kOeChEYB4LOzz7ysJYqKmSLWvgMZ4vOb74hKWUcqXeEe2baR3k2lGMiTcESCuU1rvu0fV6ZlwY8qUmwpNvxEjjIj2sh2pUnQjazLJPowTSxPtEpC_mOHQVDRjiA59hjsYn0s4Di1Wkh9K4S2BAi0OkRCO3mc7y87OkYjhI7b7QNgWEnS-rIlvPlBYqMxe0PjR5uMYz677P3M9mw2fGpKXmRHJsdHSY38C7sVdU5FyC7l574k9&sig=Cg0ArKJSzJR40AeqqcH4EAE&adurl=
Frame ID: A5ED83BD5D55A9E74914F755C9EA83C3
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1T2thUZypU5YFZ1W8tDE3BhL24acZvNmEAO2PqZds_GS_EaXCn1M7wYOXngOG1MlaH3HvYlDO84c_GSLHC1xqg7HPyxiK6JI0Lu7w8pQiXF9-9dtSEhkVF-oygYMSqnDOBO7wuMmC0Ffdrq2LAP4J8OVSuuQhmTjJBaSXW_X_MEN2jaORgRUGbbpfvEyqcZtE9044RzySJYUfJFsGC6K27FqZ-EBgcaQRlJGPBzLsGVvPvTm7Mjbu-oqsYJ1nPvOIWXxXr0H1TQ41nBj6OVmrP_WYN2w6Mf1oyfIF&sig=Cg0ArKJSzHNlUGcYFnpOEAE&adurl=
Frame ID: 44B475FC6217C1DF363B2312B4FBC868
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwggp0FOTsX1wa6aPpWVTFAs3Vq9pmJRbv6NCyS3hB9CRTcNORfHxney-2bMeeC79aP0j3SQZz1HtpTfqwUgnrA_cDhzurPM4SWrTxmFXhhKD_Zn8kwd0FNt9AAt42229_3LNHbMnJ9FzWDD5BKUNpZjXqxeHQzId8Sgn-XUUdxJOL6NeJkP3nDGA92pjlsCJM5n3t4E0t5nToj3RVHEW4JPcUYA6814LbhBL4gVrJlquEEcwOJQszTYanWOZkzy7E4Iti8gz3nU_Rym2FqEv1NZH8fweFDNQhXemK_A&sig=Cg0ArKJSzH4Y2vyCUp9HEAE&adurl=
Frame ID: 91E01A4A86BF60DC6817A9ED02574823
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgr_86MT4C2KiKIpmRhbGTflYbG5XftRk_1zhZ3A1Xr_wjlltfPBDrFbOaJIkRYTmfZQ1uothh4Mv3OiZBPWNTMQnTlubwxc-0XtTwGN5u1nbpGjTdOl7to3m-Q3DBSyYBehqScJHX68dq_MnK0UWNvR5badEVUvCfWbDp-VHx9BN0EyKbIQd1s_CGe0okxG4TlwzLRwf0XW_JhhQkx_DT254oFgI_1GFqHUd2JZi0IYex8vhAsODL3as4-lnhTwBgNehmzx6Y3OTk1Awp-aanLIObgoXNtLm4Z09wmQ&sig=Cg0ArKJSzFbI3E-fEBFCEAE&adurl=
Frame ID: 1D447DB821EF464519F79EEDF41027FC
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/13810547153303696996
Frame ID: 9AB2A5765F066101D863AA235F5801DA
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstk0ND0y8nJ_W-llqR_4DDTDPbwFEWLCHjSt1-Kpf1xfEF23Djf_hqQd4ubHvhHZM5C6QbD0AvBvHXazRqD9YL0LxcY6AVbEbm5YAy6Gym-U3DN5Xf7w8BGMW_cmuGacFZi_vF1x8vtBVX84U-iMdQoGcIGWareF9Aq84gOR-CnIh5uDPf05280P46fhnzj9m8nMlVsl420EsblcwnEwobedcwVxnESGzi0H1pw7fzL9_4vbFqDVhZamxxcR-rpcU6QP07GwSA0JQeJQxFZb0RV1xYIHWtNc3fZfMHsyQ&sig=Cg0ArKJSzHBAW6dEWVEkEAE&adurl=
Frame ID: F8639A91C593F0D893A93C8C4165565D
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssk8wn6mCi4NczbfJcGELABS1UVjOEgsz_UK77xdX6O2XQBbzA4S5SI_49rZKN3BHrAu0EaYbiUXnaek7yOKhGqZUNzkn7j0d3KwdJru44wAdvFQegq6naPTa4MyXZJCHKuEBYWap8eqXK_GTbCQOMxDYQfeklpvRSriLsxborMe536_xjzsYOtahcx5fwotJG_uS5BjP1KJd1VJjCZuLw9nqcUY4jG5INps6gkPA4uCNFqX1mOA_TQ83BwOn82SBj2DiysNAwDP0mMe6l_PhhP-i7542S8Lu16Uvka2A&sig=Cg0ArKJSzIRlBywV6pqBEAE&adurl=
Frame ID: B42923DBBCA94270C2063C3A2E2DEA88
Requests: 8 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=insurance-business&t_i=241242&t_u=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&t_d=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&t_t=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&s_o=default
Frame ID: 786D0F35D516B3EA81BC038DA4C952B3
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 1BDEEAE571E4F5921D1E5BAA515C9702
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 1D05A510324AAF94BDFC6029B399FBA3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 6884F3892723C42983CBD0DB70D75864
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

129
Requests

99 %
HTTPS

72 %
IPv6

37
Domains

46
Subdomains

40
IPs

6
Countries

2440 kB
Transfer

5606 kB
Size

7
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/InsuranceBusinessCanada

Search URL Search Domain Scan URL

URL: https://twitter.com/InsuranceBizCA

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/15154282

Search URL Search Domain Scan URL

URL: https://www.lifehealthpro.ca/
Title: Life

Search URL Search Domain Scan URL

URL: https://learn.insurancebusinessmag.com/
Title: eLearning

Search URL Search Domain Scan URL

URL: https://kmi.magazinemanager.com/subscribe/subscribe_renewOnlineCFGS_KMI.asp?renew=&source=IBPAID1
Title: Magazine

Search URL Search Domain Scan URL

URL: http://shop.kmimedia.ca/magazines/back-issues/insurance-business/?sort=newest
Title: Back Issues

Search URL Search Domain Scan URL

URL: http://shop.kmimedia.ca/special-reports/insurance-business/?sort=newest
Title: Special Reports

Search URL Search Domain Scan URL

URL: http://bpaww.com/bpaww/#?targeturl=/BPAWW/MemberTools/AuditedSiteTraffic&target=2&languageid=1&homepage=/bpaww/Content/MainContent/Home/Index.html&footerpage=/bpaww/content/maincontent/footer/english.htm

Search URL Search Domain Scan URL

URL: https://www.keymedia.com/
Title: Key Media

Search URL Search Domain Scan URL

URL: https://www.wealthprofessional.ca/
Title: Wealth Professional Canada

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://s.adroll.com/j/exp/2VITFUM7BRCEBEOMM6S7XQ/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 48

https://d.adroll.mgr.consensu.org/consent/iabcheck/2VITFUM7BRCEBEOMM6S7XQ?_s=14e349ea2990d324bd7d939a1406496a&_b=2 HTTP 302
https://d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/?_s=14e349ea2990d324bd7d939a1406496a&_b=2

Request Chain 81

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteAASOVgADbTL1dykW6Y9TQ6ZWbPD2DDuckjblYHEqXcBuaV_ANc26ft3iVJwHwOlpCao_e15t0LdbH1MSWwC1VjvL8ZGIhp-2SRRC3qHV123tDk7LRQImmiFHKXRYyCD8AQPjwos5IQOfHiP0INejp9wPuYmD4UkN28JtkMkQSObqMeH4LsnakWWkFw-bL83-2onh_7Uxwu2YCyZwFJ6m8pKr3glWPn-QXTaHoC_9g1F15uzI_MSCi0PL0Ab-IOVu0cA0NWmq4uukQLUjjNqyo72ICi3fU1N8md4FyivYeA&sig=Cg0ArKJSzIXsWvasW5PUEAE&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/13810547153303696996? HTTP 302
https://tpc.googlesyndication.com/simgad/13810547153303696996

129 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx Show response
www.insurancebusinessmag.com/ca/news/cyber/ 56 KB
10 KB 647ms
622ms Document
text/html 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2a505944a6468ec6d93a0c2ca258c3e4f7a633c9a07ff2a1db859ffe1306f4d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: www.insurancebusinessmag.com
:scheme: https
:path: /ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:47 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dbb57f77875e09fce6c7d454f0d075fa31607389187; expires=Thu, 07-Jan-21 00:59:47 GMT; path=/; domain=.insurancebusinessmag.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
cf-request-id: 06e175a52200002bd6fa0fc000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZID2SQJNeNLAfNXvxa55OZc9hIn08ToH4ZHeK1FPXxg2uA27h0b%2BgwUZQKLeocY7g%2BIKUlZMFp%2BpRVnKyTFp97uCqToCdLVDEx1m%2BaKdekktj3BdEwerkxyy5a79ta2iY4vrW%2FYCkAv%2B"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fe28bb50dd22bd6-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 4 KB
724 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

083be3c59862e11bbcda4128a12a7d9934f461ac881ed75af92b1c1b3615c576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Dec 2020 23:13:31 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Tue, 08 Dec 2020 00:59:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 08 Dec 2020 00:59:47 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.1/css/ 58 KB
15 KB 106ms
34ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: gzip
last-modified: Mon, 05 Oct 2020 15:13:10 GMT
server: NetDNA-cache/2.2
etag: W/"b227b1617a1763c8bc056772f05482b4"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 1 KB
1 KB 29ms
12ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.css

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 477223
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 394
cf-request-id: 06e175a7a800002b4def19a000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ifi%2BuwvxrPciJTYuvSMYzCnhojvAEmhlAvoZ%2BeY7A0SawZmBF0FoVn96pgamE3ZSFC%2FRiVRKfd%2BU%2Byanyc4aVmpDTazjusFm5nCncY%2FYUBggZKDSBeyrYVBbpXlodzlvFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe28bb90f832b4d-FRA
expires: Sun, 28 Nov 2021 00:59:48 GMT

GET
H2 200 site.min.css
www.insurancebusinessmag.com/css/ 217 KB
31 KB 414ms
413ms Stylesheet
text/css 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

25aa839bb8c9e29422bf3aa8925e2d13d7b985b1bce61296f8d5780efcb3b142

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
cf-request-id: 06e175a79900002bd65f19c000000001
last-modified: Thu, 26 Nov 2020 05:10:15 GMT
server: cloudflare
etag: W/"1d6c3b26cbd77e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CFe0hF8TNxPrr9dr90ctgJ5qwLL6gnoM3WNRho84QpFMD1cfJ7abzBZ%2BDapdsJNE7uM%2Flnchq%2FLyYQ6cEwFvr54TNVOcoTkyUD0ZmnrQaSxsk%2Fjythvd9FplxiNuC%2BAl7ZImCid%2B5%2F5m"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5fe28bb8faaa2bd6-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 55 KB
19 KB 125ms
45ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

585c89af42e974f872d38688837b31f2497428ee5d6995a700d64b1151e11a69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "717 / 332 of 1000 / last-modified: 1607382558"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18880
x-xss-protection: 0
expires: Tue, 08 Dec 2020 00:59:48 GMT

GET
H2 200 logo_gray_ca.png
www.insurancebusinessmag.com/images/ 5 KB
5 KB 16ms
11ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/logo_gray_ca.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

55245b72bbdeeba40fdbd930227228c562438e21179d4705354888052f116b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1640
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 5287
cf-request-id: 06e175a94700002bd6f7a72000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310c627"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qHNjY3SzDKN2Q5CrF2QiW%2Faj%2BEp4mnnZNlI1umDjBLdBDvy1zCmVoLniIOesnpiA5yigrWqGoz%2FLfsxqt3UyJpFjVZrIiA%2FIOA%2Bw8uej0Q2Aobno7muSkvWxDFDOwuxgYrH%2FjCfbDPzH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fe28bbbae1b2bd6-FRA

GET
H2 200 logo_ca.png
www.insurancebusinessmag.com/images/ 11 KB
11 KB 16ms
12ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/logo_ca.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

21f61c21dbb69eb2297c1f858d6990217ee2237605c0e126ca93fbd7966b1276

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1640
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 11195
cf-request-id: 06e175a94700002bd6643da000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310f93b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hpCwKvHuO0EXTPOfK%2F6FO4h58SHCBDnA3ZA4dWqkB2bzsDMjM2ESs8LjD%2BGZ5rox4%2FtZlJidrGhdBDbkF7mmSmQTuqiXXOrVmyKmf%2B%2FQCRzGc7x%2Bobo5%2BAkETPTLVWAAyH4l9Hk5AcE8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fe28bbbae1c2bd6-FRA

GET
H2 200 logo_ca_mobile.png
www.insurancebusinessmag.com/images/ 8 KB
9 KB 16ms
12ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/logo_ca_mobile.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

52c81653f6f0d0e52dbfea77beabc12fef7ac4c6cc7a73c927bbd095e87c1b62

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1640
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 8597
cf-request-id: 06e175a94700002bd641190000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310f315"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K3U%2FmIAoJKIDvXWPVP90pOe7clwC8xb66tBSf9NmdxfA%2B0a6rlllCATBIdi22u7ZHPbE6sfgVFAgcmzRSZgodtu6UooUuEmqkvJ0LjZF4BYK0zRYq28031e%2FIB6qLaxSF4Sh7zRHfAfm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fe28bbbae1d2bd6-FRA

GET
H2 200 0270_637429306728087852.jpg
cdn-res.keymedia.com/cms/images/us/023/ 71 KB
71 KB 40ms
9ms Image
image/jpeg 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-res.keymedia.com/cms/images/us/023/0270_637429306728087852.jpg
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 315471cb3e63c008279774f2cf4f79d9025bbe22030e51965e26668aba419dbf

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 08 Dec 2020 00:59:48 GMT
last-modified: Mon, 07 Dec 2020 09:37:52 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: PdMDAfDpsglIvzXuEVA+hQ==
etag: 0x8D89A93C504BE16
content-type: image/jpeg
x-ms-request-id: 620743f1-a01e-00e5-0b7d-ccc0f9000000
x-ms-version: 2009-09-19
x-ms-meta-originalfilename: istock-cyberattack-technology-606671804.jpg
content-length: 72201

GET
H2 200 img_enewsletter.gif
www.insurancebusinessmag.com/images/ 3 KB
3 KB 13ms
10ms Image
image/gif 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/img_enewsletter.gif

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ded0cec5a92fcdcd902c570635ae0933ea83e3e372e2ca283eaf573c9e5cab21

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1640
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 2866
cf-request-id: 06e175a94700002bd669922000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310d9b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WjqyAQSoUB5kVFX1Y2Q%2FqEAE7jWhogUurCOC4gktW9P4OFkdLXKvfI7zLH651hjzbURJwxJDP3Wcf5ZiLm%2BdWVTKvZ4NbhZGN1lcWYf8NYkoIwtsfym3i8BjsWGT6fLQX0HGY31LcBMm"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fe28bbbae202bd6-FRA

GET
H2 200 0116_637274390792424475.jpg
cdn-res.keymedia.com/cms/images/us/003/ 62 KB
63 KB 47ms
16ms Image
image/jpeg 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-res.keymedia.com/cms/images/us/003/0116_637274390792424475.jpg
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 40ca8539ffd12e7edf95bfff0b850217cff57001d266cd4613b23c5c7b0f0b82

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 08 Dec 2020 00:59:48 GMT
last-modified: Thu, 11 Jun 2020 02:24:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: +LKLZmxgLlM+nItRoCYu6A==
etag: 0x8D80DAE97B905DE
content-type: image/jpeg
x-ms-request-id: 6a6e2de0-801e-0006-2771-60a204000000
x-ms-version: 2009-09-19
x-ms-meta-originalfilename: IBA Talk Hompage Tile_D.jpg
content-length: 63674

GET
H2 200 0132_637411468949978004.jpg
cdn-res.keymedia.com/cms/images/us/023/ 117 KB
118 KB 52ms
21ms Image
image/jpeg 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-res.keymedia.com/cms/images/us/023/0132_637411468949978004.jpg
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cdd2dbc8847ae720b1c56daab4f2a04859e919d602af61e08119e51ddad1f68b

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 08 Dec 2020 00:59:48 GMT
last-modified: Mon, 16 Nov 2020 18:08:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: X1bLcJFJA0lHQYgdq4kMbQ==
etag: 0x8D88A5A96AC059A
content-type: image/jpeg
x-ms-request-id: 3253528b-901e-0057-2044-bc3f88000000
x-ms-version: 2009-09-19
x-ms-meta-originalfilename: New Project(14).jpg
content-length: 119767

GET
H2 200 BPA_WW_MASTER.png
www.insurancebusinessmag.com/images/ 5 KB
6 KB 15ms
12ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/BPA_WW_MASTER.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e616bb99a3cf0261a8e8bbf713bdaad17473afabbc032f5f351c85575596320b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2154
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 5609
cf-request-id: 06e175a94700002bd644a32000000001
last-modified: Mon, 16 Dec 2019 08:12:10 GMT
server: cloudflare
etag: "1d5b3e883a97ce9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ArkoirzkcNbPoQh1i%2FB38bww2S7s7I8Rj5g3yyNZQF%2Faib%2BO%2F9ia333fQMk7jc9Th5aIf4QWj5bZcdh2JNQw9wYjNYBa7cjNSr%2FHRcENHyUjBsQvNV%2FkfpbLlNnzQM8rNcp%2BoZZQRhL9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fe28bbbae212bd6-FRA

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 22ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: nginx
etag: W/"58d026fb-15283"
vary: Accept-Encoding
x-hw: 1607389188.dop019.fr8.t,1607389188.cds265.fr8.hc,1607389188.cds133.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 8ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
etag: W/"57d97c08-3dee4"
vary: Accept-Encoding
x-hw: 1607389188.dop019.fr8.t,1607389188.cds265.fr8.hc,1607389188.cds251.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67751

GET bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 0
0

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 42 KB
9 KB 11ms
11ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 477223
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 9283
cf-request-id: 06e175a93800002b4d8a8b0000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-a76f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xaED1pNLAqx8RtMyF8C3sRtCrxvoHZ68EVSgyo6r0l0swB6LRJd8b67IVZfUuCvXbJW0LToyP2IXrh7mxeqJZXbSZrgplpQSSqx9pfNlI%2BZEL2Ti9ZMNUylCPgVQ4o0V6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe28bbb8a822b4d-FRA
expires: Sun, 28 Nov 2021 00:59:48 GMT

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/ 23 KB
7 KB 19ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/jquery.validate.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 431387
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 6677
cf-request-id: 06e175a94700002b4d9a9f6000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-5add"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y%2B9ADZKYj%2B7DcdG5f%2F8%2FkQRPL68NI9%2FBFgBflpUBecTtjspUvh9qyNNu7mBaThcOMCJKiH5tIh8l16zmxidEuxZFuGbM2LKfDHBfCtaUU%2FpLzaAXvtpMqdL%2BVZrjkZ78DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe28bbbaaa52b4d-FRA
expires: Sun, 28 Nov 2021 00:59:48 GMT

GET
H2 200 jquery.validate.unobtrusive.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.6/ 5 KB
2 KB 20ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.6/jquery.validate.unobtrusive.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83540a1b1aaca7ec79264b8dfc98c797dea37b6c33b604b95a8e21e1cee09bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 477208
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 1740
cf-request-id: 06e175a94700002b4dd2031000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-1494"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EmOnWgGyBAKWnwVKYpEfKHF9htFc6lZ4OAtW55DM1SalUeDilDutqN0YZZbxzgoSuX5uksk7uQXGYBvj6x0a%2B%2B%2FuxRKHBOD2lfBLMWKYnblareAN0ZO%2Bxe0RaskLbIEINw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe28bbbaaa82b4d-FRA
expires: Sun, 28 Nov 2021 00:59:48 GMT

GET
H2 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/ 2 KB
1 KB 19ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/js.cookie.min.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 477220
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 746
cf-request-id: 06e175a94700002b4db097a000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-699"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tNTMMuQBSno4Inab%2FnFOFruGRSf6jj4%2BXGSXMRky%2FlkZJbp2%2BYYjElsRznfu9NNN0t2fBL8KZtNjaq9kXb3qhJ%2B34Awgfk08LNUlmkoIuhYQ02Xnp5StuGZhHC0hYC29dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe28bbbaaa92b4d-FRA
expires: Sun, 28 Nov 2021 00:59:48 GMT

GET
H2 200 jquery.bootstrap.wizard.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap-wizard/1.2/ 9 KB
3 KB 22ms
16ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap-wizard/1.2/jquery.bootstrap.wizard.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bed0322f5d7ae2d256db706cb681ab757c8e5ef051e3b9f53e82ad953d0211d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 425168
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 2027
cf-request-id: 06e175a94800002b4d9fbef000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-23da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wHXVF05Y4G340DZzoV5nTsJn%2BR8z4EMNrIM5YbIH54h%2BRpHAfS4wT64hVBusV4f5l9Sv2JT9tDFlevqvRUFKOOEiTVwE7eZdDmw7Lo%2Bgl%2BBXljJ6XUOEraP8pElqH6IasA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5fe28bbbaaab2b4d-FRA
expires: Sun, 28 Nov 2021 00:59:48 GMT

GET
H2 200 site.min.js Show response
www.insurancebusinessmag.com/js/ 3 KB
2 KB 16ms
11ms Script
application/javascript 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insurancebusinessmag.com/js/site.min.js?v=a8CgVlJJa2pHH6NyWSDRb1xgq97m0DJCCfQmFEGXcpU

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6bc0a05652496b6a471fa3725920d16f5c60abdee6d0324209f4261441977295

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2162
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
cf-request-id: 06e175a94700002bd62931d000000001
last-modified: Mon, 16 Dec 2019 08:12:10 GMT
server: cloudflare
etag: W/"1d5b3e883a96460"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c30T5VSh0IpMCsymEyHxN3Z0Op2Voq4%2BoCCMgi5%2BWCcc5pLZQ%2BEnxetmC2O4HhggtG8sJPlCKh38Ijyl2jIxjsk7kCDgOiTn3%2BqKbjhasLW5VMvm96k%2FHIcWpm0eREPcsfxjztWHTqgk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5fe28bbbae1a2bd6-FRA

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 101ms
32ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Tue, 08 Dec 2020 00:59:48 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 website-search-1.4.js Show response
cdn.sajari.net/js/integrations/ 662 KB
200 KB 106ms
35ms Script
application/javascript 35.190.50.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sajari.net/js/integrations/website-search-1.4.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.50.98 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.50.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 04cdfaeaa1468ca5e86756f9f137d60c66db6991faa4e549827117eb0e2f33c1

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 09:16:48 GMT
content-encoding: gzip
age: 56580
x-guploader-uploadid: ABg5-Ux35agqFh9S7HZCXZOQnPqQ1h7omg2lsAdLPmKv2-TLyMoyrQu8c8zYj4AXcP_d5G9i6ZT4Yov-Iay7fw9PasffPcruoA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 204181
last-modified: Fri, 27 Nov 2020 01:20:45 GMT
server: UploadServer
etag: "65c7b0342e669c616f2779114a738111"
x-goog-hash: crc32c=lavJ7Q==, md5=ZcewNC5mnGFvJ3kRSnOBEQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1606440045862038
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400,no-transform
x-goog-stored-content-length: 204181
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 08 Dec 2020 09:16:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 128 KB
45 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb00b534b05542cbc3b51f1324df4291145e3d79f28e4552ab862effe59a97d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45803
x-xss-protection: 0
last-modified: Tue, 08 Dec 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 08 Dec 2020 00:59:48 GMT

GET
H/1.1 200
OK embed.js Show response
insurance-business.disqus.com/ 70 KB
23 KB 387ms
325ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance-business.disqus.com/embed.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

933836f676a7ec03257cbcb36a9929fb1c9f9f98da972d8caa3ceac8c555560b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Dec 2020 00:59:48 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 23291

GET
H2 200 keymedia_logo.png
www.insurancebusinessmag.com/images/ 3 KB
3 KB 13ms
11ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/keymedia_logo.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

bb20e7c2fc5f8cfd74c43906c776a31f04c93fc00d11d921dfb923bcfaab0c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2154
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 2797
cf-request-id: 06e175a96700002bd60535d000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310d86d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Bos2aYCp9U8jmrYQLetLnOg0WoWUiwck7oTm8F4lklpns53CUQYjt6EQNo22vHkL9hw%2F0Z2obA4seAaKQf54fz93028QNyDcSxIe5CmxHJXsHK8xaHL%2FbZSPBgv6Ox1AwhHy0CnvA7Yi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fe28bbbde5d2bd6-FRA

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 20:01:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 363516
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 03 Dec 2021 20:01:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 21:21:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 445113
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Thu, 02 Dec 2021 21:21:15 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 78 KB
79 KB 41ms
40ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://use.fontawesome.com/releases/v5.15.1/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
last-modified: Mon, 05 Oct 2020 15:14:37 GMT
server: NetDNA-cache/2.2
etag: "8e1ed89b6ccb8ce41faf5cb672677105"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 80300

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 77 KB
77 KB 72ms
71ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://use.fontawesome.com/releases/v5.15.1/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
last-modified: Mon, 05 Oct 2020 15:14:09 GMT
server: NetDNA-cache/2.2
etag: "f075c50f89795e4cdb4d45b51f1a6800"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 78460

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 13 KB
14 KB 88ms
88ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d

Request headers

Origin: https://www.insurancebusinessmag.com
Referer: https://use.fontawesome.com/releases/v5.15.1/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
last-modified: Mon, 05 Oct 2020 15:14:17 GMT
server: NetDNA-cache/2.2
etag: "4a74738e7728e93c4394b8604081da62"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 13548

GET
H3-Q050 200 pubads_impl_2020120101.js Show response
securepubads.g.doubleclick.net/gpt/ 282 KB
100 KB 97ms
56ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

67f7f7a4b931bca20fac7c458969034200f3c64187b84782da9659f07ac5f247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 01 Dec 2020 09:38:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101724
x-xss-protection: 0
expires: Tue, 08 Dec 2020 00:59:48 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
13 KB 118ms
43ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

5fb46ad88af0181f8aa600691dadedc2d6dd1946603b69bc36385f68efdd01a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12174
x-xss-protection: 0
server: cafe
etag: 1959326039972715456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Dec 2020 00:59:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 598
date: Tue, 08 Dec 2020 00:49:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 08 Dec 2020 02:49:50 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 39 KB
13 KB 96ms
32ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ebfaad4ce40fab4412b1d7702b6022ef658b1027eed561696de9b2c3843340e3

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: S_7iMrJ88Q5B89hk9HUU7tUdDaP9NSc5
Content-Encoding: gzip
ETag: "413c1a6986aa69d19e499a6bb551e517"
x-amz-request-id: 2051B4332C158EDF
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12461
x-amz-id-2: taZzeRd8yiji4AMvRrYekI39Phoqn6zNsflMEYNcmf1zNUwQEncCYFQdoVLQBQfW3xbwbZOldds=
Last-Modified: Mon, 07 Dec 2020 22:49:17 GMT
Server: AmazonS3
Date: Tue, 08 Dec 2020 00:59:48 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 3830659.js Show response
js.hs-scripts.com/ 2 KB
931 B 27ms
12ms Script
application/javascript 2606:4700::6811:d3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/3830659.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJZ6HP
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e474cc3db6689cf00a1eebe69aa09adb550c6872b86cd07745886653ba1372

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 57
cf-polished: origSize=1725
cf-request-id: 06e175aa5e0000074233b70000000001
cf-bgj: minify
server: cloudflare
x-trace: 2BC8CC25CAE53165B44649A339511BDBD862C4CD30000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 5fe28bbd69970742-FRA
expires: Tue, 08 Dec 2020 01:00:48 GMT

GET
H2 200 H374CbiJXbyMaC6o2MeO Show response
ws.zoominfo.com/pixel/ 0
726 B 246ms
223ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/H374CbiJXbyMaC6o2MeO

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5fe28bbd6872c2f4-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
content-length: 0
cf-request-id: 06e175aa660000c2f454a4a000000001

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 89 KB
24 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23320
x-xss-protection: 0
pragma: public
x-fb-debug: FnpqgCcZ2jBu/AjwlNGPN8jOiyE26xOvO+7P2dr0MH03i6IZRKA8R7hY0TCfWaH9WUTUclivtsjhdW5NA94HOw==
x-fb-trip-id: 2074150462
x-frame-options: DENY
date: Tue, 08 Dec 2020 00:59:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 3830659.js Show response
js.hs-analytics.net/analytics/1607388900000/ 63 KB
19 KB 17ms
16ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1607388900000/3830659.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3830659.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ab092634138c04c4d400ffe26f4d1e7e332adbd7ce2b974288b0674850bc2b0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: br
cf-cache-status: HIT
age: 120
x-amz-server-side-encryption: AES256
x-amz-request-id: 7F90D8C936E3F278
x-amz-id-2: D16D4iQKo21Sv9CZODPwhDw3bXtywGXwK0zyADRXWkJW8Bb442E75+vDFlPdw5hcrJrbWbK+wvM=
last-modified: Mon, 07 Dec 2020 17:12:38 GMT
server: cloudflare
etag: W/"44e808ceba70a8e67afa883c1bf6dc20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-request-id: 06e175aa8d000005f9321f4000000001
cf-ray: 5fe28bbdabeb05f9-FRA
expires: Tue, 08 Dec 2020 01:02:48 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
2 KB 13ms
12ms Script
application/javascript 2606:4700::6811:73b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3830659.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:73b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edc0175ff1c883786302197c8f3795e4017ec2a82a6dda756b98e4c14a388da5

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
via: 1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 393
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.218/bundles/pixels-release.js&cfRay=5fe28220bccebf0f-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 06e175aa8d00002c019e839000000001
last-modified: Wed, 02 Dec 2020 05:20:17 UTC
server: cloudflare
etag: W/"6159aaab2b9ebbe66181371c0b06ec68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 2loL3K5wOlJ4UYDOHK3xdpXBRt2L9KwW
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 5fe28bbdad912c01-FRA
x-amz-cf-id: Q40XWNZuLBlAziBucpw5BTbnMbXyWln_ocTPLcC11zW37wyZM3opdA==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 79 KB
19 KB 18ms
17ms Script
application/javascript 2606:4700::6811:eecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3830659.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 659630c07a9005c1bb4e68bf15946ba4a0d5e8ede79aec22a98f202a55491ab2

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
via: 1.1 613faec4b883bfe2ebdd8a74d5006f4c.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 480
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.7966/bundles/project.js&cfRay=5fe280031993bed3-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 06e175aa8f0000c26d16af1000000001
last-modified: Mon, 07 Dec 2020 03:40:46 UTC
server: cloudflare
etag: W/"084f0064b523664ce082aebef736853e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: kCPoihtV0nKfLLh1Z8xOU8_A5Ba4lvrR
cache-control: max-age=600
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
cf-ray: 5fe28bbdbe0ec26d-FRA
x-amz-cf-id: v2Z-g1NnqS_axyDOXuH6klAWb85vWJFM1KBSLZVXAUvO6wNOlHnAlQ==

GET
H2 200 3830659.js Show response
js.hs-banner.com/ 51 KB
12 KB 18ms
18ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3830659.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3830659.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 493a176ec78fb0ac6b6a95d9a93d57cd4db4880151ec1017282f8fee3f6250c9

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=Smq16w==, md5=MOAVoix/DZ6XFVDsDiVRgA==
date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: br
cf-cache-status: HIT
age: 121
x-guploader-uploadid: ABg5-Uy7ZhscbhPzkPDe4ps3Dooy_THOAAEU8MGRsUOy2Sa3ifKKu5w83ID7hnsM08ISZV_wEcO3nDZenokmtUcm3CtBpZ55YA
x-goog-storage-class: STANDARD
access-control-max-age: 604800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript; charset=UTF-8
cf-request-id: 06e175aa8d0000dfeb9a2ae000000001
timing-allow-origin: *
last-modified: Mon, 30 Nov 2020 17:52:35 GMT
server: cloudflare
etag: W/"30e015a22c7f0d9e971550ec0e255180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation: 1606758755326219
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 52110
cf-ray: 5fe28bbdaddfdfeb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Tue, 08 Dec 2020 01:02:47 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
75 B 13ms
12ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=995474824&t=pageview&_s=1&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&ul=en-us&de=UTF-8&dt=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=631995660&gjid=1161489591&cid=1783970468.1607389189&tid=UA-67143636-4&_gid=356675776.1607389189&_r=1&gtm=2wgbu0PVJZ6HP&z=1208812561

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 00:59:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 239203017352524 Show response
connect.facebook.net/signals/config/ 238 KB
69 KB 66ms
64ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/239203017352524?v=2.9.29&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1767d947f015a6da6e6ed41e97ccc29f0dc1b527f6b2973c8dfde049ebf6c1cd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: fggn3MBE6UK1sFY8CYrdlNsB51MVmID0lTZYxT8tqP0rhejEfI9mnhOzACiNR7xRSHqNMeWmAKS7nvhR1dO74Q==
x-fb-trip-id: 2074150462
x-frame-options: DENY
date: Tue, 08 Dec 2020 00:59:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 213897403
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
96 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-67143636-4&cid=1783970468.1607389189&jid=631995660&gjid=1161489591&_gid=356675776.1607389189&_u=YEBAAAAAAAAAAC~&z=688603027

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 08 Dec 2020 00:59:48 GMT
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/2VITFUM7BRCEBEOMM6S7XQ/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

31ms
30ms

Script
application/javascript

2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: NRd5BJy3mTVGILCcmBdUI4KKHh2sq935
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: 7W9WAWDN1PDJ9K6T
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: NBvratIHE//44TPOypShMaCv/9QzRoRblXgrQhIlv+9B2ymzS7rKcZPf7Q+NJ4aV6oOIl9m1JcE=
Last-Modified: Wed, 02 Dec 2020 20:19:48 GMT
Server: AmazonS3
Date: Tue, 08 Dec 2020 00:59:48 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Tue, 08 Dec 2020 00:59:48 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/2VITFUM7BRCEBEOMM6S7XQ/UBR2M7RH2FGKBCKNOSQYCJ/ 1 KB
1 KB 90ms
31ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/2VITFUM7BRCEBEOMM6S7XQ/UBR2M7RH2FGKBCKNOSQYCJ/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 2MS1bymzHHmebZSbiB0EIzRIWQrWFYNz
Content-Encoding: gzip
ETag: "3996d65282dd996ee0d7d4c90c139158"
x-amz-request-id: 6Y0Y7PCX7S4V6HCR
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 635
x-amz-id-2: nYlOSGjlCovWT6RDsxo5ZlhPw4rK8xj3LGPX9IRIh7yoRx/oxzldFLJ91xOy9Tim6VW/Tz/ucko=
Last-Modified: Mon, 07 Dec 2020 22:01:40 GMT
Server: AmazonS3
Date: Tue, 08 Dec 2020 00:59:48 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/2VITFUM7BRCEBEOMM6S7XQ?_s=14e349ea2990d324bd7d939a1406496a&_b=2
https://d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/?_s=14e349ea2990d324bd7d939a1406496a&_b=2

385 B
477 B

59ms
58ms

Script
application/javascript

3.248.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/?_s=14e349ea2990d324bd7d939a1406496a&_b=2
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: d0dd69e16355fb08cac78feb1eae5ef80799c50b8ec402ed68ad131f57b6919b

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
server: nginx/1.18.0
content-length: 385
content-type: application/javascript

Redirect headers

location: https://d.adroll.com/consent/check/2VITFUM7BRCEBEOMM6S7XQ/?_s=14e349ea2990d324bd7d939a1406496a&_b=2
date: Tue, 08 Dec 2020 00:59:48 GMT
server: nginx/1.18.0
content-length: 105

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/948015301/ 2 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/948015301/?random=1607389188805&cv=9&fst=1607389188805&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&tiba=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22497d037fe31dbb15befdfafd04b8b9cd72016a4d41a70748df01e7d8f4eb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1088
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/948015301/ 42 B
154 B 21ms
20ms Image
image/gif 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/948015301/?random=1607389188805&cv=9&fst=1607385600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&frm=0&url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&tiba=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&async=1&fmt=3&is_vtc=1&random=3078855101&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 00:59:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/948015301/ 42 B
154 B 20ms
19ms Image
image/gif 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/948015301/?random=1607389188805&cv=9&fst=1607385600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&frm=0&url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&tiba=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&async=1&fmt=3&is_vtc=1&random=3078855101&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 00:59:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.at/adsid/ 109 B
803 B 47ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.at/adsid/integrator.js?domain=www.insurancebusinessmag.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 33ms
14ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.insurancebusinessmag.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 fancybox_sprite.png
www.insurancebusinessmag.com/images/ 1 KB
2 KB 410ms
410ms Image
image/png 2606:4700:3037::681f:5ebc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.insurancebusinessmag.com/images/fancybox_sprite.png

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:5ebc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.insurancebusinessmag.com/css/site.min.css?v=x16YcsDzSL7BBhsp4VOfE7_mPzaMbjNhkXFpk-R-Q3E
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:49 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 1362
cf-request-id: 06e175ab2200002bd64b929000000001
last-modified: Mon, 16 Dec 2019 08:12:09 GMT
server: cloudflare
etag: "1d5b3e88310d7d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sffBVPZaOdTgy4JwDMysRtQnSTNm7uWpAVWydRfoFu4lojckLSwEGuQWE6bro7nQtYXkiJ2J5xd4h%2FWjo%2BjrOvlwwOwfeCXtNj18v5aBFYiu5i%2Fn8BqYK6nVeAr0lUxeZkyBTS2FRnRN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5fe28bbe995b2bd6-FRA

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 86 KB
14 KB 131ms
131ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=390836299270168&correlator=4482222872348255&output=ldjh&impl=fifs&eid=21068602%2C21068772%2C21068926%2C21065139%2C21066289&vrg=2020120101&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201208&iu_parts=1042886%2Ciboca_news_cyber_640x480-prestitial%2Ciboca_news_cyber_na_fluid_top1%2Ciboca_news_cyber_728x90%2Ciboca_news_cyber_125x750%2Ciboca_news_cyber_na_fluid_top2%2Ciboca_news_cyber_980x240%2Ciboca_news_cyber_970x90%2Ciboca_news_cyber_1000x90%2Ciboca_news_cyber_300x600%2Ciboca_news_cyber_300x250%2Ciboca_news_cyber_140x600%2Ciboca_news_cyber_140x300%2Ciboca_news_cyber_na_fluid_inarticle%2Ciboca_news_cyber_450x20%2Ciboca_news_cyber_480x300&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F14%2C%2F0%2F14%2C%2F0%2F15&prev_iu_szs=640x480%2C320x50%2C728x90%2C125x750%2C125x750%2C320x50%2C980x240%2C970x90%2C1x1%2C300x600%2C300x600%2C300x250%2C300x250%2C140x600%2C140x600%2C140x300%2C320x50%2C450x20%2C450x20%2C450x20%2C480x300&fluid=0%2Cheight%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0&ists=4096&prev_scp=%7Cposition%3D1%7C%7Cposition%3D1%7Cposition%3D2%7Cposition%3D2%7C%7C%7C%7Cposition%3D1%7Cposition%3D2%7Cposition%3D1%7Cposition%3D2%7Cposition%3D1%7Cposition%3D2%7C%7C%7Cposition%3D1%7Cposition%3D2%7Cposition%3D3%7C&cookie_enabled=1&bc=31&abxe=1&lmt=1607389188&dt=1607389188872&dlt=1607389187986&idt=849&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933%2C310%2C560%2C165%2C1310%2C310%2C310%2C315%2C0%2C990%2C990%2C990%2C990%2C310%2C310%2C310%2C477%2C477%2C477%2C477%2C477&adys=-12245933%2C0%2C62%2C250%2C250%2C250%2C270%2C1110%2C3863%2C686%2C2882%2C2369%2C1316%2C846%2C1476%2C2106%2C1211%2C2249%2C2269%2C2289%2C2309&adks=651429024%2C1210845012%2C2906543053%2C3302653222%2C3302653223%2C3503503579%2C3699078662%2C2361731843%2C1858043374%2C2879338212%2C2879338214%2C4224825188%2C4224825197%2C4074281398%2C4074281401%2C359085056%2C2118243376%2C3183040304%2C3183040307%2C3183040306%2C1115278100&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&dssz=55&icsg=17316522496&mso=1073741824&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C1000x1%7C730x90%7C125x750%7C125x750%7C1000x20%7C980x240%7C1600x3863%7C1600x3863%7C313x600%7C313x600%7C313x250%7C313x250%7C146x600%7C146x600%7C146x300%7C479x884%7C479x445%7C479x445%7C479x445%7C479x445&msz=0x-1%7C980x0%7C730x90%7C125x750%7C125x750%7C980x0%7C980x240%7C970x-1%7C1600x1%7C300x600%7C300x600%7C300x250%7C300x250%7C146x600%7C146x600%7C146x300%7C479x0%7C479x20%7C479x20%7C479x20%7C479x300&ga_vid=1783970468.1607389189&ga_sid=1607389189&ga_hid=995474824&fws=644%2C0%2C0%2C0%2C0%2C0%2C0%2C512%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C479%2C479%2C479%2C479%2C479&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

66d3417ce1246ae1d7a1bbb108be892ac31b87e8789a3ab77c82b04f958a9e2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13961
x-xss-protection: 0
google-lineitem-id: 5522499108,-2,5523842285,-2,-2,-2,5523842285,-2,5523842285,5523842285,-2,5523842285,-2,5523842285,-2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138328442418,-2,138328415276,-2,-2,-2,138328444695,-2,138328415726,138328444692,-2,138328444698,-2,138328444683,-2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7f43a9b3597f6093158f9acd53df2006.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 47ms
13ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://7f43a9b3597f6093158f9acd53df2006.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 25ms
5ms Other
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 lounge.2a0be1cac62547aa91037395a06bf8b3.css
c.disquscdn.com/next/embed/styles/ 0
23 KB 29ms
12ms Other
text/css 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.2a0be1cac62547aa91037395a06bf8b3.css

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1564759
strict-transport-security: max-age=300; includeSubdomains
content-length: 22655
cf-request-id: 06e175ab5200001f15e2273000000001
timing-allow-origin: *
last-modified: Thu, 19 Nov 2020 22:06:27 GMT
server: cloudflare
etag: "5fb6ec63-587f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW3-C1
accept-ranges: bytes
cf-ray: 5fe28bbeec431f15-FRA
x-amz-cf-id: U-gG9OZ3kJS9xxB8lbcOsPcV746xOv-OfQeg4RfypFfyEf75cG_0Pw==
expires: Fri, 19 Nov 2021 22:20:27 GMT

GET
H2 200 common.bundle.2b6a730d7d5eff80032e6b2e3ff8cab6.js
c.disquscdn.com/next/embed/ 0
93 KB 40ms
24ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.2b6a730d7d5eff80032e6b2e3ff8cab6.js

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 609398
strict-transport-security: max-age=300; includeSubdomains
content-length: 94783
cf-request-id: 06e175ab5200001f1582916000000001
timing-allow-origin: *
last-modified: Mon, 30 Nov 2020 23:25:14 GMT
server: cloudflare
etag: "5fc57f5a-1723f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C3
accept-ranges: bytes
cf-ray: 5fe28bbeec441f15-FRA
x-amz-cf-id: qTlIsgJeiVKYLpKJk7-tZpsLzHRMZ2jhKj-dLst3ozr307jdRNXxtw==
expires: Tue, 30 Nov 2021 23:43:04 GMT

GET
H2 200 lounge.bundle.7ce8b2d11ecfa0aa9e0fdce994b52842.js
c.disquscdn.com/next/embed/ 0
114 KB 32ms
16ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.7ce8b2d11ecfa0aa9e0fdce994b52842.js

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1488562
strict-transport-security: max-age=300; includeSubdomains
content-length: 116379
cf-request-id: 06e175ab5200001f15b9a5f000000001
timing-allow-origin: *
last-modified: Fri, 20 Nov 2020 19:08:20 GMT
server: cloudflare
etag: "5fb81424-1c69b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C1
accept-ranges: bytes
cf-ray: 5fe28bbeec461f15-FRA
x-amz-cf-id: yaoISWtZa_Htm13y7eXpFluexrytRU8scoM6I0rwGiOxoIOb1BdMdg==
expires: Sat, 20 Nov 2021 19:30:24 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
10 KB 121ms
39ms Other
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Dec 2020 00:59:49 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 29
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 9280
X-XSS-Protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 44 B
377 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=239203017352524&ev=PageView&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&rl=&if=false&ts=1607389188956&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1607389188955.369624860&it=1607389188766&coo=false&rqm=GET

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 08 Dec 2020 00:59:48 GMT

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 397 KB
55 KB 45ms
44ms Script
application/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bf40c262b047615208bc2d84984e7854b8a2ec9801f1c6e99c0b79a9f32380b5

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 7sDcLvGKTPrh8xIq2f5DynXc_Mi9vQVX
Content-Encoding: gzip
ETag: "1f2c64002f8e1b6eb56c304c2e892afb"
x-amz-request-id: 9C0A466D5B644741
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Vary: Accept-Encoding
x-amz-id-2: RKvpIdckCIUfU1lGu4A9Vc4434+rKFeY6PhXnAc0s4O7wCj+IxmfMnCnJnqRhSwxJEODB4ztDYM=
Last-Modified: Mon, 07 Dec 2020 23:59:35 GMT
Server: AmazonS3
Date: Tue, 08 Dec 2020 00:59:49 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
153 B 14ms
13ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=390836299270168&r=728x90&w=728&h=90&a=0

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 00:59:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A5ED 0
0 61ms
59ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwylC9vE38DxG1VMghH551TfExv9qQ_CiEiGUvOEQBo0XfCEaNBOPqxtSEd3QN69RmaKf0iOocFh-f0aGi8C3kOeChEYB4LOzz7ysJYqKmSLWvgMZ4vOb74hKWUcqXeEe2baR3k2lGMiTcESCuU1rvu0fV6ZlwY8qUmwpNvxEjjIj2sh2pUnQjazLJPowTSxPtEpC_mOHQVDRjiA59hjsYn0s4Di1Wkh9K4S2BAi0OkRCO3mc7y87OkYjhI7b7QNgWEnS-rIlvPlBYqMxe0PjR5uMYz677P3M9mw2fGpKXmRHJsdHSY38C7sVdU5FyC7l574k9&sig=Cg0ArKJSzJR40AeqqcH4EAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 00:59:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame A5ED 3 KB
1 KB 58ms
44ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81657
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A5ED 76 KB
29 KB 80ms
16ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d1e8072bf1a85f5b172585ef5c7bab961c04f2cc270d4ed30706eb1aebe74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Tue, 08 Dec 2020 00:59:49 GMT

GET
H3-Q050 200 128802055032131217
tpc.googlesyndication.com/simgad/ Frame A5ED 43 KB
43 KB 63ms
49ms Image
image/jpeg 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/128802055032131217

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a4080d7b3a78d8829b8e436b103b9736e6757f007c06d51ada0f659cb50a6b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Dec 2020 21:13:25 GMT
x-content-type-options: nosniff
age: 99984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43800
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:28:40 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Dec 2021 21:13:25 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 44B4 0
0 57ms
56ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1T2thUZypU5YFZ1W8tDE3BhL24acZvNmEAO2PqZds_GS_EaXCn1M7wYOXngOG1MlaH3HvYlDO84c_GSLHC1xqg7HPyxiK6JI0Lu7w8pQiXF9-9dtSEhkVF-oygYMSqnDOBO7wuMmC0Ffdrq2LAP4J8OVSuuQhmTjJBaSXW_X_MEN2jaORgRUGbbpfvEyqcZtE9044RzySJYUfJFsGC6K27FqZ-EBgcaQRlJGPBzLsGVvPvTm7Mjbu-oqsYJ1nPvOIWXxXr0H1TQ41nBj6OVmrP_WYN2w6Mf1oyfIF&sig=Cg0ArKJSzHNlUGcYFnpOEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 00:59:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 44B4 3 KB
2 KB 54ms
44ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81657
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44B4 76 KB
29 KB 82ms
21ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d1e8072bf1a85f5b172585ef5c7bab961c04f2cc270d4ed30706eb1aebe74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Tue, 08 Dec 2020 00:59:49 GMT

GET
H3-Q050 200 16087027898513391236
tpc.googlesyndication.com/simgad/ Frame 44B4 40 KB
40 KB 55ms
45ms Image
image/jpeg 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16087027898513391236

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1f250f58f47ca824a25a49ce8ee8747c3e48cf9564a23282677802f450928fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 08:01:52 GMT
x-content-type-options: nosniff
age: 61077
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40837
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:37:24 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 08:01:52 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 91E0 0
0 53ms
51ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwggp0FOTsX1wa6aPpWVTFAs3Vq9pmJRbv6NCyS3hB9CRTcNORfHxney-2bMeeC79aP0j3SQZz1HtpTfqwUgnrA_cDhzurPM4SWrTxmFXhhKD_Zn8kwd0FNt9AAt42229_3LNHbMnJ9FzWDD5BKUNpZjXqxeHQzId8Sgn-XUUdxJOL6NeJkP3nDGA92pjlsCJM5n3t4E0t5nToj3RVHEW4JPcUYA6814LbhBL4gVrJlquEEcwOJQszTYanWOZkzy7E4Iti8gz3nU_Rym2FqEv1NZH8fweFDNQhXemK_A&sig=Cg0ArKJSzH4Y2vyCUp9HEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 00:59:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 91E0 3 KB
1 KB 50ms
44ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81657
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 91E0 76 KB
29 KB 71ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d1e8072bf1a85f5b172585ef5c7bab961c04f2cc270d4ed30706eb1aebe74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Tue, 08 Dec 2020 00:59:49 GMT

GET
H3-Q050 200 12598932462570953785
tpc.googlesyndication.com/simgad/ Frame 91E0 46 KB
47 KB 51ms
46ms Image
image/jpeg 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12598932462570953785

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e28323571e70a213a2db9642215d45e8944ed17464c8bf89781bea05e554ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:25:49 GMT
x-content-type-options: nosniff
age: 38040
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47548
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 15:26:20 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 14:25:49 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1D44 0
0 90ms
43ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgr_86MT4C2KiKIpmRhbGTflYbG5XftRk_1zhZ3A1Xr_wjlltfPBDrFbOaJIkRYTmfZQ1uothh4Mv3OiZBPWNTMQnTlubwxc-0XtTwGN5u1nbpGjTdOl7to3m-Q3DBSyYBehqScJHX68dq_MnK0UWNvR5badEVUvCfWbDp-VHx9BN0EyKbIQd1s_CGe0okxG4TlwzLRwf0XW_JhhQkx_DT254oFgI_1GFqHUd2JZi0IYex8vhAsODL3as4-lnhTwBgNehmzx6Y3OTk1Awp-aanLIObgoXNtLm4Z09wmQ&sig=Cg0ArKJSzFbI3E-fEBFCEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 00:59:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame 1D44 3 KB
1 KB 48ms
6ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81657
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1D44 76 KB
29 KB 76ms
27ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d1e8072bf1a85f5b172585ef5c7bab961c04f2cc270d4ed30706eb1aebe74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Tue, 08 Dec 2020 00:59:49 GMT

GET
H3-Q050 200 14015424997989743780
tpc.googlesyndication.com/simgad/ Frame 1D44 43 KB
43 KB 55ms
7ms Image
image/jpeg 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14015424997989743780

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2090ef8782553088e8305f8703a2d3f5c39d07408f6a88eed8f40ee57aa5c5a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:25:49 GMT
x-content-type-options: nosniff
age: 38040
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44348
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:37:23 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 14:25:49 GMT

GET
H3-Q050

200

13810547153303696996
tpc.googlesyndication.com/simgad/ Frame 9AB2
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteAASOVgADbTL1dykW6Y9TQ6ZWbPD2DDuckjblYHEqXcBuaV_ANc26ft3iVJwHwOlpCao_e15t0LdbH1MSWwC1VjvL8ZGIhp-2SRRC3qHV123tDk7LRQImmiFHKXRYyCD8AQPjwos5I...
https://tpc.googlesyndication.com/simgad/13810547153303696996?

44 KB
44 KB

6ms
6ms

Image
image/jpeg

2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13810547153303696996?

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5abdfc235554b3c281964f41c083010fe2781025981997a547cc9024b69165f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:25:49 GMT
x-content-type-options: nosniff
age: 38040
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44712
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:39:34 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 14:25:49 GMT

Redirect headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 00:59:49 GMT
x-content-type-options: nosniff
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tpc.googlesyndication.com/simgad/13810547153303696996?
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 29ms
20ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e735e08c4da24b5efe03dc7d48842a415f91122e5b74e23d2e9e461d0ae73199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28447
x-xss-protection: 0
expires: Tue, 08 Dec 2020 00:59:49 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame F863 0
0 44ms
43ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstk0ND0y8nJ_W-llqR_4DDTDPbwFEWLCHjSt1-Kpf1xfEF23Djf_hqQd4ubHvhHZM5C6QbD0AvBvHXazRqD9YL0LxcY6AVbEbm5YAy6Gym-U3DN5Xf7w8BGMW_cmuGacFZi_vF1x8vtBVX84U-iMdQoGcIGWareF9Aq84gOR-CnIh5uDPf05280P46fhnzj9m8nMlVsl420EsblcwnEwobedcwVxnESGzi0H1pw7fzL9_4vbFqDVhZamxxcR-rpcU6QP07GwSA0JQeJQxFZb0RV1xYIHWtNc3fZfMHsyQ&sig=Cg0ArKJSzHBAW6dEWVEkEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 00:59:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame F863 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81657
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame F863 76 KB
29 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d1e8072bf1a85f5b172585ef5c7bab961c04f2cc270d4ed30706eb1aebe74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Tue, 08 Dec 2020 00:59:49 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame F863 0
0 35ms
20ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQWzwqwpVAbxWZySY7y-M0CT2PMRjHaS-re4Ml9xBobVbXvz-QSPmNnnYgwlN327TbOwMlectByeZZlhldJaQW-py_D8w
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 17709520277748985683
tpc.googlesyndication.com/simgad/ Frame F863 44 KB
44 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17709520277748985683

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aba2a0e5d978194c64c77dde2152baf5ff5ae0548ccae71aaf75b257558c76e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 14:07:16 GMT
x-content-type-options: nosniff
age: 471153
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45113
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:37:23 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Dec 2021 14:07:16 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B429 0
0 45ms
43ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssk8wn6mCi4NczbfJcGELABS1UVjOEgsz_UK77xdX6O2XQBbzA4S5SI_49rZKN3BHrAu0EaYbiUXnaek7yOKhGqZUNzkn7j0d3KwdJru44wAdvFQegq6naPTa4MyXZJCHKuEBYWap8eqXK_GTbCQOMxDYQfeklpvRSriLsxborMe536_xjzsYOtahcx5fwotJG_uS5BjP1KJd1VJjCZuLw9nqcUY4jG5INps6gkPA4uCNFqX1mOA_TQ83BwOn82SBj2DiysNAwDP0mMe6l_PhhP-i7542S8Lu16Uvka2A&sig=Cg0ArKJSzIRlBywV6pqBEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 00:59:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/ Frame B429 3 KB
1 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201203/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 02:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81657
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1494
x-xss-protection: 0
server: cafe
etag: 5335486849732140232
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 02:18:52 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B429 76 KB
29 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d1e8072bf1a85f5b172585ef5c7bab961c04f2cc270d4ed30706eb1aebe74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607100271701181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29426
x-xss-protection: 0
expires: Tue, 08 Dec 2020 00:59:49 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame B429 0
0 31ms
20ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTy0qf6uYJ0heVheSJU9GDD1WMPlDDoVAbtE-AL4mnAv4zxLtxGX42ez_akoqgbDhfDm7PzQ4i1vEpqRL6FfPPHZe12ow
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 8091804047278586021
tpc.googlesyndication.com/simgad/ Frame B429 46 KB
46 KB 9ms
6ms Image
image/jpeg 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8091804047278586021

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04c25fc9b0c5683c0b64091f6dfeb1579d1cc1b447ecb72edc9f433a48ee4f37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:08:42 GMT
x-content-type-options: nosniff
age: 39067
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46899
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 14:37:22 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Dec 2021 14:08:42 GMT

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame 786D 0
0 201ms
201ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=insurance-business&t_i=241242&t_u=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&t_d=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&t_t=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&s_o=default

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Response headers

Connection: keep-alive
Content-Length: 2749
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Mon, 07 Dec 2020 09:40:45 GMT
ETag: W/"lounge:view:8304289896.1a712cca7a006174d37d2a69da1457bd.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Tue, 08 Dec 2020 00:59:49 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H/1.1 200
OK favicon-32x32.png
nextroll.com/ 2 KB
2 KB 374ms
126ms Image
image/png 52.21.175.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nextroll.com/favicon-32x32.png
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.175.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-175-83.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Dec 2020 00:59:49 GMT
Via: 1.1 vegur
Last-Modified: Mon, 30 Nov 2020 21:05:36 GMT
Server: Apache
Etag: "64f-5b5595f1ce800"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1615

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A5ED 0
22 B 44ms
44ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPTsc31xN6u6C1sKyrDVeZPY2DnJfd9c4Gw3ctvlTC1z14bnSWO8q2UwzVDl6a_9oIkTJVj5lPxyDWcCAc8OJxFoYR8VLI7-4_76iyw9fAvHPgEKwT0uWbvAQuFv2oOxk0D_aH1d1jWBj7KiH7wgSyj0GLZLQSm8QoJ-zIlNslo5AaNlQ_-8ly1b9ZWRZrFAWjU_O_hM_lgAqrHaJFJ4AetKU9HhHSOpakS51oSZm0OvCXsCtbTcwjVhkcK6dE5ydt4vFCqzn6HpwXRS1s50PqzAmWNGkNV98KTJJombZxyt0bwNqvcoh8&sig=Cg0ArKJSzJ8I5-2Fvxj7EAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 00:59:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A5ED 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15685846222ac12eb6e944ba766475813269c989001f62ffe6720dbbce90073e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 91E0 0
22 B 44ms
44ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_GEuyWKPi_tO8NWa5LBqXrpmdVljHr0DJx_hpWZ3FzDnDGnk37TO7frEoitw0Tz8WTpaJxJ3CEpEQ0xjgBxonI-eozCUMngVbhFtJHl7elX8kjPX2G4IcrGim6G0Um59b2aWp5xXe_5vjGEriswo0Td9-tX8MCX8EwT1Hk2ZaWTrwdLeOV1StQZlYUyiSTutajE8DdbfWpXuwqFk5m2o3ppgtU1VgPTUJEGHfank-tCG-Tqr7vvedzij_Ov3hK-lOwzZLq5l8wdyzGz3ZRjm0wVnzZNqE_4O505Wzja-M&sig=Cg0ArKJSzL0sODbHo3viEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 00:59:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 91E0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5e543628952d5e6e50e2520b55e8c2e0c6018467074b24e3af58500c3b93471

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 44B4 0
22 B 45ms
44ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXrWT3xvlYmHQOwBrZsjImwvuM1CXBVB4sZXhXd9ILJcaPPmUbbXDSHlYLetGD6_V31mvUG-mHjG-fP_9_lXu7Z3v6sHXw765qo9nLC0U5c0aIQMuBtJhhCpnkYDqEH6NrxARv72Q2qiasdgQnsuhjFQtLVNrxSx6Dfo4jd64lJu3bU_PCjN7uSSsaIJc3DewIH_CnDA2iUt6oiyYejt_3OepkruQdgBtd16b_KhizUDW3KACD8DmBphqwhQ1srCFOEQzFEfV5wtkfQHgs79MLxv4lBJSFtITVanRukpU&sig=Cg0ArKJSzGeITxkWMQkqEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 00:59:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 44B4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad73c7e27d72df42604ee88d30655c888b8968ee5289427b58381ecced4c16d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame F863 0
22 B 44ms
44ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6nR40nAAk7Haap8_fJUUqCL3AgsuMCVgCcI0SIczDPwKHvI991Lz5h4UrwBdtSG1qKbpKjWXcHMxEo_LyKy840OmJpEGEZqKhqouwHidO_CYXPQAX2NiMpLlzg-QxJSf0nM6le-xcN5owi6yu_FSlL8Tpra5v9F7JU6NWWAFRQeG3g3m2c8fnRELlabYIwFbd7xc9OudObzEXZoHkBOx3I7kFmhaLCAR_LryRj8x_aBBwO0s1QPQON7hXMiWaz8VR5DDQHi9lfK6Ygi6i4s6HVOQxxz87Xlv5ovtW2s62&sig=Cg0ArKJSzEZhkfozdOVfEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 00:59:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F863 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e0af65311b0cb2b5196f98e828ad9d909f43ee864a6f3a2489f406da2a2d00c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1D44 0
22 B 43ms
43ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMB5i0v_WK2whJOP7_Bqn7-aLu4p82d8azcALPUfn9RjuPgSz8qLRBSn6KH0oUsawzdhekpSiXqGfce1dvkcB3nb13w_g97jKOrAydfBpusViBEmkA7Fq_igf9sY7Cr0X7KOnLPb95JR1bQxCpTMohJV3-8hnoSV6SEs2IVKMDjqMm0j-xtEC1gQVOb-qdyUYZZAfm0JahEiuE7hF1ba45iu5bKh4iuhtzJbSfyUejs6kwlbXrRDom_RThN3-BzLbAqtw1oTktJtEKNvKOTJH7ciIGze2BRr02NeHuXzy7&sig=Cg0ArKJSzHKeX9vxc-dAEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 00:59:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1D44 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 838132b3a3a2cc6b507bdf8fbd460d8f368b6ed1f4a35146e7e3dc9e423dc29a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B429 0
22 B 43ms
43ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstX6FXS6UztjvAqaHWKo8KtEri1uCaMy1hh4vNBDkuQ9Eyl8pRQ2sS-V0QZm3Yetw_D86FGmajVa9dfH88o2Q_pTsH7Ob00tTZyH---f5yheijq6D_RDgwdXwf0xGzgu48JxDZqvpxsdbiA6iF0N-yf1pXeoMdeQ73gSi18qhdyXIPzgN1f38Jl9eb0uNq3PLxExt0GLu4DxBOTrKPS-gr8GctZ-pox54wZisMaHYCrPhV15juXngO_tJFOnSRBKM2A5qqMYJAMZTQjT-BUNDypMTqcbMe3Ca8tQ5ICfWJF&sig=Cg0ArKJSzF6frcyqj5yQEAE&adurl=

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 00:59:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B429 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae7c888e23f905c18d26a74522f8bbf602b49ba9fcc74b8e5d85694536146101

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9AB2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8d39cd38901aa0e20908a7c6f4f387a74551f677e9154302cd0cf5b486540c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 /
www.facebook.com/tr/ 0
115 B 6ms
5ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryDf4uQXs9mJFhg7iQ

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 08 Dec 2020 00:59:49 GMT
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 1BDE 337 B
402 B 15ms
15ms Stylesheet
text/css 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2931225
strict-transport-security: max-age=300; includeSubdomains
content-length: 244
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Tue, 22 Sep 2020 19:35:14 GMT
server: cloudflare
etag: "5f6a51f2-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 06e175ae4f00001f15a7835000000001
accept-ranges: bytes
cf-ray: 5fe28bc3aff51f15-FRA
expires: Fri, 24 Sep 2021 14:09:36 GMT

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 1D05 337 B
352 B 12ms
12ms Stylesheet
text/css 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: insurance-business.disqus.com
URL: https://insurance-business.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 00:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2931225
strict-transport-security: max-age=300; includeSubdomains
content-length: 244
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Tue, 22 Sep 2020 19:35:14 GMT
server: cloudflare
etag: "5f6a51f2-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 06e175ae5100001f156a362000000001
accept-ranges: bytes
cf-ray: 5fe28bc3bffa1f15-FRA
expires: Fri, 24 Sep 2021 14:09:36 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A5ED 42 B
66 B 44ms
29ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMbAhU6hP5w4tWH9Rb1YeGTlvgTYLPWkbEfI-aTn4LVfPXpvH16N32idBCh9sT3rBbUVaEAUHn2x7AqpRkIQKnghRWVrHTH_eUPKfOz1Y&sig=Cg0ArKJSzBgZPtqgckqrEAE&adk=651429024&tt=-1&bs=1600%2C1200&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&p=319,480,799,1120&mcvt=1008&rs=0&ht=0&tfs=112&tls=1120&mc=1&lte=-1&bas=0&bac=0&met=mue&la=1&avms=nio&niot_obs=9&niot_cbk=71&md=2&btr=0&cpmav=0&lm=2&rst=1607389189076&dlt&rpt=196&isd=0&msd=0&xdi=0&ps=1600%2C3086&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-7-11-11-0-0-0&tvt=1114&is=640%2C480&iframe_loc=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=640x480&itpl=3&v=20201204

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 00:59:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 91E0 42 B
725 B 40ms
28ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3fCn61mqrYOSgQJEOaVfX3C2tDyY0qXQU7w3GyCafvYhmEArXgUQNJD-4ia8uTP330ehWXFH9bN068xN9dxK26fLNTkPD4htisodhrqc&sig=Cg0ArKJSzC62S0OATCWoEAE&adk=3699078662&tt=-1&bs=1600%2C1200&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&p=251,310,491,1290&mcvt=1007&rs=0&ht=0&tfs=103&tls=1110&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=2&niot_cbk=58&md=2&btr=0&cpmav=0&lm=2&rst=1607389189079&dlt&rpt=196&isd=0&msd=0&xdi=0&ps=1600%2C3086&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1110&is=980%2C240&iframe_loc=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=980x240&itpl=3&v=20201204

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 00:59:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 44B4 42 B
66 B 24ms
24ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYrQjd1qzM3vYm-OJ75MNw8EY9BcZOOBuvkGLTVCpjX_oRahw3WCm1c6rb0bVwW17ICzbXTu38EsIjSKUU2WHabEFfePnGH9yuB3EEmTY&sig=Cg0ArKJSzJxWT_uNeB22EAE&adk=2906543053&tt=-1&bs=1600%2C1200&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&p=62,562,152,1290&mcvt=1015&rs=0&ht=0&tfs=103&tls=1118&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=2&niot_cbk=65&md=2&btr=0&cpmav=0&lm=2&rst=1607389189078&dlt&rpt=199&isd=0&msd=0&xdi=0&ps=1600%2C3086&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-3-11-11-0-0-0&tvt=1116&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=728x90&itpl=3&v=20201204

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 00:59:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1D44 42 B
66 B 19ms
19ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXQLpBBXibQXdLUzDkxTF8Z5QSqwdGc-AYgcXWlYKUkL_qvJQKV83aRxNzkiikLnnfyr29DrB4I7hX3OLyUCim9Jymured_9NG53ZM4xs&sig=Cg0ArKJSzBq-Lh5n35bLEAE&adk=2879338212&tt=-1&bs=1600%2C1200&mtos=0,1007,1007,1007,1007&tos=0,1007,0,0,0&p=667,990,1267,1290&mcvt=1007&rs=0&ht=0&tfs=103&tls=1110&mc=0.88&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=2&niot_cbk=53&md=2&btr=0&cpmav=0&lm=2&rst=1607389189079&dlt&rpt=201&isd=0&msd=0&xdi=0&ps=1600%2C3086&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1110&is=300%2C600&iframe_loc=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=300x600&itpl=3&v=20201204

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 00:59:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B429 42 B
66 B 16ms
16ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmwG3lK8wOcF0nss2yu1Brgt5ZWaEE93enDRAYIZU5rnn2lTlIVthyawuei0J7xNn4UgiMwG5K6F_aMMMP_oImSqOZMEZXfAxkZ7xTp1k&sig=Cg0ArKJSzMiNhzRoi0BAEAE&adk=4074281398&tt=-1&bs=1600%2C1200&mtos=0,0,1007,1007,1007&tos=0,0,1007,0,0&p=827,313,1427,453&mcvt=1007&rs=0&ht=0&tfs=103&tls=1110&mc=0.62&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=2&niot_cbk=50&md=2&btr=0&cpmav=0&lm=2&rst=1607389189132&dlt&rpt=150&isd=0&msd=0&xdi=0&ps=1600%2C3086&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1109&is=140%2C600&iframe_loc=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=140x600&itpl=3&v=20201204

Requested by

Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 00:59:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 120ms
118ms Other
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=3830659&conversations-embed=static-1.7966&mobile=false&messagesUtk=70a7197e3bc04a658f62541587fb8d0b&traceId=70a7197e3bc04a658f62541587fb8d0b

Protocol

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://www.insurancebusinessmag.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 08 Dec 2020 01:00:18 GMT
content-type: text/plain; charset=utf-8
content-length: 18
x-trace: 2BCEFCCEBC52BB24F403EEE4167A1957FEC47191DE000000000000000000
allow: HEAD,GET,OPTIONS
vary: Accept-Encoding
access-control-allow-credentials: false
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
cf-cache-status: DYNAMIC
cf-request-id: 06e1761e0d0000e007ee2f5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 5fe28c767eece007-FRA

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 96ms
33ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:00:18 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=12988
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 sj.js Show response
cdn.sajari.com/js/ 73 KB
23 KB 119ms
35ms Script
application/javascript 35.190.50.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sajari.com/js/sj.js
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.50.98 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.50.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 51bf04f93ff258317e05e4bc448028e8de62370c7b24f9e088b2ca328819a6c4

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 04:32:29 GMT
content-encoding: gzip
age: 73669
x-guploader-uploadid: ABg5-UyzEwP7zQd6G85zs3Jfkql7AbpQ3ofMLNcL8k3K0KCWJDi-qXsObkBTGTiy-5if0Oc1Tcr45aRqWzU9TlrJ6jOKOMtmzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 22520
last-modified: Fri, 09 Aug 2019 06:30:26 GMT
server: UploadServer
etag: "3fff0fe5f3afe436da542b563b190778"
x-goog-hash: crc32c=dbS54A==, md5=P/8P5fOv5DbaVCtWOxkHeA==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1565332226271049
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400,no-transform
x-goog-stored-content-length: 22520
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 08 Dec 2020 04:32:29 GMT

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 351 B
455 B 165ms
164ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef41330b2cf43a44c8cbb20ca38cd9752816a5f451e506727876eb4f6502105b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Response headers

date: Tue, 08 Dec 2020 01:00:18 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-length: 269
cf-request-id: 06e1761e870000e0074e2b6000000001
server: cloudflare
x-trace: 2BEB4D62F1FFEF050EB4556F9C4FF490AE677B5798000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.insurancebusinessmag.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 5fe28c773fabe007-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-57392d15fa194164/ 2 KB
762 B 271ms
203ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-57392d15fa194164/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0922d20b238ff408b56f2248052b9e6e347f2ad1b0812ef3c6baaf37d8c01900

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:00:18 GMT
content-encoding: gzip
etag: -1792729687--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=54, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 585

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 32ms
32ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Tue, 08 Dec 2020 01:00:18 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 /
re.sajari.com/ 48 B
48 B 194ms
164ms Image
image/gif 2a00:1450:4001:816::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://re.sajari.com/?company=keymedia&collection=insurancebusiness&cc.co=keymedia&cc.pr=insurancebusiness&p.ga=&p.id=1607389218439.278361&e.id=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&ec.ti=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company%20%7C%20Insurance%20Business&ec.de=Cyberattackers%20show%20proof%20that%20they%20made%20off%20with%20business%27s%20information&ec.ke=&canonical=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&bodyChecksum=e86c6832dea3f3fc78cbdb9e0afcd879&metaChecksum=9fa55bef232096ad927a2f87f0dc9f12&meta%5Bviewport%5D=width%3Ddevice-width%2C%20initial-scale%3D1&meta%5Bdescription%5D=Cyberattackers%20show%20proof%20that%20they%20made%20off%20with%20business%27s%20information&meta%5Bcustom%20meta%20field%5D=2020&meta%5Bauthor%5D=Lyle%20Adriano&meta%5Btwitter%3Acard%5D=summary_large_image&meta%5Btwitter%3Atitle%5D=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&meta%5Btwitter%3Adescription%5D=Cyberattackers%20show%20proof%20that%20they%20made%20off%20with%20business%27s%20information&meta%5Btwitter%3Aimage%5D=https%3A%2F%2Fcdn-res.keymedia.com%2Fcms%2Fimages%2Fus%2F023%2F0270_637429306728087852.jpg&meta%5Btwitter%3Asite%5D=%40InsuranceBizCA&meta%5Bog%3Aurl%5D=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&meta%5Bog%3Atype%5D=article&meta%5Bog%3Atitle%5D=Malicious%20actors%20publish%20data%20stolen%20from%20fuel%20company&meta%5Bog%3Adescription%5D=Cyberattackers%20show%20proof%20that%20they%20made%20off%20with%20business%27s%20information&meta%5Bog%3Aimage%5D=https%3A%2F%2Fcdn-res.keymedia.com%2Fcms%2Fimages%2Fus%2F023%2F0270_637429306728087852.jpg&meta%5Bpublished_year%5D=custom%20meta%20field
Requested by: Host: www.insurancebusinessmag.com
URL: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cloud-trace-context: 5a5d965546d4675c1e74c39990e761af
x-appengine-log-flush-count: 0
server: Google Frontend
date: Tue, 08 Dec 2020 01:00:18 GMT
content-length: 48
content-type: image/gif

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 134 B
706 B 123ms
110ms XHR
application/json 2606:4700::6811:cacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=3830659

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cacc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d00825a3a6529de4a66e320a183efdd57c6416bebfca673250a99c88240309e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:00:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 06e1761fc00000073e4d9f4000000001
server: cloudflare
x-trace: 2BFF379E1F8B1FDBFA1DA29010545849C37426CFF5000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-credentials: false
cf-ray: 5fe28c793837073e-FRA
access-control-allow-headers: *

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
257 B 32ms
31ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=3830659&rcu=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&pu=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&t=Malicious+actors+publish+data+stolen+from+fuel+company+%7C+Insurance+Business&cts=1607389218743&vi=f6523234ef0466b503452134a0c44f33&nc=true&u=226989634.f6523234ef0466b503452134a0c44f33.1607389218739.1607389218739.1607389218739.1&b=226989634.1.1607389218740

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5fe28c7938559ab0-FRA
date: Tue, 08 Dec 2020 01:00:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
content-length: 45
cf-request-id: 06e1761fbf00009ab0c1bba000000001
x-robots-tag: none

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 36ms
17ms XHR
application/json 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2acf1c685341fe42ee1b642c34214c1afb4661d4dd109eeb2e02d0640c14b86f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Dec 2020 01:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6471
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120101.js?21068926

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Tue, 08 Dec 2020 01:00:18 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 6884 0
0 26ms
13ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Mon, 07 Dec 2020 22:43:44 GMT
expires: Tue, 07 Dec 2021 22:43:44 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8194
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 661917934558964 Show response
connect.facebook.net/signals/config/ 239 KB
69 KB 69ms
68ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/661917934558964?v=2.9.29&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

424bd8c15b75522b392c071dd64f49ee0b025f06a58e7394c33851c0394e4b91

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: vNTpyTWtffrCwn+8Aii0+s5QmPkIPu+CDI16IXrSDuFFHsXPM/HsSBnE0975vAk/qKmuMvmzJqIk014RkaOO0Q==
x-fb-trip-id: 2074150462
x-frame-options: DENY
date: Tue, 08 Dec 2020 01:00:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1473320740
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 228002331440464 Show response
connect.facebook.net/signals/config/ 238 KB
69 KB 111ms
111ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/228002331440464?v=2.9.29&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

11bb7fc6bb8d10548a57b1b949670d71a54ddf14b626a260c1bc757bd4b20eec

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: xLH8awOprlGyStwHFUPTsPdWpNBVbYx6DQPyUrMcD9sP9k+bYmG8Ei4r0vBEciUP/2BoOX0kL0SLiVSTaEIn9w==
x-fb-trip-id: 2074150462
x-frame-options: DENY
date: Tue, 08 Dec 2020 01:00:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 485817644
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
48 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020120101&jk=390836299270168&bg=!HxylHDzNAAXKjztBylgpTiFeMjO8DQIAAABLUgAAAAxoAQcKAMXOPppeQ0o3e1VbcQrgLEqvzqqnBF7GAbQ2tf5LMbJ5OOoxHKp-wrTM3uhhYN9swqL-0ZoIGZT6SHfQGs8h2M6ueu4rv_sKUu-MelAgK0lLqBdsSJWgRPeHzg-QLowSOQQWHpLBYFluc-MDOC3SF5kmdV8fSrWXBUr4XM-5aFhsXyYlqr5gt4-CJzfdlvLp8-41on1bSWmzmhS4nvE2nMpKqQzTx3izD6vLrN42AQJTiN7QVfbTrwgddsaTaVOeEXL1JDa6L5kBxe3uKWkMNtXiGQ3i5uogcfJgtN_JIc-_FqwKgMc6__1xz-u6QFmoT9LMo3uoYN8Qi_ZzgFG1Jvu44c2o3SAQCIBe_CbjcpXkuMvwyhFzmP1JoDklgMjDQxlCGfGf9Ihw5IytbeIlOUmggN92K-EcnaxL2QcVfs6fRf7VqkhfzWq2QEeGCBChDC6_iYAve1Smq8UbKUAA6WUZvc0HPVESmy0VJC4whSEVPuaVn9brLCnFNksRdE4_62GFAuI_fRaMO0j10JRWeaemToQuS6ubxrLG49mXlDJ9skI_QcN7iLXLuewCXKQmXBojIJ9SUW1M6pPYEGbRjhnqqdMI3JgQss91kxZK9-N5vSnCKOBJSCTAQVWh9VryfAYf0S2H4-NB3D2-po0lWF8D4N5aNif7PB2E3KeSLHzQ8O90gvB4sv7i6KApzv6TXS5NkYKElKN3RlKc9UkXEV-C7k2n3DvNPzWJVM3jHnOpN5Czrg9rMtCZjpP731PNEsJvOwSrTPWjHNIDbckhcHMnBFYtBHYYINhYrcVMtSeS8ckZITpTWDU8Q31z71gSdLhpegysJ1dzH3PGr0j7q2c5mLL6kZ752SxeyHO_RQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Dec 2020 01:00:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=661917934558964&ev=PageView&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&rl=&if=false&ts=1607389219122&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1607389219121.273797747&it=1607389188766&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:00:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 08 Dec 2020 01:00:19 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
211 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=228002331440464&ev=PageView&dl=https%3A%2F%2Fwww.insurancebusinessmag.com%2Fca%2Fnews%2Fcyber%2Fmalicious-actors-publish-data-stolen-from-fuel-company-241242.aspx&rl=&if=false&ts=1607389219123&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1607389219121.273797747&it=1607389188766&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 01:00:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 08 Dec 2020 01:00:19 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
30 B 6ms
5ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryJ4W3FdOcZtHF7UwD

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 08 Dec 2020 01:00:19 GMT
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

POST
H2 200 /
www.facebook.com/tr/ 0
30 B 6ms
5ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.insurancebusinessmag.com/ca/news/cyber/malicious-actors-publish-data-stolen-from-fuel-company-241242.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryyqIN4qB7ojvERzgB

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 08 Dec 2020 01:00:19 GMT
content-type: text/plain
access-control-allow-origin: https://www.insurancebusinessmag.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.insurancebusinessmag.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
www.insurancebusinessmag.com/	1970-01-20 00:00:03	Name: __atuvc Value: 1%7C50
.insurancebusinessmag.com/	1970-01-19 23:51:25	Name: __hstc Value: 226989634.f6523234ef0466b503452134a0c44f33.1607389218739.1607389218739.1607389218739.1
.insurancebusinessmag.com/	1970-01-19 14:29:51	Name: __hssc Value: 226989634.1.1607389218740
www.insurancebusinessmag.com/	1970-01-19 14:29:51	Name: __atuvs Value: 5fced022f9f7d09d000
.insurancebusinessmag.com/	1970-01-19 23:51:25	Name: hubspotutk Value: f6523234ef0466b503452134a0c44f33
.insurancebusinessmag.com/	1969-12-31 23:59:59	Name: sjSE Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7f43a9b3597f6093158f9acd53df2006.safeframe.googlesyndication.com
adservice.google.at
adservice.google.com
api.hubapi.com
api.hubspot.com
c.disquscdn.com
cdn-res.keymedia.com
cdn.sajari.com
cdn.sajari.net
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
disqus.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insurance-business.disqus.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.usemessages.com
maxcdn.bootstrapcdn.com
nextroll.com
pagead2.googlesyndication.com
re.sajari.com
s.adroll.com
s7.addthis.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.hubspot.com
use.fontawesome.com
v1.addthisedge.com
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.insurancebusinessmag.com
z.moatads.com
maxcdn.bootstrapcdn.com
104.75.88.112
151.101.0.134
151.101.112.134
172.217.18.98
2.18.233.40
2.18.235.40
2001:4de0:ac19::1:b:2a
216.58.206.2
23.111.9.35
2606:4700:3037::681f:5ebc
2606:4700::6810:125e
2606:4700::6810:a852
2606:4700::6811:45b0
2606:4700::6811:73b0
2606:4700::6811:cacc
2606:4700::6811:d3cc
2606:4700::6811:eecc
2606:4700::6812:15bf
2606:4700::6812:a913
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:800::2002
2a00:1450:4001:806::2008
2a00:1450:4001:809::2001
2a00:1450:4001:815::2003
2a00:1450:4001:816::2013
2a00:1450:4001:81a::2004
2a00:1450:4001:81e::2001
2a00:1450:4001:820::2003
2a00:1450:4001:820::200a
2a00:1450:4001:824::200e
2a00:1450:4001:825::2002
2a00:1450:400c:c09::9b
2a02:26f0:1700:d::1737:6e8f
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.248.28.111
35.190.50.98
52.21.175.83
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04c25fc9b0c5683c0b64091f6dfeb1579d1cc1b447ecb72edc9f433a48ee4f37
04cdfaeaa1468ca5e86756f9f137d60c66db6991faa4e549827117eb0e2f33c1
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
083be3c59862e11bbcda4128a12a7d9934f461ac881ed75af92b1c1b3615c576
0922d20b238ff408b56f2248052b9e6e347f2ad1b0812ef3c6baaf37d8c01900
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11bb7fc6bb8d10548a57b1b949670d71a54ddf14b626a260c1bc757bd4b20eec
15685846222ac12eb6e944ba766475813269c989001f62ffe6720dbbce90073e
1767d947f015a6da6e6ed41e97ccc29f0dc1b527f6b2973c8dfde049ebf6c1cd
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
1ab092634138c04c4d400ffe26f4d1e7e332adbd7ce2b974288b0674850bc2b0
1d00825a3a6529de4a66e320a183efdd57c6416bebfca673250a99c88240309e
2090ef8782553088e8305f8703a2d3f5c39d07408f6a88eed8f40ee57aa5c5a6
21f61c21dbb69eb2297c1f858d6990217ee2237605c0e126ca93fbd7966b1276
22497d037fe31dbb15befdfafd04b8b9cd72016a4d41a70748df01e7d8f4eb1c
24d1e8072bf1a85f5b172585ef5c7bab961c04f2cc270d4ed30706eb1aebe74f
25aa839bb8c9e29422bf3aa8925e2d13d7b985b1bce61296f8d5780efcb3b142
2a505944a6468ec6d93a0c2ca258c3e4f7a633c9a07ff2a1db859ffe1306f4d1
2acf1c685341fe42ee1b642c34214c1afb4661d4dd109eeb2e02d0640c14b86f
315471cb3e63c008279774f2cf4f79d9025bbe22030e51965e26668aba419dbf
40ca8539ffd12e7edf95bfff0b850217cff57001d266cd4613b23c5c7b0f0b82
424bd8c15b75522b392c071dd64f49ee0b025f06a58e7394c33851c0394e4b91
493a176ec78fb0ac6b6a95d9a93d57cd4db4880151ec1017282f8fee3f6250c9
4e28323571e70a213a2db9642215d45e8944ed17464c8bf89781bea05e554ef5
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
51bf04f93ff258317e05e4bc448028e8de62370c7b24f9e088b2ca328819a6c4
52c81653f6f0d0e52dbfea77beabc12fef7ac4c6cc7a73c927bbd095e87c1b62
55245b72bbdeeba40fdbd930227228c562438e21179d4705354888052f116b77
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
585c89af42e974f872d38688837b31f2497428ee5d6995a700d64b1151e11a69
5abdfc235554b3c281964f41c083010fe2781025981997a547cc9024b69165f8
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5fb46ad88af0181f8aa600691dadedc2d6dd1946603b69bc36385f68efdd01a3
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
659630c07a9005c1bb4e68bf15946ba4a0d5e8ede79aec22a98f202a55491ab2
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
66d3417ce1246ae1d7a1bbb108be892ac31b87e8789a3ab77c82b04f958a9e2b
67f7f7a4b931bca20fac7c458969034200f3c64187b84782da9659f07ac5f247
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc0a05652496b6a471fa3725920d16f5c60abdee6d0324209f4261441977295
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
7a4080d7b3a78d8829b8e436b103b9736e6757f007c06d51ada0f659cb50a6b1
7e0af65311b0cb2b5196f98e828ad9d909f43ee864a6f3a2489f406da2a2d00c
83540a1b1aaca7ec79264b8dfc98c797dea37b6c33b604b95a8e21e1cee09bd3
838132b3a3a2cc6b507bdf8fbd460d8f368b6ed1f4a35146e7e3dc9e423dc29a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
933836f676a7ec03257cbcb36a9929fb1c9f9f98da972d8caa3ceac8c555560b
aba2a0e5d978194c64c77dde2152baf5ff5ae0548ccae71aaf75b257558c76e9
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad73c7e27d72df42604ee88d30655c888b8968ee5289427b58381ecced4c16d7
ae7c888e23f905c18d26a74522f8bbf602b49ba9fcc74b8e5d85694536146101
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b1f250f58f47ca824a25a49ce8ee8747c3e48cf9564a23282677802f450928fd
b8e474cc3db6689cf00a1eebe69aa09adb550c6872b86cd07745886653ba1372
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f
bb00b534b05542cbc3b51f1324df4291145e3d79f28e4552ab862effe59a97d1
bb20e7c2fc5f8cfd74c43906c776a31f04c93fc00d11d921dfb923bcfaab0c23
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bed0322f5d7ae2d256db706cb681ab757c8e5ef051e3b9f53e82ad953d0211d1
bf40c262b047615208bc2d84984e7854b8a2ec9801f1c6e99c0b79a9f32380b5
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c5e543628952d5e6e50e2520b55e8c2e0c6018467074b24e3af58500c3b93471
cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d
cdd2dbc8847ae720b1c56daab4f2a04859e919d602af61e08119e51ddad1f68b
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
d0dd69e16355fb08cac78feb1eae5ef80799c50b8ec402ed68ad131f57b6919b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded0cec5a92fcdcd902c570635ae0933ea83e3e372e2ca283eaf573c9e5cab21
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e616bb99a3cf0261a8e8bbf713bdaad17473afabbc032f5f351c85575596320b
e735e08c4da24b5efe03dc7d48842a415f91122e5b74e23d2e9e461d0ae73199
ebfaad4ce40fab4412b1d7702b6022ef658b1027eed561696de9b2c3843340e3
edc0175ff1c883786302197c8f3795e4017ec2a82a6dda756b98e4c14a388da5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef41330b2cf43a44c8cbb20ca38cd9752816a5f451e506727876eb4f6502105b
f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f8d39cd38901aa0e20908a7c6f4f387a74551f677e9154302cd0cf5b486540c7
f8f96b0cc81405b2a95c412dbf43aebae111f11e98ad743b8fff74b2d5c793a2

www.insurancebusinessmag.com Open in urlscan Pro 2606:4700:3037::681f:5ebc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

129 Requests

99 %HTTPS

72 %IPv6

37 Domains

46 Subdomains

40 IPs

6 Countries

2440 kBTransfer

5606 kBSize

7 Cookies

11 Outgoing links

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.insurancebusinessmag.com Open in urlscan Pro
2606:4700:3037::681f:5ebc Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

99 %
HTTPS

72 %
IPv6

37
Domains

46
Subdomains

40
IPs

6
Countries

2440 kB
Transfer

5606 kB
Size

7
Cookies

129 HTTP transactions
7 data transactions